If you receive a RST packet while doing an ACK scan, it indicates that the port is open.(True/False).
A. True
B. False
Explanation: When and ACK is sent to an open port,a RST is returned.
4 Comments on “If you receive a RST packet while doing an ACK scan, it indicates that the port is open?”
Cosmosays:
False.
You’ll get RST from an open port, and the same from a closed port.
ACK scan will never discover an open port. This scan is used for mapping firewall (If ICMP type 3 code 1,2,3,9,10 or 13 is returned => the ports will be marked as filtered on firewall)
Cosmosays:
Of course, it there is no answer on TCP ACK probe => port is filtered on firewall too.
Q says:
The correct answer is B. False.
According to the Nmap Reference Guide:
When scanning systems compliant with this RFC text, any packet not containing SYN, RST, or ACK bits will result in a returned RST if the port is closed and no response at all if the port is open. http://nmap.org/book/man-port-scanning-techniques.html
DM73says:
The ACK scan is a techinque used to probe the existence of a firewall, so the RST response means that the specific port is not filtered
False.
You’ll get RST from an open port, and the same from a closed port.
ACK scan will never discover an open port. This scan is used for mapping firewall (If ICMP type 3 code 1,2,3,9,10 or 13 is returned => the ports will be marked as filtered on firewall)
Of course, it there is no answer on TCP ACK probe => port is filtered on firewall too.
The correct answer is B. False.
According to the Nmap Reference Guide:
When scanning systems compliant with this RFC text, any packet not containing SYN, RST, or ACK bits will result in a returned RST if the port is closed and no response at all if the port is open.
http://nmap.org/book/man-port-scanning-techniques.html
The ACK scan is a techinque used to probe the existence of a firewall, so the RST response means that the specific port is not filtered