TCP:seq/ack 编号是如何产生的?

2021-12-28 00:00:00 networking tcp c++ winpcap

我目前正在开发一个程序,该程序可以嗅探从特定地址发送和接收的 TCP 数据包.我想要完成的是用定制的数据包回复某些收到的数据包.我已经完成了解析.我已经可以生成有效的以太网、IP 和――大多数情况下――TCP 数据包.

I am currently working on a program which sniffs TCP packets being sent and received to and from a particular address. What I am trying to accomplish is replying with custom tailored packets to certain received packets. I've already got the parsing done. I can already generated valid Ethernet, IP, and--for the most part--TCP packets.

我唯一无法弄清楚的是 seq/ack 编号是如何确定的.

The only thing that I cannot figure out is how the seq / ack numbers are determined.

虽然这可能与问题无关,但该程序是使用 WinPCap 用 C++ 编写的.我正在寻求任何可能对我有帮助的提示、文章或其他资源.

While this may be irrelevant to the problem, the program is written in C++ using WinPCap. I am asking for any tips, articles, or other resources that may help me.

推荐答案

当 TCP 连接建立时,每一方都会生成一个随机数作为其初始序列号.这是一个强随机数:如果互联网上的任何人都能猜出序列号,就会存在安全问题,因为他们很容易伪造数据包注入 TCP 流.

When a TCP connection is established, each side generates a random number as its initial sequence number. It is a strongly random number: there are security problems if anybody on the internet can guess the sequence number, as they can easily forge packets to inject into the TCP stream.

此后,每传输一个字节,序列号将增加 1.ACK 字段是来自另一端的序列号,发回确认接收.

Thereafter, for every byte transmitted the sequence number will increment by 1. The ACK field is the sequence number from the other side, sent back to acknowledge reception.

RFC 793 是原始 TCP 协议规范,可以提供很大帮助.

RFC 793, the original TCP protocol specification, can be of great help.

相关文章