2020-05-27 10:13:44 +0000 | received badge | ● Famous Question (source) |
2020-01-23 05:32:06 +0000 | received badge | ● Notable Question (source) |
2019-12-18 22:40:19 +0000 | received badge | ● Popular Question (source) |
2019-05-09 16:43:33 +0000 | commented answer | Help analyzing TCP connection sequence @SYN-bit Oh wait, i think i read it wrong. I thought it was an alert that has something to do with the encrypted session |
2019-05-09 14:45:28 +0000 | commented answer | Help analyzing TCP connection sequence @SYN-bit @Packet_vlad Once again thanks very much for all the info. I seem to understand what's happening. I just don't |
2019-05-09 07:37:10 +0000 | received badge | ● Editor |
2019-05-09 07:37:10 +0000 | edited answer | Help analyzing TCP connection sequence @SYN-bit &@Packet_vlad Morning guys! Took me some time but i captured a example. You can download the .pcap here: ht |
2019-05-09 07:05:10 +0000 | received badge | ● Rapid Responder |
2019-05-09 07:05:10 +0000 | answered a question | Help analyzing TCP connection sequence @SYN-bit &@Packet_vlad Morning guys! Took me some time but i captured a example. You can download the .pcap here: ht |
2019-05-08 16:29:39 +0000 | commented answer | Help analyzing TCP connection sequence @Packet_Vlad & @SYN-bit The capture is still running but as i was afraid: the customer is already off so i don't thi |
2019-05-08 15:27:39 +0000 | commented answer | Help analyzing TCP connection sequence @SYN-bit Capture is already running again. Now i just need to hope the customer is still working and generating a packet |
2019-05-08 15:20:21 +0000 | commented answer | Help analyzing TCP connection sequence @SYN-bit No problem. Unfortunately i've already deleted this trace but since this behaviour is happening regularly, i co |
2019-05-08 15:15:02 +0000 | commented answer | Help analyzing TCP connection sequence @Packet_vlad Alright, that makes sense. But could you also say that in this case it's pretty harsh for 172.24.9.13 to se |
2019-05-08 15:14:37 +0000 | commented answer | Help analyzing TCP connection sequence @Packet_vlad Alright, that makes sense. But could you also say that in this case it's pretty harsh for 172.24.9.13 to se |
2019-05-08 13:54:09 +0000 | commented answer | Help analyzing TCP connection sequence Alright, thanks once again. I need to focus a bit on the ACK's since it's not yet 100% clear to me to see what packet(s) |
2019-05-08 13:51:56 +0000 | commented answer | Help analyzing TCP connection sequence Alright, thanks once again. I need to focus a bit on the ACK's since it's not yet 100% clear to me to see what packet(s) |
2019-05-08 09:30:43 +0000 | marked best answer | Help analyzing TCP connection sequence Hi all, I'm trying to understand the complete flow of a TCP sequence and i think our application is sometimes not closing TCP sessions right but i'm not 100% sure. Please see the following: My concerns are with the closing stage of the TCP connection.
Why am i asking? This is a capture from our firewall. Apparently, something in this connection is triggering a "new connection" on our firewall. I'm suspecting it has something to do with this TCP connection not being closed gracefully and [ACK]'s coming after the [FIN,ACK]'s but i'm not 100% sure. Would be great to get some help! Thanks in advance, Eric |
2019-05-08 09:30:43 +0000 | received badge | ● Scholar (source) |