SYN/ACK networking? aahhhh help me!

[redhawk14506]

This is a wierd question but I was wondering how exactly a three way handshake in a network works. What is SYN/ACK? I read it but I don't understand it. If someone could simplify it I would be entirely grateful. Thanks.

[Blankman71]

Redhawk,

Here's an article you may find useful:

http://www.scmagazine.com/scmagazine...6/article.html

BTW,

SYN: I believe SYN is nothing more than the initial request for confirmation.

ACK: (From Webopedia): Short for acknowledgement code, a transmission control character used to indicate that a transmitted message was received uncorrupted or without errors or that the receiving station is ready to accept transmissions. The receiver sends the code to the sender to indicate that the transmission has been accepted

[MrLinus]

This is how I explain it to my students.

The 3 way handshake is a type of greeting, like a phone call.

I call you up and say "HI! We'll use the phone to talk and use English as the language(aka SYN)".

You reply with "HI! Ok, We'll use the phone but only hands free phones and we'll use English, OK? (aka SYN, ACK)"

I reply with "Okie-dokies. Blah blah blah" (aka ACK). Service now continues until one of us decides to close (FIN) the link.

Hope it helps.

Look through the tutorials here at the site. There is TONNES of good info on TCP/IP and how it works.

Originally posted here by Blankman71


SYN: I believe SYN is nothing more than the initial request for confirmation.

ACK: (From Webopedia): Short for acknowledgement code, a transmission control character used to indicate that a transmitted message was received uncorrupted or without errors or that the receiving station is ready to accept transmissions. The receiver sends the code to the sender to indicate that the transmission has been accepted

SYN is used for more than just initial request. It is the SYNcronization flag. The other flags include ACK, FIN, RST, PUSH and URG. Knowing how the flags work can help understand how various DoS attacks work as well as scans.

[smirc]

SYN is short for synchronise. The initial SYN packet is sent by the connecting host to the remote host to let the remote host know that someone wants to talk and the options it wants to use for the connection.

The remote host reads this packet and then sends a SYN/ACK. A SYN/ACK packet serves two functions. The ACK part of this packet acknowledges the previous SYN packet sent from the host. The SYN part of the packet lets the host know that the remote host wants communicate via an open socket. Remember, you have to have a socket open on both ends to communicate. The SYN and ACK are put in the same packet to save on the overhead of sending these packets separately. This is known as piggybacking in TCP/IP.

If all goes well, the original host then sends an ACK to acknowledge the SYN/ACK and the remote host receives this and the socket on its side is ready to talk. This is when the accept() function returns on the remote listening socket (for all you coders out there).

Hope that helps.