Ethereal-users: [Ethereal-users] TCP FIN and SYN

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: "Gordon McKinney" <gordon@xxxxxxxxxxxxx>
Date: Wed, 13 Mar 2002 00:20:09 -0000
I have produced a handy quick reference card from RFC 793 and TCP/IP
Illustrated Vol 2. It helps understand the states from netstat and what
packets
are needed to progress the states.
http://www.night-ray.com/resources/TCPIP_State_Transition_Diagram.pdf


Also there is IBM's TCP/IP Tutorial and Technical Overview:
http://www.redbooks.ibm.com/abstracts/gg243376.html


Ethereal can help you learn TCP/IP as you can experiement and diagnose
faults.
One tip, I colorize my traces to see TCP SYN/FIN/RST, here are the entries
that
you can add to your colorfilters file.

@SYN@xxxxxxxxxxxxx == 1@[51623,65534,47022][0,0,0]
@FIN@xxxxxxxxxxxxx == 1@[65534,48675,52504][0,0,0]
@RST@tcp.flags.reset == 1@[65533,48495,52428][65535,1766,0]

--
Gordon McKinney
http://www.night-ray.com
Mobile +44 (0)7770-957 627