chapter 7: objectives part 1 describe the purpose of the transport layer in managing the...
TRANSCRIPT
Chapter 7: Objectives
Part 1Describe the purpose of the transport layer in managing the transportation of data in end-to-end communication.Describe characteristics of the TCP and UDP protocols, including port numbers and their uses.
Part 2Explain how TCP session establishment and termination processes facilitate reliable communication.Explain how TCP protocol data units are transmitted and acknowledged to guarantee delivery.Explain the UDP client processes to establish communication with a server.Determine whether high-reliability TCP transmissions, or non-guaranteed UDP transmissions, are best suited for common applications. 1
The Transport Layer
Encapsulation
S.P / D.P. / S.N. / Ack # / … DATA
DATA
IPv / HLEN / Flag / S. IP / D. IP / … DATA (SEGMENT)
Frame Header DATA (PACKET) Trailer
111010110101011100001001011010101010010101010101101101010001010101010110101010
SEGMENT
PACKET
FRAME
3
4
DataHTTP Header
TCP Header
IP Header
Data Link Header
Data Link Trailer
IP PacketData Link Header
Data Link Trailer
IP PacketData Link Header
Data Link Trailer
IP PacketData Link Header
Data Link Trailer
IP PacketData Link Header
Data Link Trailer
IP PacketData Link Header
Data Link Trailer
IP PacketData Link Header
Data Link Trailer
DataHTTP Header
TCP Header
IP Header
Data Link Header
Data Link Trailer
Reminder of encapsulation/decapsulation
5
Focus on Transport LayerTCP
TCP
Role of the Transport Layer
The Transport Layer is responsible for establishing a temporary communication session between two applications and delivering data between them.
It regulates the flow of information from source to destination, reliably and accurately.
TCP UDP
6
1. Tracking the individual communication between applications on the source and destination hosts
2. Segmenting data for manageability and reassembling segmented data into streams of application data at the destination
3. Identifying the proper application for each communication stream
www.cisco.com
TCP Segment
TCP Segment
TCP Segment
TCP Segment
Transport Layer Responsibility
7
8
What two protocols are at the Transport Layer? TCP UDP
IP is a best-effort delivery service. What does that mean? No guarantees Best-effort service “Unreliable service”
TCP/UDP is responsible for extending IP’s delivery service between two end systems.
Tracking Individual Conversations
Any host on a network can have multiple applications that are communicating simultaneously. It is the responsibility of the Transport layer to maintain the
multiple communication streams between these applications.9
10
A single client may have multiple transport connections with multiple servers.
Notice that TCP is a connection-oriented service (two-way arrow) between the hosts, whereas UDP is a connectionless service (one-way arrow) . (later)
TCPTCP
TCP
TCP
TCP
TCP
HTTPHTTP
FTP
TCP
SMTP
TCP
Cabrillo Web Server
ISP’s Email and FTP Server
Identifying the Application
11
The transport layer assigns each application an identifier called a port number. The transport layer uses ports to identify the application or service.
0 15 16 31
16-bit Source Port Number
16-bit Destination Port Number
32-bit Sequence Number
32 bit Acknowledgement Number
4-bit Header Length
6-bit (Reserved)
URG
ACK
PSH
RST
SYN
FIN
16-bit Window Size
16-bit TCP Checksum
16-bit Urgent Pointer
Options (if any)
Data (if any)
TCP Header
HTTP is Port 80
UDP Header
12
To pass data streams to the proper applications, the Transport layer must identify the target application. Accomplished by referencing the port number in the header.
Each software process that needs to access the network is assigned a port number unique in that host. This port number is used in the transport layer header to indicate
to which application that piece of data is associated. More later!
segment segment
13
Segmenting and Reassembling Segments
Some transport layer protocols can also reassemble the data pieces into streams to be passed to the application layer.
