-1

I use JPcap to capture packets. I don't know how to get TCP state of connection flags through these captured packet ?

Ex: OTH, REJ, RSTO, RSTOS0, RSTR, S0, S1, S2, S3, SF, SH

I am building Intrusion detection System.?

At present extracting attributes of KDD CUP 99 Dataset for live system.

Mat
  • 202,337
  • 40
  • 393
  • 406
Son Vu
  • 19
  • 2

1 Answers1

0

I don't know what "OTH, REJ, RSTO, RSTOS0, RSTR, S0, S1, S2, S3, SF, SH" are, but the only things in a TCP segment that affect the state of the connection are the TCP control bits SYN, ACK, FIN, and RST. See #3.4 of RFC 793 &ff. for a complete description.

user207421
  • 305,947
  • 44
  • 307
  • 483