During a penetration test you plan to inject commands into an active Telnet session that crosses a stateful corporate firewall. The firewall uses an "established" rule that only allows packets it believes belong to an existing TCP flow. Which TCP flag combination should you set in the spoofed packets so they pass the firewall and let you take over the session without tearing it down?
Use an initial SYN packet that duplicates the client's source port
Send a packet with SYN and FIN flags both set
Set only the ACK flag and use correct sequence/ack numbers
With Cisco-style ACLs that use the established keyword, a TCP segment is considered part of an existing connection if it carries either the ACK or the RST flag. An attacker who wants to continue the session rather than reset it therefore crafts packets that have the ACK bit set (often together with PSH to deliver data) and supplies the correct sequence and acknowledgment numbers. SYN-only or FIN-only packets are blocked because they lack ACK/RST, while a pure RST would be allowed but would close the connection, defeating the purpose of hijacking.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the purpose of a stateful firewall?
Open an interactive chat with Bash
How does the TCP ACK flag contribute to bypassing a stateful firewall?
Open an interactive chat with Bash
Why is using SYN and FIN flags both set not effective for this scenario?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Network and Perimeter Hacking
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .