tcpdumpでのFlags[S.]とFlags[.]どういう意味ですか.ついでに3回握手バッグを見て
1979 ワード
telnetでtcp接続を開始し、3回の握手を確立し、バッグをつかんで見てみましょう.
xxxxxx$ sudo tcpdump -iany port 19006 -Xnlps0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
23:11:23.413499 IP 10.100.70.139.32759 > 10.100.70.139.19006: Flags [S], seq 1465007382, win 43690, options [mss 65495,sackOK,TS val 1172655098 ecr 0,nop,wscale 8], length 0
0x0000: 4510 003c 76ec 4000 4006 21e2 0a64 468b E..WR=.....
0x0020: a002 aaaa a20c 0000 0204 ffd7 0402 080a ................
0x0030: 45e5 4bfa 0000 0000 0103 0308 0000 0000 E.K.............
0x0040: 0000 0000 0000 0000 0000 0000 ............
23:11:23.413512 IP 10.100.70.139.19006 > 10.100.70.139.32759: Flags [S.], seq 3728841059, ack 1465007383, win 43690, options [mss 65495,sackOK,TS val 1172655098 ecr 1172655098,nop,wscale 8], length 0
0x0000: 4500 003c 0000 4000 4006 98de 0a64 468b E..<.. de41="" .df.j="">...A.cWR=.
0x0020: a012 aaaa a20c 0000 0204 ffd7 0402 080a ................
0x0030: 45e5 4bfa 45e5 4bfa 0103 0308 0000 0000 E.K.E.K.........
0x0040: 0000 0000 0000 0000 0000 0000 ............
23:11:23.413520 IP 10.100.70.139.32759 > 10.100.70.139.19006: Flags [.], ack 1, win 171, options [nop,nop,TS val 1172655098 ecr 1172655098], length 0
0x0000: 4510 0034 76ed 4000 4006 21e9 0a64 468b E..4v.@.@.!..dF.
0x0010: 0a64 468b 7ff7 4a3e 5752 3d17 de41 9964 .dF...J>WR=..A.d
0x0020: 8010 00ab a204 0000 0101 080a 45e5 4bfa ............E.K.
0x0030: 45e5 4bfa 0000 0000 0000 0000 0000 0000 E.K.............
0x0040: 0000 0000 ....