14
Transport Layer Protocols TCP/IP uses two transport layer protocols:
Transmission Control Protocol (TCP) User Datagram Protocol (UDP)
Acronym Alert
15
TCP versus UDP
Two protocols for different types of traffic.
TCP UDP
16
TCP is a more complex protocol.
0 15 16 31
16-bit Source Port Number
16-bit Destination Port Number
32-bit Sequence Number
32 bit Acknowledgement Number
4-bit Header Length
6-bit (Reserved)
URG
ACK
PSH
RST
SYN
FIN
16-bit Window Size
16-bit TCP Checksum
16-bit Urgent Pointer
Options (if any)
Data (if any)
TCP Header UDP Header
17
TCP Segment and UDP Datagram
18
TCP
TCP is considered a reliable transport protocol. Introduced in RFC 793. It includes processes to ensure reliable delivery between. Analogous to sending packages using FedEx.
With TCP, the three basic operations of reliability are: Tracking transmitted data segments Acknowledging received data Retransmitting any unacknowledged data
Jon Postel made many significant contributions to the development of the Internet, particularly in the area of standards.
He is principally known for being the editor of the Request for Comment (RFC) document series, and for serving as the Internet Assigned Numbers Authority (IANA) until his death.
(1943 – 1998)
19
TCP The user uses FTP to upload a file to an FTP server.
20
UDP
Providing the reliability functions of TCP also adds additional overhead.
UDP provides just the basic functions for delivering data segments between the appropriate applications, with very little overhead and data checking. It is known as a best-effort delivery protocol. Analogous to sending a regular, non-registered, letter in the mail.
0 15 16 31
16-bit Source Port Number
16-bit Destination Port Number
16-bit UDP Length
16-bit UDP Checksum
Data (if any)
21
UDP The user uses TFTP to upload a file to a TFTP server.
22
TCP
TCP Services
TCP provides reliable delivery on top of unreliable IP In addition to supporting the basic functions of data segmentation
and reassembly, TCP also provides: Reliable delivery Error checking Flow control Congestion control Ordered delivery Connection establishment
0 15 16 31
16-bit Source Port Number
16-bit Destination Port Number
32-bit Sequence Number
32 bit Acknowledgement Number
4-bit Header Length
6-bit (Reserved)
URG
ACK
PSH
RST
SYN
FIN
16-bit Window Size
16-bit TCP Checksum
16-bit Urgent Pointer
Options (if any)
Data (if any)
24
Transmission Control Protocol (TCP)
Connection-oriented protocol, described in RFC 793. TCP incurs additional overhead to gain functions. Each TCP segment adds a 20 byte header to the Application
layer data. Applications that use TCP include:
Web Browsers E-mail File Transfers
The TCP PDU is called a segment.
HTTP FTP SMTP
25
Segmenting Data
TCP encapsulates data into multiple segments. Segments are required to make network communication efficient.
The segments header contain: Source port number to help keep track of individual conversations. Destination port number to enable a receiving host to forward the
data to the appropriate application. Sequence numbers help segmenting and reassembling segments. Window size to help with flow control. Error checking mechanisms.
Application Data (100,000 bytes)
1-1000 1001-2000 2001-3000 3001-4000 4001-5000 …
TCP 1-1000 TCP Segment
26
Reassembling Segments
At the receiving host, each segment is examined and reconstructed into a complete data stream using the sequence numbers. Missing segments can be requested from the source.
It is then directed to the appropriate application identified in the segment header.
0 15 16 31
16-bit Source Port Number
16-bit Destination Port Number
32-bit Sequence Number
32 bit Acknowledgement Number
4-bit Header Length
6-bit (Reserved)
URG
ACK
PSH
RST
SYN
FIN
16-bit Window Size
16-bit TCP Checksum
16-bit Urgent Pointer
Options (if any)
Data (if any)
27
Same Order Delivery
Having taken different routes to the destination, the segments arrive out of order.
