Please enable JavaScript.
Coggle requires JavaScript to display documents.
TCP / IP, Header TCP - Coggle Diagram
TCP / IP
ROW 1
-
Type of Service (TOS): This defines the type of service of this packet. These include minimize delay, maximize throughput, maximize reliability, and minimize monetary cost.
Version: This defines the version of IP, either v4 or v6.
Total Length: This defines the total length of the IP datagram (including the data) or the fragment. Its maximum value is 65,535.
Row 3
Protocol: This field defines what protocol is being used with IP. Most often, it will be 6 or TCP, 1 for ICMP, 17 for UDP, among others.
TTL: This is the "time to live." This defines how many hops across the internet before the packet expires. It varies by operating system making it useful to identify the OS of the sender.
Header Checksum: This is an error checking field. It calculates the checksum (a simple algorithm) to determine the integrity of the data in the header.
Row 2
IP Flags: This field defines whether the packet is fragmented (M) or not (D). The manipulation of the field can be used to evade IDS and firewalls. Check out my tutorials on nmap and hping3 on how we can manipulate packets to evade intrusion detection systems and other security devices. It can also be used in conjunction with the Window field to identify the operating system of the sender.
Fragment Offset: This field is used when packets are fragmented. It defines where the packets should be reassembled from the beginning of the IP header.
Identification: This field uniquely identifies each packet. It can be critical in reassembling fragmented packets.
Row 5 & Row 4
Source / Destination: These rows of the IP header are probably the most important part of the header as it contains the source and destination IP address
Row 6
-
Padding: This field is used to fill out, if necessary, the remaining bits and bytes of the header.
-
-