Ethical Hacking and Penetration Testing Guide

Understanding the TCP Three-Way Handshake

Yüklə 22,44 Mb.

Pdf görüntüsü

səhifə	66/235
tarix	07.08.2023
ölçüsü	22,44 Mb.
	#138846

1 ... 62 63 64 65 66 67 68 69 ... 235

Ethical Hacking and Penetration Testing Guide ( PDFDrive )

Understanding the TCP Three-Way Handshake

Understanding the TCP Three-Way Handshake
The transmission control protocol (TCP) was made for reliable communication. It is used for a
wide variety of protocols on the Internet and contributes toward reliable communication with the
help of the three-way handshake.
Before understanding how port scanning works, we need to understand how the TCP three-
way handshake works.
SYN
ACK
SYN/ACK
◾
The first host sends a SYN packet to the second host.
◾
The second host responds with a SYN/ACK packet; it indicates that the packet was received.
◾
The first host completes the connection by sending an acknowledgment packet.
TCP Flags
SYN
—Initiates a connection.
ACK
—Acknowledges that the packet was received.
RST
—Resets the connections between two hosts.
FIN
—Finishes the connection.

102
◾
Ethical Hacking and Penetration Testing Guide
There are many other flags, and I would recommend you to spend some time reading
rfc 793
,

the TCP protocol specification. I cannot emphasize enough the importance of understanding the
TCP IP; it will help you a lot.
Port Status Types
With nmap you would see one of four port status types:
Open
—It means that the port is accessible and an application is listening on it.
Closed
—It means that the port is inaccessible and no application is listening on it.
Filtered
—It means that nmap is not able to figure out if the port is open or closed, as the pack-
ets are being filtered, which probably means that the machine is behind a firewall.
Unfiltered
—It means that the ports are accessible by nmap but it is not possible to figure out if
they are open or closed.

Yüklə 22,44 Mb.

Dostları ilə paylaş:

1 ... 62 63 64 65 66 67 68 69 ... 235