基于wireshark的tcp和udp报文分析.doc
9页
1《计算机网络基础》课程报告基于 Wireshark 的 TCP 和 UDP 报文分析院系: 班级: 学号: 姓名: 教师: 2012 年 11 月 4 日2目 录一 TCP 连接时的三次握手··································3二 TCP 连接释放时的四次握手······························5三 UDP 报文分析··········································73.1 UDP 报文结构······································73.2 UDP 检验和的计算·································7四 结束语···············································93一、TCP 连接时的三次握手TCP 协议为终端设备提供了面向连接的、可靠的网络服务TCP 在交换数据报文段之前要在发送方和接收方之间建立连接客户是连接的发起者,服务器是被动打开和客户进行联系。
具体的过程如下所述第一次握手:客户发送 SYN=1,seq=0 的 TCP 报文给服务器Ps:客户的 TCP 向服务器发出连接请求报文段,其首部中的同步位 SYN = 1序号 seq = 0,表明报文中未携带数据报文如下:源 端口号:56644(56644)目的端口号:http(80)[Stream index: 0]Sequence number: 0 (relative sequence number)Header length: 32 bytesFlags: 0x02 (SYN)000. .... .... = Reserved: Not set4...0 .... .... = Nonce: Not set.... 0... .... = Congestion Window Reduced (CWR): Not set.... .0.. .... = ECN-Echo: Not set.... ..0. .... = Urgent: Not set.... ...0 .... = Acknowledgement: Not set.... .... 0... = Push: Not set.... .... .0.. = Reset: Not set.... .... ..1. = Syn: Set.... .... ...0 = Fin: Not setWindow size: 8192Checksum: 0x1030 [validation disabled]Options: (12 bytes)第二次握手:服务器发送 SYN=1,ACK=1,seq=0 的 TCP 报文给客户Ps:服务器的 TCP 收到客户发来的连接请求报文段后,如同意,则发回确认。
服务器在确认报文段中应使 SYN = 1,使 ACK = 1序号 seq = 0,表明报文中未携带数据报文如下:源 端口号:http(80)目的端口号:56644(56644)[Stream index: 0]Sequence number: 0 (relative sequence number)Acknowledgement number: 1 (relative ack number)Header length: 32 bytesFlags: 0x12 (SYN, ACK)000. .... .... = Reserved: Not set...0 .... .... = Nonce: Not set.... 0... .... = Congestion Window Reduced (CWR): Not set.... .0.. .... = ECN-Echo: Not set.... ..0. .... = Urgent: Not set.... ...1 .... = Acknowledgement: Set.... .... 0... = Push: Not set.... .... .0.. = Reset: Not set.... .... ..1. = Syn: Set.... .... ...0 = Fin: Not setWindow size: 5840Checksum: 0x54f6 [validation disabled]Options: (12 bytes)第三次握手:客户发送 ACK=1 的 TCP 报文给服务器Ps:客户收到报文段后向服务器给出确认,其 ACK = 1。
客户的 TCP 通知上层应用进程,连接已经建立服务器的 TCP 收到主机客户的确认后,也通知其上层应用进程,TCP 连接已经建立5报文如下:源 端口号:56644(56644)目的端口号:http(80)[Stream index: 0]Sequence number: 1 (relative sequence number)Acknowledgement number: 1 (relative ack number)Header length: 20 bytesFlags: 0x10 (ACK)000. .... .... = Reserved: Not set...0 .... .... = Nonce: Not set.... 0... .... = Congestion Window Reduced (CWR): Not set.... .0.. .... = ECN-Echo: Not set.... ..0. .... = Urgent: Not set.... ...1 .... = Acknowledgement: Set.... .... 0... = Push: Not set.... .... .0.. = Reset: Not set.... .... ..0. = Syn: Not set.... .... ...0 = Fin: Not setWindow size: 65928 (scaled)Checksum: 0x1024 [validation disabled]二、TCP 连接释放时的四次握手数据传输结束后,通信的双方都可释放连接。
