SEARCH KEYWORD -- HANDSHAKE

  Why TCP needs 3 handshakes

Prerequisite Knowledge First, let's look at the control bits and state machine of TCP, which form the basis for understanding the three-way handshake of TCP. TCP Packet Control Bits The control bits in the TCP packet header are used to control the status of the TCP connection and can indicate various control information such as connection establishment, termination, reset, etc. There are six common control bits: SYN (Synchronize Sequence Numbers): Requests to establish a connection (part of the...

   REASON,NETWORK,TCP,EXPLANATION,HANDSHAKE     2024-09-28 08:57:52

  A HTTPS client and HTTPS server demo in Java

In this post, I will create a HTTPS server and HTTPS client demo which can establish HTTPS communication between a server and a client using Java. This should be very useful when we want to test our understanding about SSL communication. We will use both a detailed SSL client and a simple HttpsURLConnection as the HTTPS client. Before creating the actual HTTPS server and HTTPS client, we first need to generate the keystore and truststore to be used by the server and client. To generate the keyst...

   SSL,HTTPS,JAVA,DEMO     2015-10-23 09:04:36

  When is there no need 3 handshakes in TCP?

Overview In the previous article titled Why TCP needs 3 handshakes simple answers were provided to the following three questions: Can application data be carried during the first handshake? Can application data be carried during the second handshake? Can application data be carried during the third handshake? Briefly, traditional TCP requires a three-way handshake to establish a connection, and during these three handshakes, only simple SYN and ACK packets are sent. From the perspective o...

   TCP,NETWORK,EXPLANATION,REASON     2024-09-29 03:19:35

  Introduction to DTLS(Datagram Transport Layer Security)

Secure communication has become a vital requirement on the Internet. Lots of information transferred through the Internet are sensitive data such as financial transactions, medical information, media streaming etc. To ensure security of data transferred on the Internet, a few secure protocols have been designed including SSL/TLS and IPsec. Many large websites in the world have adopted TLS. Apart from SSL/TLS, there is some other protocol designed to be used in special cases. One of them is ...

   JAVA 9,DTLS,TLS,SECURITY     2016-04-02 05:55:36

  Difference between keystore and truststore

Security has become a vital concern in most of the online transactions nowadays. Lots of the world's most popular websites have adopted security protocols to transfer data, especially sensitive data. These security protocols including SSL/TLS which are using the private/public key exchange mechanism to establish secure connections.  The private/public key cryptography is a really important invention and it allows data to be transferred securely and solves the big problem of transferrin...

   KEYSTORE,TRUSTSTORE,SECURITY,SSL     2017-03-04 07:52:47

  When a CA becomes untrustable

Information security has become a vital part of people's life, especially for those people who spend much time online. Tons of data are being transmitted over the internet every second. These data include user ids, passwords, credit card information etc and some of them are sensitive information which needs secure way to transmit. Hence different protocols have been developed including SSL/TLS to encrypt data transmitted over the internet. The core of these security protocols is the certifi...

   APPLE,SECURITY,GOOGLE,MOZILLA,NEWS,WOSIGN     2016-10-01 23:03:44

  A journey to investigate a goroutine leakage case

In Go, creating goroutines is straightforward, but improper usage may result in a large number of goroutines unable to terminate, leading to resource leakage and memory leaks over time. The key to avoiding goroutine leaks is to manage the lifecycle of goroutines properly. By exporting runtime metrics and utilizing pprof, one can detect and resolve goroutine leakage issues. This post will go through one real case encountered by the author. The author maintains a service that connects to a targe...

   TIMEOUT,SSH,GUIDE,DEBUG,LEAK,GOROUTINE,PPROF,GOLANG     2024-03-16 11:00:23

  HeartBleed: Should C be blamed for the HeartBleed bug?

There is a discussion about the security of applications written in C on Hacker News recently after the report of HeartBleed bug in OpenSSL. In this discussion, some people are saying that the applications written in C are unsafe. It seems all or most of the faults should be laid on C. I think this is biased. The language itself should not be blamed.Safety is a relative term for programming languages. No language is absolutely safe. We claim some languages like Java and C# are safer than C/C++ b...

   C,HeartBleed,Analysis,Code review     2014-04-14 03:52:55

  All I Know About Certificates -- Certificate Authority

One of the crucial steps in the TLS handshake is for the server to prove its identity to the client. While there is plenty of content explaining the principles of the handshake, there's less information about certificates, which are a critical component of TLS/SSL. This series of articles aim to explain what certificates are used for, how Google prevents others from impersonating Google, and why certificate issues frequently arise, among other topics. (Postscript: It took me a full 10 hours to w...

   CLIENTS,WEBSITE,CERTIFICATE,SSL CERTIFICATE     2024-07-26 22:22:28

  WireGuard VPN Troubleshooting

When you are working as a network/cluster admin for you team to config the WireGuard VPN for other members, you may meet some of the problems below and these are the solution you can try to fix them. ----------------------------------------------------------------------------------------------------------- Problem [1]: The WireGuard handshake request send from the client can be received from the server but the server's response was blocked at some where so the client can not receive serv...

   WIREGUARD,VPN,TROUBLESHOOTING     2021-12-14 09:17:46

RECENT