If a TCP connection does not complete the three-way handshake within a particular time period, TCP intercept sends a TCP reset to the server, cleaning up the connection.
Which TCP intercept mode does this statement best describe?
Highlight for answer: Watch mode.
Passive Mode.
The TCP intercept can operate in either active intercept mode or passive watch mode. The default is intercept mode.
In intercept mode, the software actively intercepts each incoming connection request (SYN) and responds on behalf of the server with an ACK and SYN, then waits for an ACK of the SYN from the client. When that ACK is received, the original SYN is set to the server and the software performs a three-way handshake with the server. When this is complete, the two half-connections are joined.
In watch mode, connection requests are allowed to pass through the router to the server but are watched until they become established. If they fail to become established within 30 seconds, the software sends a Reset to the server to clear up its state.
.a7.
Aditya Ghanekar.
+91-9987034754.
Comment by .a7. - Aditya Ghanekar. — December 8, 2009 @ 2:52 pm |