当前位置:网站首页>TCP connection is more than communicating with TCP protocol
TCP connection is more than communicating with TCP protocol
2022-07-06 17:32:00 【Tang Monk riding white horse】
1、 If the server doesn't want to accept this handshake , What will it do ? There may be several situations :
- Ignore this connection , Just treat it as if nothing has been received , Nothing happened . Such behavior , You could say “ pretend to be ignorant of sth ”.
- Reply , Expressly refuse . It's equivalent to someone reaching over to shake hands , You slap it off , It's really very rigid .
Case one , Because the server has done “ Silent packet loss ”, That is, although I received SYN, But it just discarded , And don't reply to any messages to the client . This also leads to a problem , That is, the client can't distinguish this SYN Which of the following is the case :
- Lost on the network , The server cannot receive , Naturally, there will be no reply ;
- The opposite end received it but didn't reply , That's what I just said “ Silent packet loss ”;
- The opposite end received it and returned it , But this packet was lost in the network .
2、 test
First step , On the server , Execute the following command , Give Way Iptables Silently discard it and send it to yourself 80 The packets on the port :
Iptables -I INPUT -p tcp --dport 80 -j DROP
The second step , Start on the client tcpdump Grab the bag :
sudo tcpdump -i any -w telnet-80.pcap port 80
The third step , Initiate a from the client telnet:
telnet Server side IP 80
telnet That's the reason for the suspension : The handshake request has never been successful . The client has 7 individual SYN The bag was sent out , Or say , Except for the first time SYN, And then there's 6 Retries . The client is certainly not “ A fool ”, So many times , Gave up the connection attempt , Pass the failed message to the user space program , Then is telnet sign out .
TCP If the handshake doesn't respond , The operating system will retry
stay Linux in , This setting is determined by kernel parameters net.ipv4.tcp_syn_retries The control of the , The default value is 6
$ sudo sysctl net.ipv4.tcp_syn_retries
net.ipv4.tcp_syn_retries = 6
REJECT, This should enable the client to exit immediately . Execute the following command , Give Way Iptables Refuse to send to 80 The packets on the port :
Iptables -I INPUT -p tcp --dport 80 -j REJECT
here telnet I will quit immediately
see iptables The rule found that it was automatically supplemented –reject-with icmp-port-unreachable, That is to say, it is practical ICMP The message was replied . Of course , You can also define this action as –reject-with tcp-reset, That would meet our initial expectations .
sudo tcpdump -i any -w telnet-80-reject.pcap host 47.94.129.219 and port 80
To configure iptables Put the port Reset
iptables -I INPUT -p tcp --dport 80 -j REJECT --reject-with tcp-reset
3、TCP Handshake flow chart
In the picture above , Whether client or server , Let's look down , It has to go through all TCP state , They are all displayed very clearly . I interpret this process as follows :
SYN_SENT This state , It means that the connection request at that time (SYN package ), Already from this Windows The server sends out , Try to talk to the remote AD Connect to the domain controller . However, due to the delayed response of the opposite end SYN+ACK message , Then the status of the client connection , Just “ Stop ” stay SYN_SENT state , Can't be converted into ESTABLISHED state .
边栏推荐
- 信息与网络安全期末复习(完整版)
- Coursera cannot play video
- Flink analysis (I): basic concept analysis
- Flink 解析(一):基础概念解析
- Final review of information and network security (full version)
- mysql 基本增删改查SQL语句
- 全网最全tcpdump和Wireshark抓包实践
- About selenium starting Chrome browser flash back
- EasyRE WriteUp
- Take you hand-in-hand to do intensive learning experiments -- knock the level in detail
猜你喜欢
Flink analysis (I): basic concept analysis
07个人研发的产品及推广-人力资源信息管理系统
List集合数据移除(List.subList.clear)
02 personal developed products and promotion - SMS platform
Akamai anti confusion
信息与网络安全期末复习(基于老师给的重点)
Jetpack compose 1.1 release, based on kotlin's Android UI Toolkit
信息与网络安全期末复习(完整版)
Akamai浅谈风控原理与解决方案
网络分层概念及基本知识
随机推荐
C#版Selenium操作Chrome全屏模式显示(F11)
Case: check the empty field [annotation + reflection + custom exception]
DataGridView scroll bar positioning in C WinForm
微信防撤回是怎么实现的?
Prototype chain inheritance
吴军三部曲见识(七) 商业的本质
Flink 解析(四):恢复机制
02 personal developed products and promotion - SMS platform
The solution to the left-right sliding conflict caused by nesting Baidu MapView in the fragment of viewpager
2021-03-22 "display login screen during recovery" can't be canceled. The appearance of lock screen interface leads to the solution that the remotely connected virtual machine can't work normally
1. JVM入门介绍
案例:检查空字段【注解+反射+自定义异常】
MySQL basic addition, deletion, modification and query of SQL statements
Program counter of JVM runtime data area
JVM class loading subsystem
07 personal R & D products and promotion - human resources information management system
04个人研发的产品及推广-数据推送工具
JVM垃圾回收概述
Wu Jun's trilogy insight (V) refusing fake workers
02个人研发的产品及推广-短信平台