What should i know about tcpip

For this reason, it is vital to avoid using public Wi-Fi networks for sending private data and to ensure information is encrypted. Finding a public IP address is a simple process that can be discovered using various online tools. Fortinet's high-performance, scalable crypto VPNs protect organizations and their users from advanced cyberattacks, such as man-in-the-middle MITM attacks, and the threat of data loss while data is in motion at high speed.

They establish secure connections by encrypting the data being transmitted between applications and devices. It is designed to break down a message, such as an email, into packets of data to ensure the message reaches its destination successfully and as quickly as possible. TCP meaning Transmission Control Protocol, is a communications standard for delivering data and messages through networks. TCP is a basic standard that defines the rules of the internet and is a common protocol used to deliver data in digital network communications.

TCP is a protocol or standard used to ensure data is successfully delivered from one application or device to another. Department of Defense to support the construction of the internet.

UDP is an alternative to TCP that does not provide error correction, is less reliable, and has less overhead, which makes it ideal for streaming. Skip to content Skip to navigation Skip to footer. What is TCP? What is IP? TCP vs. IP: What is the Difference? It is also referred to as the link layer, network access layer, network interface layer, or physical layer and is the combination of the physical and data link layers of the Open Systems Interconnection OSI model , which standardizes communications functions on computing and telecommunications systems.

Internet layer: The internet layer is responsible for sending packets from a network and controlling their movement across a network to ensure they reach their destination.

It provides the functions and procedures for transferring data sequences between applications and devices across networks. Transport layer: The transport layer is responsible for providing a solid and reliable data connection between the original application or device and its intended destination. This is the level where data is divided into packets and numbered to create a sequence. The transport layer then determines how much data must be sent, where it should be sent to, and at what rate.

If the Destination Address is the address of a host on the local network, the packet is delivered directly to the destination. If the Destination Address is not on the local network, the packet is passed to a gateway for delivery. Gateways are devices that switch packets between the different physical networks. Deciding which gateway to use is called routing.

IP makes the routing decision for each individual packet. Internet gateways are commonly and perhaps more accurately referred to as IP routers because they use Internet Protocol to route packets between networks. However, if a host is connected to more than one network called a multi-homed host , it can forward packets between the networks.

When a multi-homed host forwards packets, it acts just like any other gateway and is in fact considered to be a gateway. Figure shows the use of gateways to forward packets. The hosts or end systems process packets through all four protocol layers, while the gateways or intermediate systems process the packets only up to the Internet Layer where the routing decisions are made. Systems can deliver packets only to other devices attached to the same physical network.

Packets from A1 destined for host C1 are forwarded through gateways G1 and G2. Host A1 first delivers the packet to gateway G1 , with which it shares network A. Gateway G1 delivers the packet to G2 over network B.

Gateway G2 then delivers the packet directly to host C1 because they are both attached to network C. Host A1 has no knowledge of any gateways beyond gateway G1. It sends packets destined for both networks C and B to that local gateway and then relies on that gateway to properly forward the packets along the path to their destinations.

Likewise, host C1 sends its packets to G2 to reach a host on network A , as well as any host on network B. Figure shows another view of routing. This figure emphasizes that the underlying physical networks a datagram travels through may be different and even incompatible.

Host A1 on the token ring network routes the datagram through gateway G1 to reach host C1 on the Ethernet. Gateway G1 forwards the data through the X. The datagram traverses three physically different networks, but eventually arrives intact at C1.

As a datagram is routed through different networks, it may be necessary for the IP module in a gateway to divide the datagram into smaller pieces.

A datagram received from one network may be too large to be transmitted in a single packet on a different network. This condition occurs only when a gateway interconnects dissimilar physical networks. Each type of network has a maximum transmission unit MTU , which is the largest packet that it can transfer. This process is called fragmentation. Think of a train delivering a load of steel.

In the same way that a railroad is physically different from a highway, an Ethernet is physically different from an X. The format of each fragment is the same as the format of any normal datagram. Header word 2 contains information that identifies each datagram fragment and provides information about how to re-assemble the fragments back into the original datagram. The Identification field identifies what datagram the fragment belongs to, and the Fragmentation Offset field tells what piece of the datagram this fragment is.

When IP receives a datagram that is addressed to the local host, it must pass the data portion of the datagram to the correct Transport Layer protocol. This is done by using the protocol number from word 3 of the datagram header. Each Transport Layer protocol has a unique protocol number that identifies it to IP.

Protocol numbers are discussed in Chapter 2. You can see from this short overview that IP performs many important functions. This protocol is part of the Internet Layer and uses the IP datagram delivery facility to send its messages.

When datagrams arrive too fast for processing, the destination host or an intermediate gateway sends an ICMP Source Quench Message back to the sender. This tells the source to stop sending datagrams temporarily. If the unreachable destination is a network or host, the message is sent by an intermediate gateway. But if the destination is an unreachable port, the destination host sends the message. We discuss ports in Chapter 2. A gateway sends the ICMP Redirect Message to tell a host to use another gateway, presumably because the other gateway is a better choice.

This message can be used only when the source host is on the same network as both gateways. To better understand this, refer to Figure If a host on the X.

On the other hand, if a host on the token ring network sent a datagram to G1 , the host could not be redirected to use G2. This is because G2 is not attached to the token ring. When a system receives an echo message, it replies and sends the data from the packet back to the source host. The ping command uses this message. TCP provides reliable data delivery service with end-to-end error detection and correction.

UDP provides low-overhead, connectionless datagram delivery service. Both protocols deliver data between the Application Layer and the Internet Layer. Applications programmers can choose whichever service is more appropriate for their specific applications. The User Datagram Protocol gives application programs direct access to a datagram delivery service, like the delivery service that IP provides. This allows applications to exchange messages over the network with a minimum of protocol overhead.

