From the course: Wireshark Essential Training
Join today to access over 23,200 courses taught by industry experts.
Recognizing the TCP connection process - Wireshark Tutorial
From the course: Wireshark Essential Training
Recognizing the TCP connection process
- [Instructor] Transmission Control Protocol is a connection-oriented protocol. It begins with a three-way handshake and ends by terminating the session. A three-way handshake begins by the client sending a SYN packet to the server. That SYN packet synchronizes the sequence numbers. If the server accepts, it responds by a synchronization acknowledgement. The client then sends a final acknowledgement and then we have a connection. A socket is created and we can begin to exchange data. Periodically, services will be refused, and then you'll see a reset. No response may indicate a firewall. You may receive an ICMP destination unreachable packet, and a code might indicate the network was unreachable or the host was unreachable, but most likely the target port was firewalled. The host might try again with another SYN packet. The connection can be terminated in one of several ways. The connection can time out and will be closed…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
Understanding the TCP-IP suite1m 48s
-
(Locked)
Explaining Transmission Control Protocol7m 44s
-
(Locked)
Recognizing the TCP connection process1m 34s
-
(Locked)
Viewing the TCP handshake and teardown5m 25s
-
(Locked)
Breaking down User Datagram Protocol5m 12s
-
(Locked)
Outlining IPv44m 13s
-
(Locked)
Dissecting IPv63m 41s
-
(Locked)
Comprehending ICMP5m 32s
-
(Locked)
Discovering ICMPv64m 39s
-
(Locked)
Challenge: Evaluating a pcap39s
-
(Locked)
Solution: Evaluating a pcap5m 52s
-
-
-
-