Step 3: The initiating client acknowledges the server-to-client communication session.
Finally, the TCP client responds with a segment containing an ACK that is the response to the TCP SYN sent by the server. There is no user data in this segment. The value in the acknowledgment number field contains one more than the ISN received from the server. After both sessions are established between client and server, all additional segments exchanged in this communication will have the ACK flag set.
As shown in the figure, the protocol analyzer output shows the ACK control flag set and the relative sequence and acknowledgement numbers.
Security can be added to the data network by:
- Denying the establishment of TCP sessions
- Only allowing sessions to be established for specific services
- Only allowing traffic as a part of already established sessions
These security measures can be implemented for all TCP sessions or only for selected sessions.