Understanding TCP Header with No Flags Set

A normal TCP segment header has at least one flag control set. A TCP segment with no control flags set is an anomalous event. Because different operating systems respond differently to such anomalies, the response (or lack of response) from the targeted device can provide a clue as to the type of OS it is running. See Figure 62.

Figure 62: TCP Header with No Flags Set

Image TCP_header_no_flags.gif

When you enable the device to detect TCP segment headers with no flags set, the device drops all TCP packets with a missing or malformed flags field.

Related Topics

Copyright© 1999-2010 Juniper Networks, Inc. All rights reserved.