The Three-Way Handshake, Ports, and Protocols
Explore the three-way handshake process that establishes and terminates network connections, understand the role of ports in managing network services, and differentiate between TCP and UDP protocols. This lesson prepares you to grasp how Nmap uses these mechanisms to scan and identify open, closed, or filtered ports effectively.
What is a three-way handshake?
Before we start working with Nmap, it’s important that we understand how the three-way handshake works. Most of the scans we’ll be doing with Nmap will involve the requests and responses in a three-way handshake.
The three-way handshake is the protocol by which two computers establish a secure communication channel. There are three steps involved, which is why it’s called three-way handshake.
Establishing connection
Let’s assume there are two computers, a server and a client. Now, this is how a three-way handshake establishes a connection between two computers:
The client sends a packet of data with the SYN (synchronize) flag.
The server responds with an SYN-ACK (synchronize-acknowledgment) flag back to the client.
The client responds to the server with the ACK flag.
More information is passed in ...