RE: Port Knocking: Sending Single TCP Packet

Hi

TCP is an connection-oriented protocol which is known as Three-Way
Handshake.
Explanation of the Three-Way Handshake via TCP/IP
http://support.microsoft.com/?id=172983

If you want to control the Three-Way Handshake , you need to use the RAW
socket to compose your own TCP packet in a IP packet to send.
Here are some information for your reference.
SharpPcap - A packet capture framework for .NET
http://www.codeproject.com/csharp/sharppcap.asp#sendPackets

Raw IP Networking FAQ
http://www.whitefang.com/rin/rawfaq.html#10


Best regards,

Peter Huang
Microsoft Online Partner Support

Get Secure! - www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.

.

Relevant Pages

  • Re: iptables strangeness
    ... not during the three way handshake. ... >> the description of the TCP protocol and in iptables. ... >> later packets are considered ESTABLISHED, ... > allowing only the initial outgoing SYN ESTABLISHED match, ...
    (comp.os.linux.security)
  • Re: Any good tool to send packet ?
    ... Is there some good tool to send TCP, UDP and RAW IP packet with user's ...
    (microsoft.public.win32.programmer.networks)
  • Re: [fw-wiz] Firewalls that generate new packets..
    ... You're assuming a blind attack, ... are stymied by hard-to-predict sequence numbers and the attacker ... TCP handshake stage. ... "Prearranged formula decided on during the TCP handshake?" ...
    (Firewall-Wizards)
  • [163/197] tcp: fix ICMP-RTO war
    ... that TCP has a nonzero RTT estimation after three-way ... rttvar and rto right after the three-way handshake is completed ... This will lead to corrupt RTO recalculation and retransmission ...
    (Linux-Kernel)
  • Re: secure UNIX log server
    ... Syslogs generally get sent to port ... UDP doesn't complete a 3-way handshake. ... > cable that can still receive syslog messages on port 514/udp. ... which would need the TCP handshake). ...
    (comp.security.unix)