question about TCP connection ..please help

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

hi I got problem to solve one question about correct steps to establish a TCP connection.
A) SYN=0,SYN=0 ACK=1;SYN=0 ACK=1
B) SYN=1,SYN=1 ACK=0;SYN=1 ACK=0
C) SYN=1,SYN=1 ACK=1;SYN=0 ACK=1
D) SYN=0,SYN=1 ACK=1;SYN=0 ACK=1
E) SYN=1,SYN=1 ACK=0;SYN=1 ACK=1

THANKS FOR ANY HELP

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

First - N+ does not require this level of knowledge of TCP headers as far as I'm aware.

The answer is C) assuming I have decoded the question format correctly.

Where did this question come from?

Harry.

 

Hi

Your question is vague - you don't give us any more information about what you're trying to understand.

I presume its the basic Syn/Ack connection sequence for TCP Session establishment. If so, then it appears that none of the potential answers you have given are correct - since this is a three step process (known as the '3-way handshake').

Allow me to summarise:

Host 1 (we'll call it 'PC') needs to establish a session with Host 2 ('SRV'). In order to do this, PC needs to first contact SRV. SRV then replies to PC that it is able & willing to accept the connection. PC then responds back and the session is duly established.

This takes the form of:

Step 1 = SYN=0, ACK=0
Step 2 = SYN=1, ACK=1
Step 3 = SYN=0, ACK=1

Therefore none of the potential answers you have given are correct, as the answer should read:

Syn=0,Ack=0; Syn=1,Ack=1; Syn=0,Ack=1

 

<Cough> The first step taken by a device doing an active open is to send a SYN packet!

See here.

Harry.

 

C is the closest, but shouldn't there be a semicolon between first and second SYN?

I just remember is as SYN, SYN/ACK, ACK

PC -----------SYN------------> SERVER
PC <-------SYN/ACK-------- SERVER
PC ------------ACK-----------> SERVER

And though I don't recall it being on Network+ either it is on the Security+ and CEH exams (in relation to SYN flood DoS attacks, where final ACK is never sent.)

 

Wasn't on Network+ when I did it.

I passed Net+, and have no idea what you're all on about!

 

It's known as a three-way handshake and is initiated between two applications when they wish to communicate over TCP/IP.

And also LAND attacks where a network is flooded with SYN packets from a spoofed source IP address that matches a computer on the network.

 

Oh yeah! I know what you're on about now! It was part of the CCNA stuff I did at uni. One of those things that if you don't need to use it, you don't remember it.

 

I though LAND was where you send a malformed packet with identical source and destination IPs. What you describe sounds more like a Smurf attack, but that sends a ping (ICMP packet) to the network's broadcast addy.

 

Yes, that's the fella. It's caused by spoofed SYN packets getting into the network. The targeted machine responds to the SYN packet that is addressed to itself and it becomes unavailable as it continuously sends and replies to itself.

 

I swear you guys are making these attack names up as you go along.

 

Now a 'Whack Attack' on the other hand is similar to a 'Back-Crack-And-Sack-Attack' but uses a different method of .............................

 

ooops

Yeps - typo extraordinaire I think!

And there's me working in poxy network security - giving off the most fraudulent advice possible!

Of course it should read S=1,A-0;S=1,A=1;S=0,A=1.

Not much point making the first part of a handshake zero on both sides...

That would be a bit like sending a FIN=0 to end a session...

 

LOL - If you think they're bad, wait until you hear about Ping Of Death, Teardrop, Bonk and Boink...

 

LOL! Wanna expand on those Zeb!

 

I first heard of the ping of death about 10 years ago, when it was demonstrated to me bringing a NT server down. IIRC it was a oversized ping packet that the TCP/IP stack at the time couldn't deal with - so it blue-screened.

Harry. (Hoping his memory hasn't failed him)

 

I just knew the ping of death as flooding the server with pings until it couldn't cope anymore?

http://en.wikipedia.org/wiki/Ping_of_death

Looking at the link above I was wrong but this is more along my lines of thinking:

http://en.wikipedia.org/wiki/Ping_flood

 

kapulet,

Isn't this question directly from one of the following:

1. Cisco Press INTRO Exam Certification Guide
2. Cisco Press ICND Exam Certification Guide

 

hi..well sorry i didnt write more about this question..At first I need it for CCNA Intro not for N+.t is about TCP Simple Acknowledgment.I do understand how it works but this question is put the way that i cant figure out its correct answer. (sorry 4 my english)
question is:Select the statement that correctly orders the steps to establish a TCP connection.
thanks

 

hi.yap it is from CCNA Intro