Invalid tcp handshake behaviour
Hello, I need some help. I'm using pcap.net for sending a tcp raw packet inside a LAN with some payload data. In order to be able to send the packet I need to perform a tcp handshake before sending the payload. I verified that no firewall is active in both endpoints. Also, use netstat -a / nmap scan to verify that the used ports are in "listening" state. Details for the endpoints:
source ip - 10.0.0.7
source port - 2869
destination ip - 10.0.0.11
destination port - 5357
When sending a syn from 10.0.0.7, it can be seen that 10.0.0.11 responds with SYN-ACK. However, as I understand from the documentation, 10.0.0.7 RST the connection and right afterwards send an ACK.
The behavior always occurs and I don't know it the tcp handshake is valid. I need your help.
wireshark export file: https://drive.google.com/file/d/1zrZX...
image: https://drive.google.com/file/d/1pso_... Thank you