Ping a Specific Port

Question

Itzik

Asked: 2011-09-21 16:54:05 +0800 CST2011-09-21 16:54:05 +0800 CST 2011-09-21 16:54:05 +0800 CST

Massive RST packets being sent

772

I've been fighting off a weird issue we've been having in our internal network: from time to time, multiple applications that we use simply freeze: SQL Management Studio, Red-Gate's Data Compare, Citrix GOTOMeeting and so forth.

I decided to get a trace of the network using Wireshark. I noticed just before things "froze", I found a MASSIVE number of RST packets being sent FROM our clients to the destinations, at the same time.

We're talking 37 RST packets at the same time (obviously milliseconds apart) to different destinations. Notice the RST packets are not being sent due to a failed 3-way handshake ... it is randomly being sent.

What could be the cause? What should I be trying to test? Thank you.

1 Answers

Voted

David Schwartz · Answer 1 · 2011-09-21T21:51:44+08:00

David Schwartz

2011-09-21T21:51:44+08:002011-09-21T21:51:44+08:00

This is a response to a port scan. RST+ACK is a response to a SYN when the port is not being listened to. Your computers are generating this, for a wide variety of ports. Presumably, you're not listening on that wide variety of ports, so you respond to each connection attempt with a RST+ACK.

1

Massive RST packets being sent

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?