# SYN_SENT Absolutely no harm, right?



## LakeCowabunga (Dec 12, 2019)

Am I correct that these are simply packets being sent out by a computer automatically, just seeing what's out there? I get several of these a minute on my server. All of them get dropped, and none are acknowledged. This is just a normal part of being on the Internet, correct? Thanks!


----------



## SirDice (Dec 12, 2019)

SYN_SENT is an _outgoing_ state as seen with netstat(1). That means something on your system tries to make a TCP connection but hasn't received a SYN/ACK in return yet. Those don't happen 'randomly', some process on _your_ system is trying to make a connection. 



LakeCowabunga said:


> I get several of these a minute on my server. All of them get dropped, and none are acknowledged.


These sound like _incoming_ SYN packets. And yes, you get those fairly frequently just by being connected to the internet. Usually towards well known ports like 22 (SSH) or 80 (HTTP). As long as you don't have a service listening on those ports and respond with a RST or drop them on the firewall they are harmless.


----------



## LakeCowabunga (Dec 12, 2019)

Makes more sense that way. Using tcptrack, though, it reports incoming SYN packets that way.

Thanks for the clarification.


----------

