hping send SYN: how not to send RST after receiving SYN/ACK?

Question

using hping, I send SYN packet, second peer is listening and replies with SYN/ACK, but hping (or linux kernel does it I guess) sends RST after receiving SYN/ACK.

Is there anyway I can stop my machine sending RST after receiving SYN/ACK?

thanks.

Answer 1

This command should drop any TCP packet with the RST flag set your machine would send to the specific destination:

iptables -I OUTPUT 1 -d <destination> -p tcp --tcp-flags RST RST -j DROP

to revert it, use:

iptables -D OUTPUT -d <destination> -p tcp --tcp-flags RST RST -j DROP

---

An alternative is to block all incoming TCP packets with SYN+ACK flags set from the specific source (i.e. the packets that cause the RST):

iptables -I INPUT 1 -s <source> -p tcp --tcp-flags SYN,ACK SYN,ACK -j DROP

to revert it, use:

iptables -D INPUT -s <source> -p tcp --tcp-flags SYN,ACK SYN,ACK -j DROP

---

Works for me with hping3 -S -p 22 <destination>