Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

FWSM Response to ACK Sweep

i am tring to understand the behaviour of an fwsm to an ack sweep. with nmap this can be done with the -sA flag.

if i do an ack sweep to a host behind the fwsm i see a tcp reset repsonse. The host i am trying to target with the scan is not plugged into the network.

if host A scans Host B, the response comes back looking like it came from Host B to Host A. However since Host B is not up i doubt it came from him.

Does the fwsm fake this type of reset reponse for the host?

i have seen this behavious in the 2.X train of fwsm code.

thanks,

chris poetzel

197
Views
0
Helpful
0
Replies
CreatePlease to create content