In TCP/IP networking, establishing a connection typically starts with a SYN (synchronize) flag and ends with a FIN (finish) flag. This is part of the normal TCP three-way handshake and connection termination process:
SYN (Synchronize): Initiates a connection.
SYN-ACK (Synchronize-Acknowledge): Acknowledges the SYN and responds with a SYN.
ACK (Acknowledge): Acknowledges the SYN-ACK, establishing the connection.
FIN (Finish): Terminates the connection.
Observing a SYN flag at the beginning and a FIN flag at the end of the connection indicates a normal, properly terminated TCP session, establishing a baseline for normal traffic patterns.
References:
EC-Council Certified Network Defender (CND) Study Guide
TCP/IP protocol suite documentation
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit