On 23/05/2012 13:49, Boonie wrote:
Were that packets of a cheap
embeded device? Sounds like a buggy TCP stack to me.
Or he might have a Layer-2 Spanning Tree Loop...
----- Original Message -----
Sent: Wednesday, May 23,
2012 2:13 PM
Subject: Re:
[Wireshark-users] what does the TCP stream mean in wireshark
Thanks! But previously I saw a tcp stream where there are
several TCP connections (I mean mutiple SYN-SYN/ACK-ACK
handshakes)
On Wed, May 23, 2012 at 12:48 PM,
Martin Visser <martinvisser99@xxxxxxxxx>
wrote:
Nangergong,
A TCP stream is a single connection between two IP
addresses, between the two same ports. If you see the
beginning you'll see the SYN-SYN/ACK-ACK handshake, an
will also see the sequence numbers increasing. Some
protocols like HTTP/1.1 can have multiple higher level
conversations on the one connection, so I am not sure that
is what you might be seeing?
Regards, Martin
MartinVisser99@xxxxxxxxx
HI, all:
In wireshark there is an option "Follow the
TCP stream", I'm wondering what does it mean? it
seems that in such a TCP stream there are multiple
TCP connections.
|
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
