資源描述:
《基于wireshark的TCP和UDP報文分析》由會員上傳分享,免費(fèi)在線閱讀��,更多相關(guān)內(nèi)容在教育資源-天天文庫����。
1、《計算機(jī)網(wǎng)絡(luò)基礎(chǔ)》課程報告基于Wireshark的TCP和UDP報文分析院系:班級:學(xué)號:姓名:教師:2012年11月4日9目錄一TCP連接時的三次握手··································3二TCP連接釋放時的四次握手······························5三UDP報文分析··········································73.1UDP報文結(jié)構(gòu)······································73.2UDP檢驗和的計算·····
2����、····························7四結(jié)束語···············································99一����、TCP連接時的三次握手TCP協(xié)議為終端設(shè)備提供了面向連接的����、可靠的網(wǎng)絡(luò)服務(wù)。TCP在交換數(shù)據(jù)報文段之前要在發(fā)送方和接收方之間建立連接�。客戶是連接的發(fā)起者�,服務(wù)器是被動打開和客戶進(jìn)行聯(lián)系。具體的過程如下所述��。第一次握手:客戶發(fā)送SYN=1�,seq=0的TCP報文給服務(wù)器Ps:客戶的TCP向服務(wù)器發(fā)出連接請求報文段,其首部中的同步位SYN=1���。序號seq=0�,表明報文中未攜帶數(shù)據(jù)
3��、�。報文如下:源端口號:56644(56644)目的端口號:http(80)[Streamindex:0]Sequencenumber:0(relativesequencenumber)Headerlength:32bytesFlags:0x02(SYN)000.........=Reserved:Notset9...0........=Nonce:Notset....0.......=CongestionWindowReduced(CWR):Notset.....0......=ECN-Echo:Notset......0.....=Urg
4、ent:Notset.......0....=Acknowledgement:Notset........0...=Push:Notset.........0..=Reset:Notset..........1.=Syn:Set...........0=Fin:NotsetWindowsize:8192Checksum:0x1030[validationdisabled]Options:(12bytes)第二次握手:服務(wù)器發(fā)送SYN=1���,ACK=1����,seq=0的TCP報文給客戶Ps:服務(wù)器的TCP收到客戶發(fā)來的連接請求報文段后,如同意�,則發(fā)
5、回確認(rèn)�����。服務(wù)器在確認(rèn)報文段中應(yīng)使SYN=1��,使ACK=1�。序號seq=0���,表明報文中未攜帶數(shù)據(jù)�����。報文如下:源端口號:http(80)目的端口號:56644(56644)[Streamindex:0]Sequencenumber:0(relativesequencenumber)Acknowledgementnumber:1(relativeacknumber)Headerlength:32bytesFlags:0x12(SYN,ACK)000.........=Reserved:Notset...0........=Nonce:Notset
6��、....0.......=CongestionWindowReduced(CWR):Notset.....0......=ECN-Echo:Notset......0.....=Urgent:Notset.......1....=Acknowledgement:Set........0...=Push:Notset.........0..=Reset:Notset..........1.=Syn:Set...........0=Fin:NotsetWindowsize:5840Checksum:0x54f6[validationdisabl
7����、ed]Options:(12bytes)第三次握手:客戶發(fā)送ACK=1的TCP報文給服務(wù)器Ps:客戶收到報文段后向服務(wù)器給出確認(rèn),其ACK=1�。客戶的TCP通知上層應(yīng)用進(jìn)程���,連接已經(jīng)建立�����。服務(wù)器的TCP收到主機(jī)客戶的確認(rèn)后��,也通知其上層應(yīng)用進(jìn)程��,TCP連接已經(jīng)建立��。9報文如下:源端口號:56644(56644)目的端口號:http(80)[Streamindex:0]Sequencenumber:1(relativesequencenumber)Acknowledgementnumber:1(relativeacknumber)Header
8��、length:20bytesFlags:0x10(ACK)000.........=Reserved:Notset...0........=Nonce:Notset....0..
