diff --git a/CHANGELOG b/CHANGELOG
index f8bd9b164..4a5e40756 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,5 +1,9 @@
 # Nmap Changelog ($Id$); -*-text-*-
 
+o Removed some restrictions on probe matching that, for example,
+  prevented a RST/ACK reply from being recognized in a NULL scan. This
+  was found and fixed by Matthew Stickney and Joe McEachern.
+
 o Rearranged some characters classes in service matches to avoid any
   that look like POSIX collating symbols ("[.xyz.]"). John Hutchison
   discovered this error caused by one of the match lines:
diff --git a/scan_engine.cc b/scan_engine.cc
index 58825965d..30fddd8a6 100644
--- a/scan_engine.cc
+++ b/scan_engine.cc
@@ -2535,21 +2535,12 @@ static bool tcp_probe_match(const UltraScanInfo *USI, const UltraProbe *probe,
   /* Make sure we are matching up the right kind of probe, otherwise just the
      ports, address, tryno, and pingseq can be ambiguous, between a SYN and an
      ACK probe during a -PS80 -PA80 scan for example. A SYN/ACK can only be
-     matched to a SYN probe. A RST/ACK can only be matched to a SYN or FIN. A
-     bare RST cannot be matched to a SYN or FIN. */
+     matched to a SYN probe. */
   probedata = &probe->pspec()->pd.tcp;
   if ((tcp->th_flags & (TH_SYN | TH_ACK)) == (TH_SYN | TH_ACK)
       && !(probedata->flags & TH_SYN)) {
     return false;
   }
-  if ((tcp->th_flags & (TH_RST | TH_ACK)) == (TH_RST | TH_ACK)
-      && !(probedata->flags & (TH_SYN | TH_FIN))) {
-    return false;
-  }
-  if ((tcp->th_flags & (TH_RST | TH_ACK)) == TH_RST
-      && (probedata->flags & (TH_SYN | TH_FIN))) {
-    return false;
-  }
 
   /* Sometimes we get false results when scanning localhost with -p- because we
      scan localhost with src port = dst port and see our outgoing packet and