4.9 What happens when a TCP connection is established and a SYN is received?

News 2023-08-26 07:20:27 views: null

1. The port number in the SYN message of the client is different from the historical connection

At this time, the server will think that a new connection is to be established, so it will establish a new connection through a three-way handshake.

What happens to the server in the Established state in the old connection?

The server sends a message to the client: the client connection has been closed, at this time the client kernel returns an RST message, and the server releases the connection;

The server did not send a message to the client: after a period of time, the tcp keep-alive mechanism starts and the connection is released

2. The port number in the client's SYN message is the same as the historical connection

 The server in the Established state receives the SYN message (the SYN message at this time is actually out of order, because the initialization sequence number of the SYN message is actually a random number ), and the server replies with an acknowledgment carrying the correct sequence number No. ACK message, the client receives this ACK and finds that it is not what it wants, returns RST to the server, and releases the connection.

How to close a TCP connection?

To forge a RST message, the two conditions that the quadruple is the same and the sequence number is expected by the other party must be met.

The killcx tool forges a SYN message with the same quadruple to obtain a legal serial number.

The tcpkill tool is to get the serial number that the other party expects to receive next time when the two parties perform TCP communication. Then fill the sequence number into the forged RST message and send it to the other party to achieve the effect of closing the TCP connection.

  • tcpkill is a passive acquisition, and the correct serial number can only be obtained when the two parties perform TCP communication. Obviously, this method cannot close the inactive TCP connection.
  • The killcx tool belongs to active acquisition. It actively sends a SYN message and obtains the correct serial number through the Challenge ACK replied by the other party. Therefore, this method can be closed regardless of whether the TCP connection is active or not .

Guess you like

Origin blog.csdn.net/super8ayan/article/details/132503572
Recommended
The United States plans to restrict the export of large AI models to China and Russia
Apple to reach agreement with OpenAI to bring ChatGPT to iPhone
Ranking
whisper-webui installation tutorial is silky and easy to use
[Base] Laravel concepts laravel basis, the custom service provider: Contracts, ServiceContainer, ServiceProvider, Facades relations
Import torchvision error problem solving DLL: module not found
observer & watch & notify = pub & sub
A small turntable program [HTML + CSS + JS]
CorelDRAW 2018 shortcuts Daquan
Supervise el botón de menú para lograr un gatillo de presión prolongada
JS将时间秒转换成天小时分钟秒的字符串
RIP basic configuration
[Deleted] solution to a problem a few questions (Noip1994)
Daily
More
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)

Code World

© 2018 codetd.com