TCP/IP Detailed Flashcards by robert Mcadams

IP Header Fields

Version
Header Length
TOS
Total Length
Identification
Flags
Fragment Offset
TTL
Protocol
Header Checksum
Source Address
Destination Address
IP Options

How well did you know this?

Not at all

Perfectly

IP Total Length field byte offset

offset 2

How well did you know this?

Not at all

Perfectly

IP Identification field byte offset

offset 4

How well did you know this?

Not at all

Perfectly

IP Flags field byte offset

7th byte high order 3 bits

How well did you know this?

Not at all

Perfectly

Fragment Offset field byte offset

offset 7

How well did you know this?

Not at all

Perfectly

TTL field byte offset

offset 8

How well did you know this?

Not at all

Perfectly

Protocol field byte offset

offset 9

How well did you know this?

Not at all

Perfectly

Header Checksum field byte offset

offset 10

How well did you know this?

Not at all

Perfectly

Source Address field byte offset

offset 12

How well did you know this?

Not at all

Perfectly

Destination Address field byte offset

offset 18

How well did you know this?

Not at all

Perfectly

IP Options field byte offset

offset 20

How well did you know this?

Not at all

Perfectly

Header Length minimum value

5 - multiply by 4 to get byte count

How well did you know this?

Not at all

Perfectly

IP Header default length

20 bytes

How well did you know this?

Not at all

Perfectly

Source IP field length

4 bytes

How well did you know this?

Not at all

Perfectly

Destination IP field length

4 bytes

How well did you know this?

Not at all

Perfectly

IP Flags

x reserved - High order 8th bit
D Do not fragment - High order 7th bit
M More fragments follow - High order 6th bit

How well did you know this?

Not at all

Perfectly

IP RFC

791

How well did you know this?

Not at all

Perfectly

IP protocol field - 0x01

1 - ICMP

How well did you know this?

Not at all

Perfectly

IP protocol field - 0x11

17 - UDP

How well did you know this?

Not at all

Perfectly

IP protocol field - 0x06

6 - TCP

How well did you know this?

Not at all

Perfectly

IP protocol field - 0x02

2 - IGMP

How well did you know this?

Not at all

Perfectly

TCP Header fields

Source Port
Destination Port
Sequence Number
Acknowledgment number
Offset
Reserved
Flags
Window
Checksum
Urgent Pointer
TCP Options

How well did you know this?

Not at all

Perfectly

UDP Header fields

Source Port
Destination Port
Length
Checksum

How well did you know this?

Not at all

Perfectly

TCP RFC

793

How well did you know this?

Not at all

Perfectly

UDP RFC

768

ICMP Header Fields

Type Code Checksum Other message specific info

Source Port field byte offset

offset 0

Destination Port field byte offset

offset 2

Sequence Number field byte offset

5th-8th bytes offset 4

Acknowledgment Number field byte offset

9th-12th bytes offset 8

TCP offset field byte offset

high order nibble; offset 12

TCP Flags field byte offset

offset 13

Window field byte offset

offset 14

TCP Checksum field byte offset

offset 16

TCP Urgent pointer field byte offset

offset 18

TCP Flags from low byte order

``` FIN SYN RST PSH ACK URG ECN CWR ```

ECN stands for?

Explicit Congestion Notification

TCP Options 0

End of Options list

TCP Options 1

No Operation, Pad

TCP Options 2

Maximum Segment size

TCP Options 3

Windows Scale

TCP Options 4

Selective ACK ok

TCP Options 5

Timestamp

TCP Default Header Size

20 bytes

UDP Source Port field byte offset

0 bytes

UDP Destination Port field byte offset

2 bytes

UDP Length field byte offset

4 bytes

UDP Checksum field byte offset

6 bytes

UDP default header length

8 bytes

ICMP type field byte offset

0 bytes

Code field byte offset

1 bytes

ICMP Checksum field byte offset

2 bytes

ICMP Other message specific info

4 bytes

ICMP type code 0x00

0 Echo reply

ICMP type code 0x03

3 Destination unreachable

ICMP type code 0x04

4 Source Quench

ICMP type code 0x05

5 Redirect

ICMP type code 0x06

6 Echo

ICMP type code 0x09

9 Router Advertisement

ICMP type code 0x0b

11 Time Exceeded

ICMP type code 0x11

17 Address mask request

ICMP type code 0x12

18 Address mask reply

DNS Header fields

``` Length (TCP Only) ID QR Opcode AA TC RD RA Z RCODE QDCOUNT ANCOUNT NSCOUNT ARCOUNT Question Section Answer Section Authority Section Additional Information Section ```

QR field Codes

0 - Query | 1 - Response

DNS Opcodes

0 - Standard query (Query) 1 - Inverse Query (IQuery) 2 - Server Status request (STATUS)

AA field definition

1 - