What happens to tcp packets when they are unable to finish the 3 way handshake?

view full story

http://serverfault.com – Firewall for a virtual dedicated server. I was looking into how to prevent a FIN scan and it got me thinking about the consequences. A lot of people are using this rule: -p tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN -j DROP So when someone sends me a packet with a FIN = 1 , I'm unable to send FIN/ACK back. It seems unlikely but does that mean my established connection won't be stopped ? How does that work ? Does my connection stay alive and if so, for how long ? How does that actually work when someone closes his / her browser ? It sends a FIN to my server, my server replies w (HowTos)