As you know, TCP use buffer to arrange received Data from other peer every each TCP connection. and at that time, TCP windows is for notification to other peer about available buffer size right now for itself TCP connection.
Sometime you can see TCP Window = zero packet when you analysis raw packet with wireshark like..
I am Sure These below is not all case for TCP window Zero.. but when I get a new idea. I will update this writes.
- Too Many Request .. Server cant process received request right now.
- so send TCP Window zero…for notify ” PLZ dont send packet anymore.. wait!!”
- Too Delay(Problem) on Network State for this TCP connection.
- Big Sequence number.. but I didn’t get former sequence packet.
- network problem or threat… It can’t be avoid .. on TCP Protocol..
- Big Sequence number.. but I didn’t get former sequence packet.
and link…..
https://wiki.wireshark.org/TCP%20ZeroWindow
Lechuck Park 