When TCP packet is sent to an open port with the SYN flag set, what response would be expected from the open port?
- a packet with the SYN and ACK flags set
- a packet with an RST flag
- no response
- a packet with the ACK flag set
Explanation: When the port is open, the receiver will send back a packet with the SYN and ACK flags set.
Transmission Control Protocol (TCP) is a session-oriented or connection-based protocol. It uses a three-way handshake to ensure that every packet sent is successfully received and acknowledged by the destination. The handshake is performed at the start of each session by TCP, and contains a set of three segments (TCP “packets”).
– The sender sends the first segment to the receiver with the Synchronization (SYN) flag enabled.
– Step two: The receiver sends the second segment back to the sender with both the Acknowledgement flag (ACK) and the Synchronization (SYN) flag enabled.
– Step three: The sender sends the third segment back to the receiver with just the Acknowledgement (ACK) flag enabled (in response to the server’s Synchronization request).
A packet with the RST flag would be received if the port were closed. An open port responds with a SYN/ACK segment, while a closed port responds with a RST (reset) flagged segment.
A packet with the ACK flag set would only follow a packet with the SYN and ACK flags set. The first step is to send a SYN packet. When the port is open, the receiver will send back a packet the YSN and ACK flags set.
No response would occur only if the port were blocked on the firewall. Firewalls do not send diagnostic or error messages when blocking a transmission.
Objective: Network Concepts
Sub-Objective: Describe the operation of the following: IP, TCP, UDP, ICMP