• caglararli@hotmail.com
  • 05386281520

Block inbound TCP segments with ACK=0 vs Block inbound TCP segments with SYN=1, how are they same?

Çağlar Arlı      -    47 Views

Block inbound TCP segments with ACK=0 vs Block inbound TCP segments with SYN=1, how are they same?

  • Blocking inbound TCP segments with ACK=0
  • Blocking inbound TCP segments with SYN=1

Both prevent external clients from making TCP connections to internal clients, but allow internal clients to connect to outside. How?

This came across to me while I am studying firewalls. How do these work and how do they conclude the inference that we got from this?

ACK=0 would mean something that is not giving acknowledgements. How would we deduce that if we block ACK=0, we would not let external clients to make TCP connections with internal clients? I want to understand this.

Incoming SYN=1 makes a bit of sense to me as it means someone is trying to establish a connection from the outside.