欢迎来到天天文库
浏览记录
ID:45566788
大小:56.40 KB
页数:9页
时间:2019-11-14
《tcp数据包分析》由会员上传分享,免费在线阅读,更多相关内容在工程资料-天天文库。
1、计算机科学与技术学院实验报告(电子版)课程:TCP/IP协议分析实验名称TCP指导老师姓名学号班级实验地点实验日期成绩一、实验内容:1.TCP协议中的三次握手、数据传送和四次挥手二、实验目的:抓取TCP数据包进行分析三、涉及实验的相关情况介绍(包含使用软件或实验设备等情况人Windows系统。四、程序清单与测试数据:120^60个厂门⑴报文段161.TCP报文格式:A4ia地绪16位口的WH1堆站I6fiz序号32位II2、认是有效的PSH请求推送RST链接复位SYN同步序号FIN终止连接TCP三次握手容户站服务端客户端发送sxo报文•并置发送序号为XSYN=1Seq=XSYN=1ACK=X>1Seq=Y服务端发送syn+ackIR文■并置发送IT号为Y,在确认序号为X+1客户端发送ack报文,并置发送序号为乙在确认序号为Y+1抓取数据包:■359512.286153192.168.33.24192.168.8.32TCP■359612.286693192.168.8.32192.168.33.24TCP■359712.286729192.168.33•24192.168.8.32TCP图1-2三次握手三3、次握手数据第一次握手:建立连接时,客户端192.168.33.24发送SYN包(SYN二1)到服务器192.168.8.32,等待服务器确认。00a915005aOf08clf920dbf20496a48Odo0821oaoO50014C8O0800O1oO810302006803caoO5001dcoocb3432bb56c5af6o第一次握手十六进制数据包000000001010010100000000111101100000100001101100001000000000010100000100000丄丄0丄0001111000011010000101011001000001014、10011000000001011010000000010丄0丄0丄00丄11010101010110101100000011000001000000001101101100000001000丄0丄0丄110001100000111110101000111110010000000011110010000000110丄00丄丄丄丄00001000010000000010000100000000000000000000000000000011丄丄丄丄丄00丄00000000000000000001100000010101000000000000000000000000丄000丄丄000105、00101100000001100000010011001100000000000001000000001丄000丄00丄00000000000001101010100011011010000000100000010000000001第一次握手二进制数据包Clf9(49657):源端口地址。99da6cb3:序号(32位)。8002:SYN=10015(21):目的端口地址00000000:确认号(32位)URGACKPSIIRSTSYNFIN0000102000:窗口尺寸dbf2:校验和0000:紧急指针第二次握手:服务器192.168.8.32收到SYN包,必须确认客户192.166、8.33.24的SYN(ACK二SYN+1),同时自己也发送一个SYN包(SYN二k),即SYM+ACK包.0821031050014C8O0040O2bO88C3006098-d3fadof0914c9o5444ldlb91b5-d14oa6b4Iodoof5207406090cofo5010dococ75236If5foa-d7o29480283100co1o480240第二次握手十六进制数据包100011001010100100000000000100010010000101001011010000000000010100000100100010010001010100110107、01101010000011000000101000000000010110100000000101010010101001111011111111100000000000000100110010010101000000001001111001111100101100111101010000001010111011010111100100000001111010101000010000000000000001000110000010110110
2、认是有效的PSH请求推送RST链接复位SYN同步序号FIN终止连接TCP三次握手容户站服务端客户端发送sxo报文•并置发送序号为XSYN=1Seq=XSYN=1ACK=X>1Seq=Y服务端发送syn+ackIR文■并置发送IT号为Y,在确认序号为X+1客户端发送ack报文,并置发送序号为乙在确认序号为Y+1抓取数据包:■359512.286153192.168.33.24192.168.8.32TCP■359612.286693192.168.8.32192.168.33.24TCP■359712.286729192.168.33•24192.168.8.32TCP图1-2三次握手三
3、次握手数据第一次握手:建立连接时,客户端192.168.33.24发送SYN包(SYN二1)到服务器192.168.8.32,等待服务器确认。00a915005aOf08clf920dbf20496a48Odo0821oaoO50014C8O0800O1oO810302006803caoO5001dcoocb3432bb56c5af6o第一次握手十六进制数据包000000001010010100000000111101100000100001101100001000000000010100000100000丄丄0丄000111100001101000010101100100000101
4、10011000000001011010000000010丄0丄0丄00丄11010101010110101100000011000001000000001101101100000001000丄0丄0丄110001100000111110101000111110010000000011110010000000110丄00丄丄丄丄00001000010000000010000100000000000000000000000000000011丄丄丄丄丄00丄00000000000000000001100000010101000000000000000000000000丄000丄丄00010
5、00101100000001100000010011001100000000000001000000001丄000丄00丄00000000000001101010100011011010000000100000010000000001第一次握手二进制数据包Clf9(49657):源端口地址。99da6cb3:序号(32位)。8002:SYN=10015(21):目的端口地址00000000:确认号(32位)URGACKPSIIRSTSYNFIN0000102000:窗口尺寸dbf2:校验和0000:紧急指针第二次握手:服务器192.168.8.32收到SYN包,必须确认客户192.16
6、8.33.24的SYN(ACK二SYN+1),同时自己也发送一个SYN包(SYN二k),即SYM+ACK包.0821031050014C8O0040O2bO88C3006098-d3fadof0914c9o5444ldlb91b5-d14oa6b4Iodoof5207406090cofo5010dococ75236If5foa-d7o29480283100co1o480240第二次握手十六进制数据包10001100101010010000000000010001001000010100101101000000000001010000010010001001000101010011010
7、01101010000011000000101000000000010110100000000101010010101001111011111111100000000000000100110010010101000000001001111001111100101100111101010000001010111011010111100100000001111010101000010000000000000001000110000010110110
此文档下载收益归作者所有