This is the second of a series of 9 packets corresponding to the setup and clear-down of a TCP connection. In this case the connection was made to the telnet (terminal) port of the remote computer. The computer accepts the connection and produces a login prompt to the client. Instead of proceeding to login to the server, the client then decides to terminate the connection. In the TCP header, the SYN bit is set to indicate it is part of the synchronisation exchange at the start of a TCP connection. The ACK bit indicates that this is the connection acceptance, sent in response to the TCP connection request.
Following establishment of the connection, the DATA sent by the session is ACKnowledged using ACK segments (i.e. packets with the ACK bit set in the flags field).
0: 0800 2086 354b 00e0 f726 3fe9 0800 4500 .. .5K..÷&?...E.
16: 0028 aafd 0000 fc06 3a56 8b85 e902 8b85 .(....ü.:V......
32: d96e 0017 9005 9431 1028 7214 f130 5010 .n.....1.(r..0P.
48: 2238 1c65 0000 0000 0010 0000 "8.e........
ETHER: ----- Ether Header ----- ETHER: ETHER: Packet 4 arrived at 17:37:23.94 ETHER: Packet size = 60 bytes ETHER: Destination = 8:0:20:86:35:4b, Sun ETHER: Source = 0:e0:f7:26:3f:e9, CISCO Router ETHER: Ethertype = 0800 (IP) ETHER: IP: ----- IP Header ----- IP: IP: Version = 4 IP: Header length = 20 bytes IP: Type of service = 0x00 (normal) IP: Total length = 40 bytes IP: Identification = 43773 IP: Flags = 0x0 IP: .0.. .... = may fragment IP: ..0. .... = last fragment IP: Fragment offset = 0 bytes IP: Time to live = 252 seconds/hops IP: Protocol = 6 (TCP) IP: Header checksum = 3a56 IP: Source address = 139.133.233.2, server.abdn.ac.uk IP: Destination address = 139.133.217.110, client IP: No options IP: TCP: ----- TCP Header ----- TCP: TCP: Source port = 23 TCP: Destination port = 36869 TCP: Sequence number = TCP: Acknowledgement number = TCP: Data offset = TCP: Flags = 0x10 TCP: ..0. .... = No urgent pointer TCP: ...1 .... = Acknowledgement TCP: .... 0... = No push TCP: .... .0.. = No reset TCP: .... ..0. = No Syn TCP: .... ...0 = No Fin TCP: Window = 8760 (0x2238) TCP: Checksum = 0x1c65 TCP: Urgent pointer = 0 TCP: Options: (None) TCP:
SYN-ACK exchange at the start of a TCP session.
The packet header shown is the second packet of the sequence containing the response.
Page updated 3rd May 2005.
Click here to return to the list of packet decodes