Segments can arrive out-of-order but are reorganized using sequence numbers.
NOTE:•Establishing a Session, Reliable Delivery, and Flow Control will be discussed later.
28
TCP Header
29
Sample TCP Segment CaptureSource Port (16) Destination Port (16)
Sequence Number (32)
Acknowledgement Number (32)
Header Length (4)
Reserved (6)Control Bits
(6)Window (16)
Checksum (16) Urgent (16)
Options
Application Layer Data
30
Source Port (16) Destination Port (16)
Sequence Number (32)
Acknowledgement Number (32)
Header Length (4)
Reserved (6)Control Bits
(6)Window (16)
Checksum (16) Urgent (16)
Options
Application Layer Data
Source Port (16 bits)
– Number of the calling port.
– Dynamically assigned to the sending host.
– Number ranges from 1024 to 65,535.
– The source port makes it possible to have multiple sessions of FTP running simultaneously.
Source Port (16 bits)
– Number of the calling port.
– Dynamically assigned to the sending host.
– Number ranges from 1024 to 65,535.
– The source port makes it possible to have multiple sessions of FTP running simultaneously.
31
Source Port (16) Destination Port (16)
Sequence Number (32)
Acknowledgement Number (32)
Header Length (4)
Reserved (6)Control Bits
(6)Window (16)
Checksum (16) Urgent (16)
Options
Application Layer Data
Destination Port (16 bits)
– Number of the called port.
– Sending host usually selects a number between 1 and 1023.
– End systems use the same port numbers to select the proper application.
– E.g., when telnetting, Telnet on the source (port 23) is talking to Telnet on the destination (port 23).
Destination Port (16 bits)
– Number of the called port.
– Sending host usually selects a number between 1 and 1023.
– End systems use the same port numbers to select the proper application.
– E.g., when telnetting, Telnet on the source (port 23) is talking to Telnet on the destination (port 23).
32
Source Port (16) Destination Port (16)
Sequence Number (32)
Acknowledgement Number (32)
Header Length (4)
Reserved (6)Control Bits
(6)Window (16)
Checksum (16) Urgent (16)
Options
Application Layer Data
Sequence Number (32 bits)
– Used to establish reliability.
– Number ensures correct sequencing of arriving data.
– Identifies the position in the sender’s byte stream of data.
Sequence Number (32 bits)
– Used to establish reliability.
– Number ensures correct sequencing of arriving data.
– Identifies the position in the sender’s byte stream of data.
33
Source Port (16) Destination Port (16)
Sequence Number (32)
Acknowledgement Number (32)
Header Length (4)
Reserved (6)Control Bits
(6)Window (16)
Checksum (16) Urgent (16)
Options
Application Layer Data
Acknowledgement Number (32 bits)
– Used to establish reliability.
– Next expected TCP octet.
Acknowledgement Number (32 bits)
– Used to establish reliability.
– Next expected TCP octet.
34
Source Port (16) Destination Port (16)
Sequence Number (32)
Acknowledgement Number (32)
Header Length (4)
Reserved (6)Control Bits
(6)Window (16)
Checksum (16) Urgent (16)
Options
Application Layer Data
Header Length (4 bits)
– Known as ʺdata offsetʺ.
– Indicates the length of the TCP segment header.
Header Length (4 bits)
– Known as ʺdata offsetʺ.
– Indicates the length of the TCP segment header.
35
Source Port (16) Destination Port (16)
Sequence Number (32)
Acknowledgement Number (32)
Header Length (4)
Reserved (6)Control Bits
(6)Window (16)
Checksum (16) Urgent (16)
Options
Application Layer Data
Control Bits (Flags) (6 bits)
– Includes bit codes, or flags, that indicate the purpose and function of the TCP segment.
Control Bits (Flags) (6 bits)
– Includes bit codes, or flags, that indicate the purpose and function of the TCP segment.
