Full Disclosure mailing list archives
Re: Reverse engineering the Windows TCP stack
From: pretty vacant <optimist () eurocompton net>
Date: Thu, 31 Mar 2005 13:11:42 -0500 (EST)
FYI: TcpMaxConnectRetransmissions Key: Tcpip\Parameters Value Type: REG_DWORD - Number Valid Range: 0 - 0xFFFFFFFF Default: 5 Description: This parameter determines the number of times that TCP retransmits a connect request (SYN) before aborting the attempt. The retransmission timeout is doubled with each successive retransmission in a particular connect attempt. The initial timeout value is three seconds. -----Original Message----- From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Nicolas RUFF (lists) Sent: Thursday, March 31, 2005 1:03 PM To: full-disclosure () lists grok org uk Subject: Re: [Full-disclosure] Reverse engineering the Windows TCP stack
Hey, I am looking for Windows TCP/IP stack information, I would like to know why it behaves inconsistently to SYN|FIN|URG|PSH!I'm curious about this one too...can you guys keep the replies on the
list? Well, at least when you try to connect to a closed port, Windows retries several times (SYN) even when RST has been received. My Linux don't. -> "telnet <non firewalled ip> <closed port>" while running Ethereal. However I am not sure whereas it is the TCP/IP stack or the Winsock layer that induces this behaviour. TCP/IP fingerprinting relies on such oddities, I guess a little Googling would help. Regards, - Nicolas RUFF _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Reverse engineering the Windows TCP stack, (continued)
- Re: Reverse engineering the Windows TCP stack Thierry Zoller (Mar 25)
- Re: Reverse engineering the Windows TCP stack Vladamir (Mar 25)
- Re: Reverse engineering the Windows TCP stack ADT (Mar 25)
- Re: Reverse engineering the Windows TCP stack Thierry Zoller (Mar 26)
- Re: Reverse engineering the Windows TCP stack Vladamir (Mar 26)
- Re: Reverse engineering the Windows TCP stack Georgi Guninski (Mar 28)
- Re: Reverse engineering the Windows TCP stack NSC (Mar 29)
- Re: Reverse engineering the Windows TCP stack Vladamir (Mar 24)
- Re: Reverse engineering the Windows TCP stack Thierry Zoller (Mar 31)