Status of TCP (SYN, FIN, ACK, PSH, RST, URG)

The status of TCP (SYN, FIN, ACK, PSH, RST, URG) in the TCP layer, there is a flags field, which has the following several identities: SYN, FIN, ACK, PSH, RST, URG. The first five fields are useful for our daily analysis. What they mean is that SYN indicates a connection, fin means close connection, ACK indicates response, PSH indicates data data transfer, and RST indicates a connection reset. Where the ACK is likely to be used in conjunction with Syn,fin, such as SYN and ACK may be at the same time as 1, it represents the response after the connection is established, if it is just a single SYN, it represents just the establishment of a connection. A few handshakes of TCP are represented by such an ACK. However, SYN and fin are not 1 at the same time, because the former represents a connection, and the latter represents a disconnection. The RST is typically 1 after fin, indicating a connection reset. Generally, when a fin or RST packet is present, we think the client is disconnected from the server side, and when the SYN and Syn+ack packets are present, we think that the client has established a connection with the server. PSH is 1, typically only in packets where the data content is not 0, meaning that PSH is 1 means that there is a real TCP packet content being passed. TCP connection establishment and connection shutdown are done through a request-response pattern. Concept Supplement-tcp three-time handshake: TCP (Transmission Control Protocol) Transmission Control Protocol TCP is the host-to-host layer of the Transmission Control Protocol, providing a reliable connection service, using three-time handshake confirmation to establish a connection: bit code is the TCP flag bit, There are 6 types of markings: SYN (Synchronous set-up) ACK (acknowledgement acknowledgment) PSH (push transfer) FIN (finish end) RST (reset reset) URG (urgent emergency) Sequence Number (sequential numbers) acknowledge number (confirmation numbers) First handshake: Host a send bit code for syn=1, randomly generate SEQ number=1234567 packet to the server, Host B is known by Syn=1, a requires to set up online; Second handshake: Host B receives the request to confirm the online information, sends an ACK number= (host A's seq+1) to a, syn=1,ack=1, randomly generates a seq=7654321 packet, and the third handshake: when host a receives a check that the ACK number is correct, That is, the first time the SEQ Number+1 is sent, and the bit code ACK is 1, if correct, the hostA will send the ACK number= (Host B's seq+1) again, ack=1, and Host B acknowledges that the SEQ value and ack=1 The connection was established successfully. To complete the three handshake, host A and Host B start transmitting data. In the TCP/IP protocol, the TCP protocol provides a reliable connection service with a three-time handshake to establish a connection. First handshake: When a connection is established, the client sends a SYN packet (SYN=J) to the server and enters the Syn_send state, waits for the server to confirm; second handshake: The server receives the SYN packet, must confirm the customer's SYN (ACK=J+1), and also sends a SYN packet (syn= k), the Syn+ack packet, at which time the server enters the SYN_RECV state; the third handshake: the client receives the server's Syn+ack package, sends the acknowledgement packet ack (ACK=K+1) to the server, the packet is sent, the client and the server enter the established state, Complete the three-time handshake. Three handshake is completed and the client and server begin to transfer data. From China Yunan Net (www.yunsec.net) Original: http://www.yunsec.net/a/school/wlcs/agreement/2012/0317/10262.html

Status of TCP (SYN, FIN, ACK, PSH, RST, URG)