What happens to tcp packets when they are unable to finish the 3 way handshake?

Firewall for a virtual dedicated server.
I was looking into how to prevent a FIN scan and it got me thinking about the consequences.
A lot of people are using this rule:

-p tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN -j DROP

So when someone sends me a packet with a FIN = 1 , I'm unable to send FIN/ACK back.
It seems unlikely but does that mean my established connection won't be stopped ?
How does that work ? Does my connection stay alive and if so, for how long ?

How does that actually work when someone closes his / her browser ? It sends a FIN to my server, my server replies with FIN/ACK ... but the browser is unable to receive that, right ? Who gets the packet, where does it go ?

And what if ... a remote machine sends my server a SYN, my reply is SYN/ACK and let's say that I'm not getting the ACK back, how long is my server waiting for it ?

Is there a name for unfinished 3 way handshakes ? Thank you.

Is there a name for unfinished 3 way handshakes

This is called a half-open connection.

So when someone sends me a packet with a FIN = 1 , I'm unable to send FIN/ACK back. It seems unlikely but does that mean my established connection won't be stopped? How does that work ? Does my connection stay alive and if so, for how long?

It will eventually timeout. See also the TIME_WAIT state.

Which is the default TCP connect timeout in Windows?
How to check TCP timeout in linux / macos?
Setting TIME_WAIT TCP

What happens to tcp packets when they are unable to finish the 3 way handshake?

Related

Recent Posts