TCP – Page 3 – WindowsTechs.com

How underlying protocol, like TLS, determines which TCP payloads should be combined to form a complete PDU? [closed]

Posted on August 14, 2023 by miran80

I understand that the TCP itself provides a byte stream connection, but has no idea nor does it care what its payload is and how it is segmented to fit into individual packets that travel on the wire.
Observing the process in Wireshark, I … Continue reading How underlying protocol, like TLS, determines which TCP payloads should be combined to form a complete PDU? [closed]→

TLS and high-availability [migrated]

Posted on July 31, 2023 by felartu

We have started TLS and MTLS enforcement in all our private customer connections on our servers but we are facing design constraints in regards to High Availability TLS deployments.
For context, we are dealing with long-lived TCP sockets t… Continue reading TLS and high-availability [migrated]→

Possible to determine who on the Internet is resetting (RST) my TCP connection? [closed]

Posted on July 23, 2023 by poiasd

I am investigating censorship in India, and know with a high degree of confidence that it is being blocked based on the SNI extension in the TLS ClientHello.

I am in control of both the Client (in India) and the Server (in Germany). I sus… Continue reading Possible to determine who on the Internet is resetting (RST) my TCP connection? [closed]→

Next movement in IoT pentest when you have restricted information

Posted on May 25, 2023 by Not a Salmon Fish

I am a newbie cyber security engineer working on IoT. Today, a task is given to me. The task was making pentest to a cooker. Because of the privacy, I cannot share the brand of the cooker. The cooker has its own wifi card and connects to w… Continue reading Next movement in IoT pentest when you have restricted information→

Are TCP source and destination port numbers sufficient to determine which packets carrying TLS records belong to a specific TLS session? [closed]

Posted on May 17, 2023 by miran80

I am studying how to determine which packets carrying TLS records belong to the same TLS session (much like Wireshark does).
For a given TLS record that belongs to a specific packet(s), are we always able to determine its relation to its o… Continue reading Are TCP source and destination port numbers sufficient to determine which packets carrying TLS records belong to a specific TLS session? [closed]→

How would you hide yourself whilst conducting a scan on a target network to identify open service ports?

Posted on April 14, 2023 by Thanos

I am working on this question which asks how you would conduct a scan of a target network to identify open service ports without revealing your IP address. It wants details such as IP address obfuscation, requirements to be met to receive … Continue reading How would you hide yourself whilst conducting a scan on a target network to identify open service ports?→

Security Implications of Allowing TCP Forwarding to Use vscode-server

Posted on April 11, 2023 by basse

While setting up a new VPS instance running Ubuntu, I found that I needed to set AllowTcpForwarding yes in /etc/ssh/sshd_config to achieve a remote VS Code connection. I am and will be the sole user who can log in on that instance, root lo… Continue reading Security Implications of Allowing TCP Forwarding to Use vscode-server→

What is sequence number and why is it used as the ACK number for the next ACK packet? [closed]

Posted on April 4, 2023 by Flqmmable

I am currently trying to learn the TCP session creating (3 way handshake) process in detail. I was wondering what the sequence number means and also why is the ack num for the next ACK packet always the sequence number of the previous pack… Continue reading What is sequence number and why is it used as the ACK number for the next ACK packet? [closed]→

TCP connections in proxy logs in splunk [closed]

Posted on March 22, 2023 by cpp

I see a lot of TCP connections in proxy logs in Splunk e.g. tcp://Google.com. I don’t understand if this is user activity or some file reaching out or some website connecting to Google.
For example: Twitter is blocked in our environment. H… Continue reading TCP connections in proxy logs in splunk [closed]→

SSL handshake failure | Client hello(success) -> Server ACK (success) -> server RST (connection closed)

Posted on March 18, 2023 by azhahes.s

I was running MQTT broker in my pc and tried to connect to it via mqtt client in same PC. using x509 cert for mutual tls. SSL Handshake was failing with RST from server. This was happening only in my PC.
When I tried to do the same setup i… Continue reading SSL handshake failure | Client hello(success) -> Server ACK (success) -> server RST (connection closed)→