Send Initials Establishment with airSlate SignNow

Send initials establishment

hello everyone welcome to my channel J networks and technologies in this video we'll look at TCP connection establishment and termination this is one of the most important topics in network communications as well as in ethical hacking perspective this is because to be a good ethical hacker who need to know how the connection established between a client and server client and server connection establishment and then how the connection terminates within them so so the TCP connection establishment occurs before any other TCP features can begin their work connection establishment refers to the process of initializing sequence and acknowledgement fields the one which I have explained in my previous videos you can click on the above link and then find out how the acknowledgement and sequence number walk in the TCP header alright and then agreeing on the port numbers used in the TCP connection so this three-way connection established flow is also called as three-way handshake the connection exists between two sockets although the TCP header has no single socket field of the three parts of a socket the IP address or implied on the base on the source and destination IP addresses in the IP header TCP is implied because of a TCP header is in use as specified by the protocol field in the IP header therefore the only parts of a socket that needs to be encoded in TCP header or the port numbers so if you see my previous videos on TCP header we have a field called destination port and source port so these are the only two ports that will define the function of his socket socket that is because this is TCP header and the TCP header will be encapsulate encapsulated in IP header the IP header will have something called as destination IP and source IP so the socket comprises the IP destination and source IP address the protocol that is TCP and the port numbers destination and source numbers so this two fields or these two headers come will become a socket so along with the T destination port and source port inside the TCP header there are two other fields called as sing flag and ACK flag so if you want to clearly understand how the scene and act flex communicate or used in the communication of source led that is a client and server or two computers so the first packet is sent by the client to server to initiate a communication so as you can see here this is a person sitting on a PC and then the person is sending a initial packet the initial packet will be a simp acket so to know whether the packet is a sin or acknowledgment packet if the syn bit is turned on in the TCP header then then that means that is a simp acket and the destination port will be 4080 because the user is trying to communicate with the web server the web server listens on port number 80 and s port the source port is 4 9 1 1 5 so it is four nine one five five for the client to initiate a communication with the server there should be a source port because on the same source port the web server will respond to so you can see after the web server receives this first packet the second packet will be initiated by web server and in that the TCP header will have two fields as on that is sin and AK so both will be on in the web server field so that the client will understand that is that this is the acknowledgment for the syn packet that I have sent so how does the client and server identify to which syn packet which acknowledgment packet came they have something called as sequence numbers based on the sequence numbers they will understand for example let us say this has a sequence number of 1 so the web server will respond with acknowledgement number of 1 so that it will so the client will understand okay this acknowledgment packet is for the syn packet with a sequence number 1 which I have sent it initially and then the web server will add its own random sequence number let us say that is 234 so the second packet will have source port as 80 because it is responding from the web server and destination put would be for 9 1 5 5 because this port 4 9 155 will be corresponding to the browser session browser session so and this communication will be completely managed by something called as multiplexing the concept of multiplexing I have explained in this video you can click here and then understand the multiplexing concept so the third packet again would be sent by the client and it will send an acknowledgment for the scene it received so this is the scene number 234 sequence number 234 so it will add its own sequence number so 234 to the third packet and send it to the destination port so it will go to the web server and again the source port would be for 9 1 double 5 that means that the web server will receive this packet and open the packet and see that oh this is 234 so the client is sending an acknowledgement for the sin I have sinned so this 3 via step so one two and three is called as three-way handshake so in this way the TCP handshake happens and this session is established so this you can see this is a session established between the client and the web server and then whatever the web browser requests for example google.com or any web site the response will be given in this session so now let's move on to the closing of the session this is in at this is an establishment of session and then the session will be closed in a graceful manner where both client and server will be informing each other that I am going to close the session and the web server will also inform that okay go ahead and close the session the next diagram will show how a session gets closed within a TCP communication so here is the diagram which explains the session closing process that happens in a TCP connection okay this forward termination sequence is straightforward and uses an additional flag called as fin bit so in the TCP header we have seen a syn acknowledgment and this is the third bit that represents fin bit or also called as finish already before the device on PC is a web server and this browser has requested some website like google.com it has browsed all the information that required and the PC wants to close this session so what it does is it sends an acknowledgment and a fin finish so this acknowledgment is for the previous packet that was sent by the server so the server would have sent a scene here and then acknowledgment to the packet that was sent previously by this PC so the cynic goes till the beginning of the packets so this acknowledgement is for this sin that was sent by the PC ordered I'm sorry this sin is for the this sim was sent by the okay then the client that sensei acknowledgment and finished bit as indicating that I want to finish this session so the server will respond by giving in acknowledgment for this fin so this act packet acknowledgment packet that will be set as one in the TCP header will be for this finish and again send a finish termination or the finished bit in a separate packet and gives an acknowledgment for the previous sin sent by the PC so what we find is the first packet would be acknowledgment for the previous sin and then there will be a finish bit saying that I want to finish the termination the server will send an acknowledgment for the finish that was given by the client and then again sends in acknowledgment and finish to the PC that is a client and then in the end the PC gives an acknowledgement for this finish so this is for steps 1 2 3 & 4 those four way handshake that happens for the closure of the session so this four-way handshake or graceful termination this graceful is called as also called as graceful termination happens only in TCP UDP does not have this feature because many protocols operators under the same concept so the terms connection-oriented and condition less used to refer to the general idea of each that is the reason we have two terms called as connection oriented protocol connection oriented and connectionless protocol so this is TCP and this is UDP so connection oriented protocol is the one that requires an exchange of messages like messages which I have told with three-way handshake and this four-way handshake before the data transfer begins or that hasn't pre required pre-established correlation between the two endpoints so there should be a correlation there should be a session and the connectionless protocol that is UDP is a protocol that requires no exchange of messages so there are no exchange of messages for a session to be established and then it does not require a pre-established connection or correlation between the endpoints so this particular TCP closure is very important in the perspective of attacks network based attacks for example a hacker what he does is he sends only syn packets to this PC or the server again he sends another syn packet and syn packets and he does not send this fin packet for the closure of the session so what it what happens this server will have hundreds or even thousands or even millions of sessions open so what happens is it does eats up all the buffer inside the server so this is called as half open session sending just a syn packet and does not responding to the acknowledgment sent by the server that is called as a half open connection or only seen connection or this is also called as is syn flood attack so the sessions if the PC is not able to close these sessions then there would be these hundreds and thousands of sessions open and the buffer will be completely full and the server would stop responding to any other users for example if let us say this is a web server and if only one of the PC is sending millions of sylphid plackets and there will be a kind of dos attack on the server so this is very important to know how the session established and so how the session closes for example if you want to write a script mostly Python script to do a DOS attack on any server if we know that the server is not having any firewall and before that so we can write a script to just send syn packets and does not respond to the acknowledgements or we can also write a script that will send sin and advertisement to the server so that the server will be keeping these sessions open and we do not send if finish packet so this sessions would not be closed so this is one of the several examples that can be exploited in the TCP connection hope you have got information about the TCP connection establishment and termination from this video if you liked this video please like and share and subscribe to my channel thank you