Re: dunno understand FIN_WAIT1
From: Manas Garg (mls@chakpak.net)Date: 08/23/01
- Previous message: vogt@hansenet.com: "AW: dunno understand FIN_WAIT1"
- In reply to: vogt@hansenet.com: "AW: dunno understand FIN_WAIT1"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 23 Aug 2001 11:40:20 +0530 From: Manas Garg <mls@chakpak.net> To: focus-linux@lists.securityfocus.com Subject: Re: dunno understand FIN_WAIT1 Message-ID: <20010823114020.B29267@cygsoft.com>
On Tue Aug 21, 2001 at 11:58:26AM +0200, vogt@hansenet.com wrote:
> > tcp 0 469 212.68.212.198:www 212.156.70.158:4690
> > FIN_WAIT1 -
>
> TCP does a 3-way handshake for CLOSING a connection, too. that is FIN_WAIT.
> it basically means "we're in the process of closing this connection".
> sometimes, it never makes it and waits for the usual timeout.
TCP does a 4-way (and not 3-way) handshake while closing a connection.
A connection gets into FIN_WAIT_1 state when the application has called closed
on the socket. It will hang in FIN_WAIT_1 state if the application had written
some data to the socket before calling close and that data is still lying in
the kernel send buffers (i.e. it's yet to be transferred to the other party).
There is no timeout associated with this state. So, if the data in send buffers
cannot be transferred, this TCP connection will hang here unless the other
party sends a FIN.
One can look at
http://www.internet2.edu/~shalunov/netkill/
and
http://cert.uni-stuttgart.de/archive/bugtraq/2001/07/msg00544.html
for some discussion on this.
//manas
- Previous message: vogt@hansenet.com: "AW: dunno understand FIN_WAIT1"
- In reply to: vogt@hansenet.com: "AW: dunno understand FIN_WAIT1"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