36
Source Port (16) Destination Port (16)
Sequence Number (32)
Acknowledgement Number (32)
Header Length (4)
Reserved (6)Control Bits
(6)Window (16)
Checksum (16) Urgent (16)
Options
Application Layer Data
Window (16 bits)
– Number of octets that the receiver is willing to accept.
– This number can be adjusted while data is being transmitted.
Window (16 bits)
– Number of octets that the receiver is willing to accept.
– This number can be adjusted while data is being transmitted.
37
Source Port (16) Destination Port (16)
Sequence Number (32)
Acknowledgement Number (32)
Header Length (4)
Reserved (6)Control Bits
(6)Window (16)
Checksum (16) Urgent (16)
Options
Application Layer Data
Checksum (16 bits)
– Calculated checksum of the header and data fields.
Checksum (16 bits)
– Calculated checksum of the header and data fields.
38
Port Numbers
40
Both TCP and UDP use ports (or sockets) numbers to pass information to the upper layers.
0 15 16 31
16-bit Source Port Number
16-bit Destination Port Number
32-bit Sequence Number
32 bit Acknowledgement Number
4-bit Header Length
6-bit (Reserved)
URG
ACK
PSH
RST
SYN
FIN
16-bit Window Size
16-bit TCP Checksum
16-bit Urgent Pointer
Options (if any)
Data (if any)
TCP Header
HTTP is Port 80
UDP Header
41
The application this TCP segment came from.
The application this TCP segment is going to.
The application this TCP segment came from.
The application this TCP segment is going to.
42
Application Header + dataPort numbers are used by
the receiver so it knows which application it should
send the “Data” to.
Application Header + dataPort numbers are used to
by the sender to tell the receiver which network
application it should use for the “Data”.
Port Number
Port Number
43
http://www.iana.org/assignments/port-numbers
TBA The Internet Assigned Numbers Authority (IANA) assigns port
numbers.
44
Well Known Ports (Numbers 0 to 1023) Reserved for common services and
applications Client: TCP destination port Server: TCP source port
Well Known or Registered Port Number
Well Known or Registered Port Number
45
Well Known or Registered Port Number
Well Known or Registered Port Number
Registered Ports (Numbers 1024 to 49151) Assigned to user processes or
applications. Non-common applications.
Client: TCP destination port Server: TCP source port
May also be used as dynamic or private port (next).
46
Dynamic or Private Ports (Numbers 49152 to 65535) Also known as Ephemeral Ports Usually assigned dynamically to client applications when initiating a
connection. Client: TCP source port Server: TCP destination port
May also include the range of Registered Ports (Numbers 1024 to 49151)
Well Known or Registered Port Number
Private/Dynamic Port Number
Well Known or Registered Port Number
Private/Dynamic Port Number
47
Client Server
Telnet
48
Client sends TCP segment with: Destination Port: 23 (Well known port number) Source Port: 1028 (Dynamic Port assigned by client)
Client TCP Header0 15 16 31
16-bit Source Port Number
16-bit Destination Port Number
32-bit Sequence Number
32 bit Acknowledgement Number
4-bit Header Length
6-bit (Reserved)
URG
ACK
PSH
RST
SYN
FIN
16-bit Window Size
16-bit TCP Checksum
16-bit Urgent Pointer
Options (if any)
Data (if any)
231028
Data for Telnet
Client Server
49
Server responds with TCP segment with: Destination Port: 1028 (Dynamic Port assigned by client) Source Port: 23 (Well known port number)
Server TCP Header0 15 16 31
16-bit Source Port Number
16-bit Destination Port Number
32-bit Sequence Number
32 bit Acknowledgement Number
4-bit Header Length
6-bit (Reserved)
URG
ACK
PSH
RST
SYN
FIN
16-bit Window Size
16-bit TCP Checksum
16-bit Urgent Pointer
Options (if any)
Data (if any)
102823
Data for Telnet
Client Server
50
Notice the difference in how source and destination port numbers are used with clients and servers:
Client (initiating Telnet service): Destination Port = 23 (telnet) Source Port = 1028 (dynamically assigned)
Server (responding to Telnet service): Destination Port = 1028 (source port of client) Source Port = 23 (telnet)
51
Same client to same server - Two different HTTP sessions Client: Same destination port Client: Different source ports to uniquely identify this web session.
