Principles of Cybersecurity, 1st Edition page 264

Copyright Goodheart-Willcox Co., Inc. 264 Principles of Cybersecurity UDP Because UDP is connectionless, there is less information that needs to be sent along with the data. Figure 8-16 shows the information that will be found in a UDP segment. Data integrity is still important, so the checksum value is computed. Additional Header Information Once the TCP or UDP segment is created, the Network layer of the OSI model (layer 3) takes the segment and encapsulates it into an IP packet. This packet con- tains some important information, as shown in Figure 8-17. Especially important are the source and destination network addresses. Another key value in the IPv4 header is the time to live (TTL) value. The time to live (TTL) value controls how long the packet will search for a destination address before it is deleted. Packets cannot be left to wander aimlessly on net- works forever if the host cannot be found. The TTL value is reduced in two ways. First, every time a packet goes through a router, the value is decreased. Second, the value decreases after a set period of time. The Internet Control Message Protocol (ICMP) is the component of the TCP/IP protocol responsible for transmitting mes- sages across networks. Once the TTL value reaches 1, ICMP sends a message back to the source IP address indicating the packet did not reach the destination. The original packet is then deleted. The header information with IPv6 packets differs from IPv4 packets. The header is the fi rst 40 bytes and contains the fi elds shown in Figure 8-17. The hop limit is the renamed TTL fi eld. Traffi c class is the same as the Type of Service fi eld in IPv4. Flow Label is unique to IPv6 headers. It enables the ability to track specifi c traffi c fl ows. The last layer of encapsulation occurs at the Data Link layer of the OSI model (layer 2). In this packaging, the segment/packet is now placed in a frame. In the Data Link layer, the destination and source MAC addresses are assigned along with a CRC. Goodheart-Willcox Publisher Figure 8-15. Flags may appear in a TCP packet header to indicate certain meanings. Flag Meaning URG (urgent) If set to 1, the Urgent Pointer cell contains special info. If 0, it is ignored. ACK (acknowledgement) If set to 1, the Acknowledgement cell contains special info. If 0, it is ignored. PSH (push) If set to 1, the data should be sent without buffering. If 0, buffering is okay. RST (reset) If set to 1, the sender is requesting the connection be reset. If 0, it is ignored. SYN (synchronize) If set to 1, the sender is requesting a synchronization of the sequence numbers between two nodes. This is used on the initial request to establish the connection. FIN (finished) If set to 1, the segment is the last transaction in a sequence. Goodheart-Willcox Publisher Figure 8-16. This is how header information of a UDP segment is assembled. Source Port Destination Port Length Checksum Data

Previous Page Next Page

Principles of Cybersecurity, 1st Edition Page 264 (276 of 634)

Resources and Downloads

Help