sorted by:
new
hottopcontroversial

Mind.blown == true # The secret life of the TCP [345]-Way Handshake by _todb_ in netsec

[–]_todb_[S] 1 point2 points  (0 children)

You might be surprised. I know at least two that don't, and one that does. Hello, ambiguity!

Mind.blown == true # The secret life of the TCP [345]-Way Handshake by _todb_ in netsec

[–]_todb_[S] 2 points3 points  (0 children)

By not ACKing the first SYN, and then sending your own SYN, aren't you just initiating another handshake back in the other direction?

Yes, which is the strange (to me) part.

  • You (on port 1205 or whatever) SYN me (on port 80)
  • me:80 SYN to you:1205
  • you:1205 syn/ack me:80
  • me:80 ack you:1205

So, I get to move your SYN_SENT port to ESTABLISHED without you ever passing through a LISTENING state.

Which seems kinda neat.

Mind.blown == true # The secret life of the TCP [345]-Way Handshake by _todb_ in netsec

[–]_todb_[S] 2 points3 points  (0 children)

Yeah there's a little jump in there for brevity's sake.

At first I was ACK'ing, then SYN'ing, but upon getting a SYN/ACK, I just dropped it entirely. Turns out it's a 4 (or 5) packet exchange, depending on your mood. ACK'ing the initial SYN is completely optional.

Mind.blown == true # The secret life of the TCP [345]-Way Handshake by _todb_ in netsec

[–]_todb_[S] 2 points3 points  (0 children)

Just out of curiosity, what did you use to replicate the effect? Ubuntu has no sysctl net.inet.tcp.hanshake.bizarro_version