Cable Internet Connection/ cable modem/ Corega router
OS Windows XP SP2
COMODO 2.4.18.84
Since I changed to a router a few days ago I have noticed that I get this notification pretty
often.
Severity high
Reporter : Network monitor
Blocked by protocol anaylisis ( Invalid flag combination)
Direction:TCP incoming
SYN RST is an invalid TCP flag combination
It does not affect my ability to connect so I don’t rank it as a problem.
I was just wondering what it means, as I am not familiar with such terms yet
(but I’m in learning mode!) and if I need to make any adjustments to the firewall.
If any more info is needed please ask.
Thanks in advance
This is coming because of Comodo’s Stateful Packet Inspection (SPI) engine, as part of Protocol Analysis (Security/Advanced/Advanced Attack Detection & Prevention/Miscellaneous).
There may be some good info there. You can also look up these flag combos on Wikipedia or such to find out more (be aware, it may cause your brain to explode… ).
It may be due in part to your router, or something more nefarious. Sorry I can’t give you much help on it; I’m not that deep into networking and IP traffic. There are some here who are; hopefully one of them will drop in and provide some more info and help.
).