Module 10

Intermediate TCP/IP

Version 3.1

TCP Protocol

Three Functions:
Flow Control
Reliability by
sequence numbers
and
acknowledging
Synchronization

Version 3.1

Two Protocols:
TCP
connection oriented
UDP (tftp, DNS,
SNMP)
connectionless

Three-Way Handshake
This handshake establishes a round trip connection
between sender and receiver before data is transferred

Version 3.1

Denial of Service Attacks

Designed to deny services to legitimate hosts attempting
to establish connections.
Commonly used by hackers - hacker initiates a
synchronization but spoofs the source IP address (nonexistent IP address)
Administrators should
guard against by
Decreasing the
connection timeout period
Increase the connection
queue size
Version 3.1

Windowing

With a window size of 1, each segment has to be

acknowledged before another segment is sent. Inefficient
use of bandwidth.
Version 3.1

TCP Sliding Windows

Communicating devices
negotiate the amount of
unacknowledged data
that can be sent.

With windowing, data can be sent without an

acknowledgment when sending a TCP segment.
Version 3.1

Sequencing Numbers
TCP applies sequence
numbers to the data
segments it is transmitting
so that the receiver will be
able to properly
reassemble the bytes in
their original order.
If TCP segments arrive out
of order, the segments
may be reassembled
incorrectly.
Sequencing numbers
indicate to the destination
device the correct order in
which to put the bytes
when they are received

Version 3.1

Sequencing Numbers:

Act as reference numbers so that the receiver will know if it has

received all of the data
Identify the missing data pieces to the sender so it can
retransmit the missing data
The sender only needs to re-transmit the missing segments
instead of the entire set of data
Each TCP segment is numbered before transmission
At the receiving station, TCP uses the sequence numbers to
reassemble the segments into a complete message
If a sequence number is missing in the series, that segment is retransmitted
Positive Acknowledgment & Retransmission (PAR) ensures that
the number of data segments sent by one host are received by
another host before other segments are sent

Version 3.1

UDP
Connectionless Layer 4 protocol
Non-guaranteed
UDP segments do not contain sequence or
acknowledgement fields, so checksum is used to
determine if the data or header has been transferred
without corruption

Version 3.1

Multiple Conversations and Port Numbers

Version 3.1

10

Port Numbers
The three categories of port numbers are wellknown ports, registered ports, and dynamic or
private ports.
The first 1023 ports are well-known ports.
Registered ports range from 1024 to 49151.
Ports between 49152 and 65535 are defined as
dynamic or private ports.
End systems use port numbers to select proper
applications
Port numbers in the range of 0-1023 are controlled by the
Internet Assigned Numbers Authority (IANA)
Well known ports (23, 21, 80) and dynamic port numbers
are represented in the header of TCP & UDP segments

Version 3.1

11

Port Numbers
TCP Examples:

UDP Examples:

FTP-DATA - Port 20

DNS - Port 53

FTP - Port 21

TFTP - Port 69

Telnet - Port 23

SNMP - Port 161

SMTP - 25

Version 3.1

12

Port numbers, MAC, & IP Addresses are

included during encapsulation
Port numbers

Transport Layer

IP addresses

Network Layer

MAC addresses

Data Link Layer

Version 3.1

13