4989049888
52
C:\Users\rigrazia>netstat -n
Active Connections
Proto Local Address Foreign Address State TCP 192.168.1.101:49888 198.133.219.25:80 TIME_WAIT TCP 192.168.1.101:49890 198.133.219.25:80 TIME_WAIT
C:\Users\rigrazia>
TCP or UDP
Source Port
Destination IP
Destination Port Connection State
Source IP
4989049888
53
What makes each connection unique? How does the server know which source port 49888 is who?
Connection defined by the pair of numbers: Source IP address, Source port (From Client to Server) Destination IP address, Destination port (From Server to
Client) Different connections can use the same destination port on server
host as long as the source ports or source IPs are different.
192.168.1.101
172.16.5.5
Destination Port
8080
80
Source Port
49890
49888
Source Port
198.133.219.2549888
www.cisco.com
Sockets
Combining the transport layer port number and the network layer IP address uniquely identifies a particular application process running on an individual host device. This combination is called a socket.
A socket pair, consisting of the source and destination IP addresses and port numbers, is also unique and identifies the specific conversation between the two hosts.
192.168.1.101 Destination Port
80
Source Port 198.133.219.25
49888
www.cisco.com
54
Socket Port Number Example
A client socket might look like this, representing the source IP address and source port number: 192.168.1.101:49888
The socket on a web server might be, representing the destination IP address and destination port number: 192.133.219.25:80
Together, these two sockets combine to form a socket pair: 192.168.1.101:49888, 192.133.219.25:80
192.168.1.101 Destination Port
80
Source Port 198.133.219.25
49888
www.cisco.com
55
56
Note: When downloading a web document and its objects it is common that there will be several TCP sessions created.
netstat –n www.cisco.comwww.google.com
TCP or UDP Source Port
Destination IPDestination Port
Connection StateSource IP
Client Requesting a Webpage
57
Server Replying to the Client
58
Socket Port Number Example
So who makes sure that applications are assigned a specific port number?
59
Port Numbers
The Internet Assigned Numbers Authority (IANA) assigns port numbers. The IANA is a standards body that is responsible is responsible
for the global coordination of the DNS Root, IP addressing, and other Internet protocol resources
Port numbers range from 0 to 65535 (16 bits). There are three categories of port numbers:
Well Known PortsWell Known Ports (0 – 1023) Registered PortsRegistered Ports (1024 – 49151) Private and/or Dynamic PortsPrivate and/or Dynamic Ports (49152 – 65535)
60
61
Well Known Ports (Numbers 0 to 1023) Reserved for common services and
applications Client: TCP destination port Server: TCP source port
Well Known or Registered Port Number
Well Known or Registered Port Number
62
Well Known or Registered Port Number
Well Known or Registered Port Number
Registered Ports (Numbers 1024 to 49151) Assigned to user processes or
applications. Non-common applications.
Client: TCP destination port Server: TCP source port
May also be used as dynamic or private port (next).
