0

I work for a very large organisation and I am having issues with a device injecting RST packets to cut off a connection from one of my servers to another. I suspect it is some sort of anti-virus because I'm transferring an e-mail with an unusual attachment. There are quite a lot of network devices in between my servers according to trace route. In order to request a change of configuration, I need to find which device is injecting them.

So...

Is there a way to detect which device is injecting TCP RST packets between two machines?

mjaggard
  • 123
  • 5

1 Answers1

4

The only way you'll be able to sort this out is to perform packet captures at various places along the path to determine where the RST packets are coming from. I'm assuming that you do not have the ability to to this, so you will need to work with your network team.

EEAA
  • 109,363
  • 18
  • 175
  • 245