TCP vs UDP. Sending data on a closed port

tcp udp packet
13,522

According to the RFC 793 Reset Generation rules:

As a general rule, reset (RST) must be sent whenever a segment arrives
which apparently is not intended for the current connection.  A reset
must not be sent if it is not clear that this is the case.

There are three groups of states:

 1.  If the connection does not exist (CLOSED) then a reset is sent
 in response to any incoming segment except another reset.  In
 particular, SYNs addressed to a non-existent connection are rejected
 by this means.

Since the port is closed (not listening or communicating) there is no connections and because of that TCP is supposed to reply with a RST package.

RFC 768 for UDP does not specify any action on a closed port but the ICMP RFC 792 specifies a message Type 3 Code 3, Destination Unreachable: Destination port unreachable that may be sent.

However, ports only actually do this if they are unfiltered. Filtered connections do not reply at all and simply drop the packet. Filtering is usually done by any firewall worthy of the name since it makes attackers jobs harder by providing less information.

Share:
13,522

Related videos on Youtube

ebyrock
Author by

ebyrock

Updated on September 18, 2022

Comments

  • ebyrock
    ebyrock over 1 year

    I try to understand differences between TCP and UDP packet on the error-checking. I know that UDP packets are connectionless and doesn't care that the packet will arrive the destination safely. And TCP packet is the opposite of UDP.

    My question is, if a packet send into a closed port of a remote host, what action will take place on UDP and TCP packets?

    UDP packet - response with an ICMP (Code-3)? TCP packet - response with a RST packet?

  • barlop
    barlop almost 10 years
    i'm not sure whether it makes an attackers job harder. Gibson aka 'mr stealth' got a lot of flack for calling that 'stealth' as if it was more secure(and spread FUD re closed portd). if somebody tried to attack a host that didn't exist I think they might get a response that it doesn't exist so if a packet leaves and no response is given that indicates that something is there. according to what i read once anyway. There is a lot of criticism of gibson but it tends to get removed any time it's written here. eg chat.stackexchange.com/transcript/14589/2014/5/18/23-24
  • Anders J
    Anders J almost 10 years
    @barlop I stumbled on the Gibson page of Attrition.org yesterday. Some of the things there was really damaging to my opinion of him. I removed the line where I refered to Shield's Up. Anyways, most routers follow the ICMP RFC and send a Host Unreachable message if the host doesn't exist. An attacker still wouldn't know exactly where the packet got filtered / dropped. All he'd know is that the host exists.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Create UDP to TCP bridge with socat/netcat to relay control commands for vlc media-player
Does TCP send a SYN/ACK on every packet or only on the first connection?
how to forward udp packets over tcp (udptunnel)
How to create a custom packet in c?
Node.js UDP client to handle a response from a udp server
Convert UDP to TCP - Ngrok TCP => UDP
Sending string/data via php to device connected to my server
Receive UDP packet datagrams in PHP
Proper way to calculate Link Throughput
Confusion over how UDP server sends the response back to UDP client