What does this iptables rule mean?

I found this iptables rule in some project I am working on:

-A INPUT -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j DROP

What does this rule mean? How does it make the network more secure?

Solution

It could be translated by "Drop every incoming segment that initialize a new TCP connection and where SYN control bit is not set among FIN,SYN,RST,ACK." (see here).

A TCP segment used to initialize a connection should have the SYN control bit set so that rule is there to ensure that. Also, I think this rule avoid the use of different port scan techniques involving segments without the SYN control bit set, like ACK scan. It silently drops the segment instead of sending an RST segment that could give information to a potential attacker.

How to connect to WIFI from a browser with Javascript and PHP?
How to take snapshot of PDF file in linux?
How to add user input when starting a service in systemd
How does the kernel use task_struct?
Binary to UTF-8 in C
How can I generate a list of files with their absolute path in Linux?
How stable is TSC (TimeStamp Counter) from user space for Intel x86-64 CPUs in 2020?
Want to Convert Integer to String without itoa function
Windows Azure SDK for C++
What make g++ include GLIBCXX_3.4.9?
How can a Linux program - run by Tanuki wrapper - be made to 'see' aliases setup in .bash_profile?
Is it possible to sort numbers in a QTreeWidget column?
Which direction does memory-mapped segment of a process's virtual address space grow by default?
How to install cross compiler (on ubuntu 12.04 LTS) for microprocessor SA1100?
linux, ld command by --entry option generate segment fault error
jpegtran optimize without changing filename
How can I invoke Azure Trusted Signing from a Linux OS?
linux sed how to replace part of a line without breaking indentation in a text file
How to show process state (blocking, non-blocking) in Linux
How do you search for files containing DOS line endings (CRLF) with grep on Linux?
Get pdftotext Python module running on Lambda
How do I get cURL to not show the progress bar?
Run Nohup while SFTP
What do I use on linux to make a python program executable
How to execute python file in linux
linux tee is not responding
check if a file is jpeg format using shell script
Why ulimit can't limit resident memory successfully and how?
Finding human-readable files on Unix
convert a fixed width file from text to csv