SYN ACK Log Entries... What are they, what does it mean?

Hi all…

Notice I had a few Inbound Syn Ack alerts on my firewall logs. (See attached) can anyone explain what’s happened?

[attachment deleted by admin]

Not sure, as i think the SYN ACK is a server reply to your SYN (asking for webpages).

Connection establishment

To establish a connection, TCP uses a three-way handshake. Before a client attempts to connect with a server, the server must first bind to a port to open it up for connections: this is called a passive open. Once the passive open is established, a client may initiate an active open. To establish a connection, the three-way (or 3-step) handshake occurs:

  1. The active open is performed by the client sending a SYN to the server.
  2. In response, the server replies with a SYN-ACK.
  3. Finally the client sends an ACK back to the server.

At this point, both the client and server have received an acknowledgement of the connection.