lwip-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [lwip-users] TCP SYN to UDP port

From: Simon Goldschmidt
Subject: Re: [lwip-users] TCP SYN to UDP port
Date: Mon, 18 Apr 2016 09:44:48 +0200 
Esa Hill wrote:
> When nmap scan is executed against our device (LwIP 1.4.1), it responds with 
> RST for SYN even
> when the socket/port is listening only UDP “connections”.
> 
> Is this correct behavior (does some RFC say something about this?) or should 
> it just drop silently
> the SYN packet as it does for unused ports?
> This came up in one certification process (they see it as a problem).

Yes, this is correct behaviour. Any correct packet that does not match a pcb 
should be answered with RST (unless it is a RST itself).
Not sending a RST in response is often done by devices to "hide" their 
presence, but I'm not sure this is really safer to do...
Also I can't tell you right now if there is an lwIP setting to do so, but I 
think not.
 
> Nmap results:
> 49998/tcp filtered unknown
> 49999/tcp filtered unknown
> 50000/tcp closed ibm-db2
> 50001/tcp filtered unknown
> 50002/tcp filtered iiimsf

That's strange. You should see a RST on all ports. Unless you have a resource 
problem.
As Sergio already said there is absolutely no interconnection between UDP and 
TCP.

Simon
reply via email to
[Prev in Thread] Current Thread [Next in Thread]