[c-nsp] TCP Reset

Peter Rathlev peter at rathlev.dk
Wed May 20 04:03:43 EDT 2009

On Wed, 2009-05-20 at 10:15 +0530, Hitesh Vinzoda wrote:
> I m facing a problem from some clients behaving suspiciously when they
> telnet to squid proxy. (
> After TCP Syn request by client the server is responding with RST.
> Wireshark logs from client is attached. Comments are invited for this case.

And the server is really listening on that port? I assume "http-alt" is
8080/tcp, and Squid normally listens on 3128/tcp.

What does a wireshark dump on the server tell you?

The only thing that comes to mind apart from the port-issue would be
that Cisco PIX/ASA/FWSM firewalls will actually reject an ACL denied
connection from "inside" (higher security level) with a TCP RST.


More information about the cisco-nsp mailing list