63
Dynamic or Private Ports (Numbers 49152 to 65535) Also known as Ephemeral Ports Usually assigned dynamically to client applications when initiating a
connection. Client: TCP source port Server: TCP destination port
May also include the range of Registered Ports (Numbers 1024 to 49151)
Well Known or Registered Port Number
Private/Dynamic Port Number
Well Known or Registered Port Number
Private/Dynamic Port Number
Transport Layer Port Numbers
Hypertext Transfer Protocol (HTTP) - TCP Port 8080 HTTP Secure (HTTPs) - TCP Port 443443 Simple Mail Transfer Protocol (SMTP) - TCP Port 2525 Post Office Protocol (POP) - TCP Port 110110 Telnet - TCP Port 2323 File Transfer Protocol (FTP) - TCP Ports 2020 & 2121 Trivial FTP (TFTP) - UDP 6969 Domain Name System (DNS) - TCP/UDP Port 5353 Dynamic Host Configuration Protocol - UDP Port 67 & 6867 & 68
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
64
TCP/IP Application Layer Protocols
ApplicationApplication LayerLayer
TransportTransport LayerLayer
Internet Internet LayerLayer
NetworkNetworkAccessAccess LayerLayer LAN / WAN
IP
TCP UDP
FTP HTTP SMTP Telnet TFTP SNMP DHCP DNS
20 & 2120 & 21 8080 2525 2323 6969 161161 67 & 6867 & 68 5353
65
Which Connections Are Open on a Host?
Sometimes it is necessary to know which active TCP connections are open and running on a networked host.
Netstat is a network utility that can be used to verify those connections. It lists the protocol in use, the local address and port number, the
foreign address and port number, and the state of the connection.
Apples-MacBook-Pro:~ rigrazia$ netstat Active Internet connectionsProto Recv-Q Send-Q Local Address Foreign Address (state) tcp4 0 0 10.0.0.108.54500 a184-51-102-51.d.http ESTABLISHEDtcp4 0 0 10.0.0.108.54485 g1.v.fwmrm.net.http ESTABLISHEDtcp6 0 0 2601:9:6800:1e6:.54455 nuq05s01-in-x11..https ESTABLISHEDtcp6 0 0 2601:9:6800:1e6:.54419 edge-star6-shv-0.https ESTABLISHEDtcp6 0 0 2601:9:6800:1e6:.54400 2001:559:0:54::6.https ESTABLISHEDtcp4 0 0 10.0.0.108.54385 a184-51-102-42.d.http CLOSE_WAIT tcp4 0 0 10.0.0.108.54368 a184-84-222-181..macro ESTABLISHEDtcp6 0 0 2601:9:6800:1e6:.54297 nuq05s02-in-x01..https ESTABLISHEDtcp4 0 0 10.0.0.108.53964 valiente.cabrill.ssh ESTABLISHEDtcp4 0 0 10.0.0.108.53939 valiente.cabrill.ssh ESTABLISHEDtcp4 0 0 10.0.0.108.53913 gw094.lphbs.com.http ESTABLISHEDtcp4 0 0 10.0.0.108.53836 68.71.212.186.http ESTABLISHEDtcp4 0 0 localhost.49961 localhost.53264 ESTABLISHEDtcp4 0 0 localhost.53264 localhost.49961 ESTABLISHEDtcp4 0 0 localhost.49961 localhost.53263 ESTABLISHEDtcp4 0 0 localhost.53263 localhost.49961 ESTABLISHEDtcp4 0 0 10.0.0.108.52960 channelproxy-shv.https ESTABLISHEDtcp4 0 0 10.0.0.108.50737 boris.cabrillo.e.imaps ESTABLISHEDtcp4 0 0 10.0.0.108.62510 boris.cabrillo.e.imaps ESTABLISHEDtcp4 0 0 10.0.0.108.62508 boris.cabrillo.e.imaps ESTABLISHED
66
Netstat
Unexplained TCP connections can pose a major security threat. This is because they can indicate that something or someone is
connected to the local host. Additionally, unnecessary TCP connections can consume valuable
system resources thus slowing down the host's performance. Netstat can be used to examine the open connections on a host
when performance appears to be compromised. Netstat Security Podcast TCPView
Apples-MacBook-Pro:~ rigrazia$ netstat Active Internet connectionsProto Recv-Q Send-Q Local Address Foreign Address (state) tcp4 0 0 10.0.0.108.54500 a184-51-102-51.d.http ESTABLISHEDtcp4 0 0 10.0.0.108.54485 g1.v.fwmrm.net.http ESTABLISHEDtcp6 0 0 2601:9:6800:1e6:.54455 nuq05s01-in-x11..https ESTABLISHEDtcp6 0 0 2601:9:6800:1e6:.54419 edge-star6-shv-0.https ESTABLISHEDtcp6 0 0 2601:9:6800:1e6:.54400 2001:559:0:54::6.https ESTABLISHEDtcp4 0 0 10.0.0.108.54385 a184-51-102-42.d.http CLOSE_WAIT tcp4 0 0 10.0.0.108.54368 a184-84-222-181..macro ESTABLISHEDtcp6 0 0 2601:9:6800:1e6:.54297 nuq05s02-in-x01..https ESTABLISHED
67
C:\Users\Admin> netstat /?
