0

I have been using scapy, integrated within python, lately and ran into an error; A normal SYN packet would provoke the router to send a SA packet on port 80, which it does: 

p = sr(IP(dst="192.168.2.254")/TCP(dport=80, flags="S"))
ans, unans = _
ans.summary()

IP / TCP 192.168.2.24:ftp_data > 192.168.2.254:www S ==> IP / TCP 192.168.2.254:www > 192.168.2.24:ftp_data SA

However, when I send a SYN/ACK packet to the router on port 80, it wont send me a RST packet, while my Wifi Extender does:

IP / TCP 192.168.2.24:ftp_data > 192.168.2.1(WIFI EXTENDER):www SA ==> IP / TCP 192.168.2.1:www > 192.168.2.24:ftp_data R

Any explanation for this behavior?

Thanks in advance

Improve this question

1 Answer 1

Reset to default
2

You are interacting with two different TCP stacks or with different configs at least. The router simply discards the invalid SYN/ACK segment without reporting back an error.

This is fairly common practice: responding with a RST aids debugging but silently dropping invalid traffic is possibly more secure.

Improve this answer
1
  • Thanks that's a plausible, if not correct, explanation!
    – LetsCode
    Commented Dec 23, 2014 at 14:18

Not the answer you're looking for? Browse other questions tagged or ask your own question.