Initiating a TCP session with Windows Server 2003 using a non-standard flag combination may succeed


Symptoms


A TCP 3-way handshake is initiated with a SYN packet sent to the remote peer (a packet with only the SYN flag set). If a TCP handshake is initiated with other TCP flag values set in addition to the SYN flag, Windows Server 2003 will accept the connection.

Cause


This behavior is by design.

More Information


The behavior is changed with Windows Vista and later platforms. A SYN packet will not be accepted if it's set in combination with either FIN, RST, or ACK flags and will only be accepted if it's either the only flag set or if that flag is set in combination with PSH, URG, ECE, or CWR.