3: TCP Connect Request

This is the first of a series of 9 packets corresponding to the setup and clear-down of a TCP connection. In this case the connection was made to the telnet (terminal) port of the remote computer. The computer accepts the connection and produces a login prompt to the client. Instead of proceeding to login to the server, the client then decides to terminate the connection.

In the TCP header, the SYN bit is set to indicate it is part of the synchronisation exchange at the start of a TCP connection. This is the connection request.


Hexadecimal Dump of the Packet

           0: 00e0 f726 3fe9 0800 2086 354b 0800 4500    ..÷&?... .5K..E.
          16: 002c 08b8 4000 ff06 9997 8b85 d96e 8b85    .,..@........n..
          32: e902 9005 0017 7214 f114 0000 0000 6002    ......r.......`.
          48: 2238 a92c 0000 0204 05b4                   "8.,......                                     67


Decode of the Packet

ETHER:  ----- Ether Header -----
ETHER:
ETHER:  Packet 3 arrived at 17:37:23.94
ETHER:  Packet size = 58 bytes
ETHER:  Destination = 0:e0:f7:26:3f:e9, CISCO Router
ETHER:  Source      = 8:0:20:86:35:4b, Sun
ETHER:  Ethertype = 0800 (IP)
ETHER:
IP:   ----- IP Header -----
IP:
IP:   Version = 4
IP:   Header length = 20 bytes
IP:   Type of service = 0x00 (normal)
IP:   Total length = 44 bytes
IP:   Identification = 2232
IP:   Flags = 0x4
IP:         .1.. .... = do not fragment
IP:         ..0. .... = last fragment
IP:   Fragment offset = 0 bytes
IP:   Time to live = 255 seconds/hops
IP:   Protocol = 6 (TCP)
IP:   Header checksum = 9997
IP:   Source address = 139.133.217.110, client
IP:   Destination address = 139.133.233.2, server.abdn.ac.uk
IP:   No options
IP:
TCP:  ----- TCP Header -----
TCP:
TCP:  Source port = 36869
TCP:  Destination port = 23 (TELNET)
TCP:  Sequence number = 1913975060
TCP:  Acknowledgement number = 0
TCP:  Data offset = 24 bytes
TCP:  Flags = 0x02
TCP:        ..0. .... = No urgent pointer
TCP:        ...0 .... = No acknowledgement
TCP:        .... 0... = No push
TCP:        .... .0.. = No reset
TCP:        .... ..1. = Syn
TCP:        .... ...0 = No Fin
TCP:  Window = 8760
TCP:  Checksum = 0xa92c
TCP:  Urgent pointer = 0
TCP:  Options: (4 bytes)
TCP:    - Maximum segment size = 1460 bytes
TCP:


SYN-ACK exchange at the start of a TCP session.

The packet header shown is the first packet of the sequence.


Click here to return to the list of packet decodes