Displays protocol statistics and current TCP/IP network connections.
NETSTAT [-a] [-b] [-e] [-f] [-n] [-o] [-p proto] [-r] [-s] [-t] [interval]
-a Displays all connections and listening ports. -b Displays the executable involved in creating each connection or listening port. In some cases well-known executables host multiple independent components, and in these cases the sequence of components involved in creating the connection or listening port is displayed. In this case the executable name is in [] at the bottom, on top is the component it called, and so forth until TCP/IP was reached. Note that this option can be time-consuming and will fail unless you have sufficient permissions. -e Displays Ethernet statistics. This may be combined with the -s option. -f Displays Fully Qualified Domain Names (FQDN) for foreign addresses. -n Displays addresses and port numbers in numerical form. -o Displays the owning process ID associated with each connection. -p proto Shows connections for the protocol specified by proto; proto may be any of: TCP, UDP, TCPv6, or UDPv6. If used with the -s option to display per-protocol statistics, proto may be any of: IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, or UDPv6. -r Displays the routing table. -s Displays per-protocol statistics. By default, statistics are shown for IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, and UDPv6; the -p option may be used to specify a subset of the default. -t Displays the current connection offload state. interval Redisplays selected statistics, pausing interval seconds between each display. Press CTRL+C to stop redisplaying statistics. If omitted, netstat will print the current configuration information once.
C:\Users\Admin> 68
C:\Users\Admin>netstat
Active Connections
Proto Local Address Foreign Address State TCP 127.0.0.1:5354 Admin-PC:49155 ESTABLISHED TCP 127.0.0.1:5354 Admin-PC:49156 ESTABLISHED TCP 127.0.0.1:19872 Admin-PC:49172 ESTABLISHED TCP 127.0.0.1:27015 Admin-PC:49168 ESTABLISHED TCP 127.0.0.1:49155 Admin-PC:5354 ESTABLISHED TCP 127.0.0.1:49156 Admin-PC:5354 ESTABLISHED TCP 127.0.0.1:49168 Admin-PC:27015 ESTABLISHED TCP 127.0.0.1:49172 Admin-PC:19872 ESTABLISHED TCP 192.168.1.116:2869 Home-Net:42808 TIME_WAIT TCP 192.168.1.116:49826 www.cisco.com:http ESTABLISHED TCP 192.168.1.116:49828 17.172.232.124:5223 ESTABLISHED TCP 192.168.1.116:49950 17.158.10.21:https CLOSE_WAIT TCP 192.168.1.116:50010 ec2-204-236-229-250:http TIME_WAIT TCP 192.168.1.116:50011 ec2-204-236-229-250:http TIME_WAIT TCP 192.168.1.116:50012 ec2-204-236-229-250:http ESTABLISHED TCP 192.168.1.116:50013 ec2-204-236-229-250:http TIME_WAIT TCP [::1]:49772 Admin-PC:49774 ESTABLISHED TCP [::1]:49774 Admin-PC:49772 ESTABLISHED
C:\Users\Admin>69