客户应用进程先向其 TCP 发出连接释放报文段,并停止再发送数据,主动关闭 TCP 连接接下来服务器半关闭连接,最后等待结束后释放连接资源具体过程如下所述第一次握手:客户发送 FIN=1,seq=u 的 TCP 报文给服务器Ps:客户把 TCP 连接释放报文段首部的 FIN = 1,等待服务器的确认报文如下:源 端口号:56644(56644)目的端口号:http(80)[Stream index: 0]Sequence number: 1 (relative sequence number)Acknowledgement number: 1 (relative ack number)Header length: 20 bytesFlags: 0x11 (FIN, ACK)000. .... .... = Reserved: Not set...0 .... .... = Nonce: Not set.... 0... .... = Congestion Window Reduced (CWR): Not set6.... .0.. .... = ECN-Echo: Not set.... ..0. .... = Urgent: Not set.... ...1 .... = Acknowledgement: Set.... .... 0... = Push: Not set.... .... .0.. = Reset: Not set.... .... ..0. = Syn: Not set.... .... ...1 = Fin: SetWindow size: 65928 (scaled)Checksum: 0x1024 [validation disabled]第二次握手:服务器发送 ACK=1,Acknowledgement number=u+1 的 TCP 报文给客户 Ps:服务器发出确认,确认号 Acknowledgement number = u +1。
TCP 服务器进程通知高层应用进程从客户到服务器这个方向的连接就释放了,TCP 连接处于半关闭状态服务器若发送数据,客户仍要接收第三次握手:服务器发送 FIN=1,ACK=1 ,seq=w,Acknowledgement number=u+1 的 TCP 报文给客户 Ps:若服务器已经没有要向客户发送的数据,其应用进程就通知 TCP 释放连接事实上,第二次握手和第三次握手常常整合体现在同一服务器向客户发送的TCP 报文中报文如下:源 端口号:http(80)目的端口号:56644(56644)[Stream index: 0]Sequence number: 1 (relative sequence number)Acknowledgement number: 2 (relative ack number)Header length: 20 bytesFlags: 0x11 (FIN, ACK)000. .... .... = Reserved: Not set...0 .... .... = Nonce: Not set.... 0... .... = Congestion Window Reduced (CWR): Not set.... .0.. .... = ECN-Echo: Not set.... ..0. .... = Urgent: Not set.... ...1 .... = Acknowledgement: Set.... .... 0... = Push: Not set.... .... .0.. = Reset: Not set.... .... ..0. = Syn: Not set.... .... ...1 = Fin: SetWindow size: 6144 (scaled)Checksum: 0xac93 [validation disabled][SEQ/ACK analysis]7第四次握手:客户发送 ACK=1,seq=u+1 ,Acknowledgement number=w+1 的TCP 报文给服务器 Ps:客户收到连接释放报文段后,必须发出确认。
在确认报文段中 ACK = 1,确认号 Acknowledgement number =w +1自己的序号 seq = u + 1 随之服务器 TCP 关闭,而客户进入 timed wait,等时间到后连接关闭报文如下:源 端口号:56644(56644)目的端口号:http(80)[Stream index: 0]Sequence number: 2 (relative sequence number)Acknowledgement number: 2 (relative ack number)Header length: 20 bytesFlags: 0x10 (ACK)000. .... .... = Reserved: Not set...0 .... .... = Nonce: Not set.... 0... .... = Congestion Window Reduced (CWR): Not set.... .0.. .... = ECN-Echo: Not set.... ..0. .... = Urgent: Not s。
颈舒颗粒市场潜力分析-洞察研究.docx120日元之冬.txt《登高》杜甫(完整)PPT课件.ppt农耕文化文化长廊教材课件.ppt桩基工程成本控制研究-深度研究.pptx河南新冠肺炎文件-豫建科[2020]63号+豫建科〔2019〕282号.pdf学而思七年级数学培优讲义版(全年级章节培优-绝对经典).pdf基于多源数据的数字孪生融合.pptx2024年高考数学答题卡word版可编辑(9省联考地区用)正反面都三栏(19题).docx广东省揭阳市2023-2024学年高二下学期7月期末考试 历史 Word版含解析.docx赞美诗歌1218首全集.docx环境因素对DNA甲基化影响.pptx
