Tizian-Maxime-Weigt/TCP-Flag-Combinations
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

README.md aktualisiert

Browse Source
This commit is contained in:
Tizian Maxime Weigt 2025-05-30 00:05:28 +00:00
parent 84ad05cc0a
commit dd323bb373
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@ -5,9 +5,9 @@
| SYN | 0x02 | Initiates connection | 4060 bytes | 6478 bytes | Rate limit SYN packets per source IP to prevent floods. Drop if rate exceeds threshold. Use SynProxy. |
| SYN-ACK | 0x12 | Acknowledges SYN | 4060 bytes | 6478 bytes | Validate against recent SYN requests using eBPF hash maps. Drop if no matching SYN. |
| ACK | 0x10 | Acknowledges data | 40 bytes | 64 bytes | Allow for established connections. Rate limit to prevent ACK floods. |
| PSH-ACK | 0x18 | Pushes data | 401500 bytes | 641518 bytes | Allow for data transfer. Rate limit large packets to prevent floods. |
| PSH-ACK | 0x18 | Pushes data | 401500 bytes | 641518 bytes | Allow for data transfer. Rate limit large packets to prevent floods. Basic Connection tracking |
| FIN-ACK | 0x11 | Closes connection | 40 bytes | 64 bytes | Allow for connection closure. Drop if part of a FIN scan (no prior SYN). |
| RST | 0x04 | Resets connection | 40 bytes | 64 bytes | Allow for error handling. Drop if part of a reset attack (high rate from single IP). |
| RST | 0x04 | Resets connection | 40 bytes | 64 bytes | Allow for error handling. Drop if part of a reset attack (high rate from single IP). Basic Connection tracking |
| NULL | 0x00 | Invalid (no flags) | 40 bytes | 64 bytes | Drop immediately as invalid/malicious. |
| XMAS | 0x29 (FIN+PSH+URG) | Probing attack | 40 bytes | 64 bytes | Drop immediately as invalid/malicious. |
| SYN-FIN | 0x03 | Invalid combination | 40 bytes | 64 bytes | Drop immediately as invalid. |