Home | Computer Security | Fun | About Vikram Phatak | Contact   The IP Header: Version: 4-bits Set to 4, the current version of IP. IHL: 4-bits IP Header Length specifies the number of 32-bit words forming the header. The minimum value for a valid header is 5. TOS: 8-bits TOS specifies the Type of Service which may be utilized by networks to define how the datagrams are to be handled during their transport. For example 00000000 indicates a routine transfer whereas 00100000 indicates a priority transfer. Total Length: 16-bits This field indicates the size of the datagram, including the header and the data. Identification: 16-bits This field in unison with the source address field is used to uniquely identify the fragmented datagrams during reassembly. Flags: 3 bits One of the bits is reserved and the other 2 bits are used to indicate to the router whether or not the packet is to be fragmented. Fragment Offset: 13-bits This is field is used to identify where each of the fragments belong at the time of reassembly. Time-To-Live: 8-bits This counter is used to indicate the lifetime of a datagram. Every time the datagram is forwarded by a router it decrements this counter. The datagram is discarded when the counter reaches zero. This ensures that the datagram does not loop in the network forever. Protocol: 8-bits It is used to indicate the protocol in the data field. For e.g. 6 indicates TCP, 17 indicates UDP etc. Header Checksum: 32-bits This checksum is used for error detecting errors within IP. It is the compliment to the 16-bit checksum that you will find within the TCP or UDP header, and is the sum of all the 16 bit words in the header including the IP options. Since some values such as the TTL change, the checksum has to be computed at every point it is processed. Source and Destination IP address: 32-bits This indicates the IP address of the sender and the receiver. Options and Padding: Options have two formats.     1. A single octet of option kind.     2. Three octets, one each for option kind, option length and option data. Padding is used to ensure that the IP header ends on a 32-bit boundary, if not 0’s are padded. Computer Security Home The OSI and the TCP/IP Layers TCP IP Network & Application Layer Attacks     Network Layer DoS         Syn Flood         Ack Flood         RESET Attack         FIN Attack         Teardrop Attack     IP Spoofing         Predicting TCP Sequence Numbers     Application Layer Attacks         Buffer Overflows         Trojans         Backdoors         Cross-site Scripting         CGI abuses Firewalls     Packet Filters     Proxy Firewalls         Circuit Level Proxies         Application Level Proxies     Stateful Inspection Firewalls   Limitations of Firewalls Intrusion Detection and Prevention Systems     Signature Based     Anomaly Based         Statistical Anomaly Based         Protocol Anomaly Based     Host Based IDS (HIDS)     Network Based IDS (NIDS)         Protocol Anomaly Based NIDS         Signature Based NIDS Web Application Firewalls Vulnerability Assesment     Host Based Scanner     Network Based Scanner     Web Application Vulnerability Scanner Content Filters Encryption Conclusion Copyright © 2006 Vikram Phatak. All rights reserved.