During an internal engagement you perform a half-open scan (TCP SYN) against a Linux server. For port 22 you receive a single RST packet with the ACK flag set in reply to your SYN. Assuming no spoofing or middleboxes modifying traffic, what does this response tell you about port 22?
The server is using TCP wrappers to block your IP address immediately after the three-way handshake.
Port 22 is open and actively accepting SSH connections.
Port 22 is being filtered by a stateful firewall that silently drops SYN packets.
Port 22 is closed but the host is reachable; the packet was not filtered on its way back.
In a TCP SYN (half-open) scan, the scanner sends a SYN and looks at the first packet the target returns. If the port is listening, the target responds with SYN/ACK, at which point the scanner normally sends an RST to avoid completing the handshake. If the port is not listening but is reachable, the target answers the SYN with RST/ACK to indicate "connection refused." A filtered port, on the other hand, would return nothing at all or an ICMP unreachable message because the packet was dropped by a firewall or ACL. Because you received an immediate RST containing the ACK flag, you can conclude the host is up, the packet was not filtered, and the service on port 22 is closed. The other options are incorrect: an open SSH service would send SYN/ACK, a filtered port would not send the RST/ACK, and TCP wrappers only deny the connection after it is established, not at the SYN stage.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a TCP SYN scan, and how does it work?
Open an interactive chat with Bash
What does the RST/ACK response indicate in network scanning?
Open an interactive chat with Bash
How can firewalls or ACLs affect responses to a TCP SYN scan?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Reconnaissance Techniques
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .