thanks guys for the great help, i can now continue my coding, but due
to my work load, I cant allocate much time for research and reading
good stuff. im just doing this in my pleasure time.
one last question: if SYN starts a new tcp stream, what are all other
possible flags to end a tcp stream?
again thanks!
~rex
On Mon, 10 Jan 2005 03:04:41 -0500, Jim Young <sysjhy@xxxxxxxxxxxxxxx> wrote:
> Hello Rex,
>
> >>> rex plantado <rcplantado@xxxxxxxxx> 01/10/05 01:40AM >>>
> > yeah, ive looked into the codes but its quiet overwhelming :)
> > how i wish if theres a prj file for win32 ethereal where i can debug
> > the codes...
> > or
> > atleast a good reference in reassembling the tcp packets...rfc doest
> > give me clear idea how to get it done.
> >
> > thanks.
>
> Over the years I have repeatedly found the following book
> an extremely useful resource. If you havn't already, I would
> STRONGLY recommend you take a look at:
>
> TCP/IP Illustrated, Volume 1 The Protocols
> by W. Richard Stevens
>
> FWIW: Ethereal's "Time-Sequence Graph (Stevens)" graph
> (available via the menu "Statistics" | "TCP Stream Graph")
> obviously appears to be based on the graphs presented in
> Chapter 21: "TCP Timeout and Retransmission".
>
> I hope you find the above info useful.
>
> Best regards,
>
> Jim Young
>
>
