.jpg "Opportunities, Appliacation, Openings"){kind=small}
.jpg "Hand Job, Blow Job, Job Search, Monster Job"){kind=small}
.jpg "pusat resume, daftar kerja, cari kerja"){kind=small}
.jpg "Project Manager, SOftware Engineer, SAP Consultant"){kind=small}
Telnet
The 3-way handshake is as follows:
stage 1 : sync (Request from Telnet Client) stage 2 : sync+ack (Telnet Server Reply) stage 3 : ack (established session) (Telnet Server+Client)
As long there is a bit set in Ack flag of the TCP packet, the ACL will allow the Telnet server to reply to client request from stage 2 onwards if the established keyword is used.
The only different is, the second statement with established command will only permit packet to go through with “Ack bit set” while the first statement does not have this strict requirement. The first statement allows the Telnet server to use port 23 and send a sync packet out trying to establish a session using a local well-known port which will be denied making such a new connection if you have the established keyword.
On 6/13/06, Victor Cappuccio wrote: > Hi There Sami, > > by RFC: 793 > > For a connection to be established or initialized, the two TCPs must > synchronize on each other’s initial sequence numbers. This is done in an > exchange of connection establishing segments carrying a control bit called > “SYN” (for synchronize) and the initial sequence numbers > > So debugging this in the router: > > IP: s=192.10.1.3 (local), d=192.10.1.254 (Ethernet0/0), len 44, sending > > TCP src=21994, dst=23, seq=1223489462, ack=0, win=4128 SYN :::(1 > PKT)::: > > IP: s=192.10.1.254 (Ethernet0/0), d=192.10.1.3 (Ethernet0/0), len 44, rcvd 3 > > TCP src=23, dst=21994, seq=4176947662, ack=1223489463, win=4128 ACK SYN > :::(2 PKT)::: > > > IP: s=192.10.1.3 (local), d=192.10.1.254 (Ethernet0/0), len 40, sending > > TCP src=21994, dst=23, seq=1223489463, ack=4176947663, win=4128 ACK > :::(3 PKT)::: > > Also you can try this links > > http://en.wikipedia.org/wiki/Image:TCP_state_diagram.png > > > http://en.wikipedia.org/wiki/Transmission_Control_Protocol#Connection_establ > ishment > > http://www.onlamp.com/pub/a/bsd/2001/03/26/FreeBSD_Basics.html > > > HTH > Victor. > > > > > —–Mensaje original—– > De: nobody@groupstudy.com [mailto:nobody@groupstudy.com] En nombre de Sami > Enviado el: Lunes, 12 de Junio de 2006 02:00 p.m. > Para: Cisco certification > Asunto: Telnet > > Group, > > This is basic question but still I have problem in understanding it ,what is > the difference between > > permit tcp any eq telnet any > > or > > permit tcp any eq telnet any established > > I think both should allow telnet connection to come in …am I correct ? > > Thanks > > _______________________________________________________________________ > Subscription information may be found at: > http://www.groupstudy.com/list/CCIELab.html > > _______________________________________________________________________ > Subscription information may be found at: > http://www.groupstudy.com/list/CCIELab.html
