Tcp half open is the state where the client sends SYN to server and server replies with a SYN ACK but the client never send ACK to the server. This will keep TCP session open. The server will keep resending SYN ACK until timeout expires.
This is mainly used for port scanning purposes, just to check ports open on server side. SYN packet will contain the port number of server which it wants to scan. Client will keep retrying with different port numbers until it receives SYN ACK from server. The firewall can be used to block such client to avoid port scan attack.
This is mainly used for port scanning purposes, just to check ports open on server side. SYN packet will contain the port number of server which it wants to scan. Client will keep retrying with different port numbers until it receives SYN ACK from server. The firewall can be used to block such client to avoid port scan attack.
Very nicely explained
ReplyDeleteThanks!!
Delete