UDP is an unreliable, connectionless datagram protocol. Within your computer, UDP will deliver data correctly. UDP uses bit Source Port and Destination Port numbers in word 1 of the message header to deliver data to the correct applications process.

Figure shows the UDP message format. Why do applications programmers choose UDP as a data transport service? There are a number of good reasons. If the amount of data being transmitted is small, the overhead of creating connections and ensuring reliable delivery may be greater than the work of re-transmitting the entire data set. Applications that fit a query-response model are also excellent candidates for using UDP. The response can be used as a positive acknowledgment to the query.

Imposing another layer of acknowledgment on any of these types of applications is inefficient. Applications that require the transport protocol to provide reliable data delivery use TCP because it verifies that data is delivered across the network accurately and in the proper sequence. TCP is a reliable , connection-oriented , byte-stream protocol.

Simply stated, a system using PAR sends the data again unless it hears from the remote system that the data arrived OK. The unit of data exchanged between cooperating TCP modules is called a segment see Figure Each segment contains a checksum that the recipient uses to verify that the data is undamaged. If the data segment is received undamaged, the receiver sends a positive acknowledgment back to the sender.

If the data segment is damaged, the receiver discards it. After an appropriate timeout period, the sending TCP module re-transmits any segment for which no positive acknowledgment has been received. TCP is connection-oriented. It establishes a logical end-to-end connection between the two communicating hosts. Control information, called a handshake , is exchanged between the two endpoints to establish a dialogue before data is transmitted.

TCP indicates the control function of a segment by setting the appropriate bit in the Flags field in word 4 of the segment header.

The type of handshake used by TCP is called a three-way handshake because three segments are exchanged. Figure shows the simplest form of the three-way handshake.

This segment tells host B that A wishes to set up a connection, and it tells B what sequence number host A will use as a starting number for its segments. Sequence numbers are used to keep data in the proper order. As soon as the connection is established, data can be transferred. It is the end-to-end exchange of data that provides the logical connection between the two systems.

TCP views the data it sends as a continuous stream of bytes, not as independent packets. Therefore, TCP takes care to maintain the sequence in which bytes are sent and received. The TCP standard does not require that each system start numbering bytes with any specific number; each system chooses the number it will use as a starting point. The two ends of the connection synchronize byte-numbering systems by exchanging SYN segments during the handshake.

For security reasons the ISN should be a random number. The Sequence Number in the header of a data segment identifies the sequential position in the data stream of the first data byte in the segment. The acknowledgment tells the sender how much data has been received and how much more the receiver can accept.

The Acknowledgment Number is the sequence number of the next byte the receiver expects to receive. The standard does not require an individual acknowledgment for every packet.

The acknowledgment number is a positive acknowledgment of all bytes up to that number. For example, if the first byte sent was numbered 1 and bytes have been successfully received, the Acknowledgment Number would be The Window field contains the window , or the number of bytes the remote end is able to accept. If the receiver is capable of accepting more bytes, the window would be The window indicates to the sender that it can continue sending segments as long as the total number of bytes that it sends is smaller than the window of bytes that the receiver can accept.

The receiver controls the flow of bytes from the sender by changing the size of the window. A zero window tells the sender to cease transmission until it receives a non-zero window value. The receiving system has received and acknowledged bytes, so the current Acknowledgment Number is The receiver also has enough buffer space for another bytes, so it has advertised a window of The sender is currently sending a segment of bytes starting with Sequence Number The sender has received no acknowledgment for the bytes from on, but continues sending data as long as it is within the window.

It is also true that know in depth the hardware does not make you a security professional. But knowledge of the hardware details and the flow of the low-level software, are essential if you need solve real problems.

How deep are we talking about here? Deep enough to get you into trouble or deep as in dissecting data packets and analyzing level at the switches or routers? First one, i. Just find few relevant websites and start reading. And if you can get your hands on a set of firewalls and routers, start messing with them. In no time, I can guarantee you, you will feel you can move the earth with your knowledge.

And you actually can, albeit, in a negative way. I have worked through the thick and thin of the field. I have worked with good network people as well as the "worst". And at the beginning everybody seemed like they knew what they were talking about. After a few live events, I understood who was a security expert and who was just faking it. If you are interested in security, you most probably heard the term, the most secure computer is the one which has no connections to any network.

And for that, I strongly suggest, starting from a basic network administrator curriculum which I believe is provided by most any community college with a computing lab and then build upon it. And believe me, if you want to master this field , you're looking down the barrel for about years, as you need to progress slowly in the field, while working in real life IT shops.

Security is a moving target. You can not get to it, just by reading. You need practice and it'd better be in the real life, not in an isolated, learning lab.

I thought that it was unnecessary and that I wouldn't gain much from learning it. Yes, even at a software level. However, when cutting into IT security my suggestion is you will typically not actually understand the security concerns unless you have the ability to configure the boxes as an admin.

This means time in the trenches as an operations or admin employee. IT Security is a never-ending learning experience, similar to all IT concentrations. However, since Security is broad you need to be aware of the changes for ALL IT concentrations, which is what makes this field challenging And why I went into it. You will deal with new technology and new threats constantly, and if you are unable to dedicate yourself to keeping up with the field, you will no longer be effective in your job.

That being said, I feel that it's a great place for academics such as yourself because the perpetual learning process is not new to you, and academics also are comfortable "deep diving" numerous technologies. Sign up to join this community. The best answers are voted up and rise to the top. Stack Overflow for Teams — Collaborate and share knowledge with a private group. Create a free Team What is Teams? Learn more. Ask Question.

Asked 8 years, 11 months ago. Active 8 years, 11 months ago.