Irregular Expressions

Nov 18 2011   10:03PM GMT

TCP Threeway Handshake

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

I have been doing some research for a project and I wanted to share some things.  During the three way handshake each host sets it’s own ISN.

  • Host 1 sends a SYN packet to Host 2 with A as the ISN (Initial Sequence Number), this number should be non-predictable.
  • Host 2 responds back with a SYN-ACK the an ACK number of A + 1 and ISN of B.
  • Host 1 responds back with a ACK with the ACK set to B + 1 and a ISN of A + 2.

If you add a -S to tcpdump you will see the absolute sequence numbers instead of relative.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: