Dark Mode
Capec-328 Detail
TCP 'RST' Flag Checksum Probe
Detailed Software Likelihood: Medium Typical Severity: Low
Parents: 312
Threats: T60 T80 T258 T288 T291 T302 T334 T392 T407
This OS fingerprinting probe performs a checksum on any ASCII data contained within the data portion or a RST packet. Some operating systems will report a human-readable text message in the payload of a 'RST' (reset) packet when specific types of connection errors occur. RFC 1122 allows text payloads within reset packets but not all operating systems or routers implement this functionality.
Not present
| External ID | Source | Link | Description |
|---|---|---|---|
| CAPEC-328 | capec | https://capec.mitre.org/data/definitions/328.html | |
| CWE-200 | cwe | http://cwe.mitre.org/data/definitions/200.html | |
| REF-33 | reference_from_CAPEC | Stuart McClure, Joel Scambray, George Kurtz, Hacking Exposed: Network Security Secrets & Solutions (6th Edition), 2009, McGraw Hill | |
| REF-128 | reference_from_CAPEC | http://www.faqs.org/rfcs/rfc793.html | Defense Advanced Research Projects Agency Information Processing Techniques Office, Information Sciences Institute University of Southern California, RFC793 - Transmission Control Protocol, 1981--09, Defense Advanced Research Projects Agency (DARPA) |
| REF-212 | reference_from_CAPEC | Gordon "Fyodor" Lyon, Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning (3rd "Zero Day" Edition,), 2008, Insecure.com LLC |
Not present
- The ability to monitor and interact with network communications.Access to at least one host, and the privileges to interface with the network interface card.
- A tool capable of sending and receiving packets from a remote system.
Not present
| Authorization | Access Control | Confidentiality |
|---|---|---|
| Bypass Protection Mechanism | Bypass Protection Mechanism | Read Data |
| Hide Activities | Hide Activities | Bypass Protection Mechanism |
| Hide Activities |
Not present