0

I have the following scapy scipt

a=IP(dst="192.168.10.71")/TCP(sport=13998, dport=14010, flags="S", window=1400)
sr1(a)
a=IP(dst="192.168.10.71")/TCP(sport=13998, dport=14010, flags="A", window=1400)
sr1(a)

The first packet is sent to the destination tcp server enter image description here

Then I received an SYN+ACK from the TCP server: enter image description here

Then look that the TCP stack of my system send an RST TCP packet, befor that my script send the second TCP packet (ACK) as indicated in the above script

enter image description here

How to avoid the TCP stack of my sytem to send the RST TCP packet after receiving the SYN+ACK from the server? and send instead of it my second TCP packet as indicated in the script?

By the way my TCP server is:

<?php
$socket = stream_socket_server("tcp://0.0.0.0:14010", $errno, $errstr);
if (!$socket) {
  echo "$errstr ($errno)<br />\n";
} else {
  echo "SERVER TCP (port 14010) started!";
  while ($conn = stream_socket_accept($socket)) {
    fwrite($conn, 'The local time is ' . date('n/j/Y g:i a') . "\n");
    fclose($conn);
  }
  fclose($socket);
}
?>
Improve this question
1
  • I assume 192.168.10.71 is server and the client is 192.168.2.68. I think something is wrong with the server. The ACK sent from the server would normally not be zero. Because it should normally be Client initial sequence number + 1. In this case the ACK sent from the server should have the value 1. Also I suppose as the server sent an invalid ACK, the client will send a RST instead of the ACK, because client is not sure if this is the server to whom it sent the SYN in first packet.
    – ρss
    Commented Apr 15, 2015 at 15:20

1 Answer 1

Reset to default
1

The answer to the question is in the following topic:

should add this ip table command

iptables -A OUTPUT -p tcp --tcp-flags RST RST -s 192.168.2.68 -j DROP
Improve this answer

Not the answer you're looking for? Browse other questions tagged or ask your own question.