Initiating a TCP session with Windows Server 2003 using a non-standard flag combination may succeed

Symptoms

A TCP 3-way handshake is initiated with a SYN packet sent to the remote peer (a packet with only the SYN flag set). If a TCP handshake is initiated with other TCP flag values set in addition to the SYN flag, Windows Server 2003 will accept the connection.

Cause

This behavior is by design.

More Information

The behavior is changed with Windows Vista and later platforms. A SYN packet will not be accepted if it's set in combination with either FIN, RST, or ACK flags and will only be accepted if it's either the only flag set or if that flag is set in combination with PSH, URG, ECE, or CWR.
Properties

Article ID: 2551021 - Last Review: May 17, 2011 - Revision: 1

Feedback