net_runner
Feb 17 2005, 06:32 PM
Hi.
Im now reading:
Internetworking with TCP/IP volume 1
Douglas E. Comer.
I see on that book in theory how a connection is clossed (i attach the picture)
then in my house lab (i attach another pic) y run a telnet server, login, and the logout, i capture all thats packets with ethereal (i attach a third pic about lab architecture)
My question is about why the theory and the practice are not equal.
in fact, the client send a FIN, ACK instead of a FIN
i hope someone understand my question ..
thanks
yamashita
Feb 17 2005, 09:46 PM
It's a phenomenon called piggy backing. Packets the host receives, must be acknowledged. Instead of sending 2 separate packets (which would be inefficient), it sends it along with the FIN.
net_runner
Feb 18 2005, 12:33 AM
Hi yamashita.
Thanks you very much for your help. I search for the concept you tell me, and you are right
(this was in the first lines of sec 13.11 TCP Segment Format)
see you!!!
easternerd
Feb 20 2005, 10:18 PM
Yes lots of packet variations are found and its pretty common,
for example Different Operating Systems have different ways of Tcp Communication.
Windows has the worst TCP/IP Implementation of the stack , Unix systems have the best or should i call it the accurate implementation.
This difference is what makes it possible for the Operating systems to be Enumerated using nmap -O , well one of them ....
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please
click here.
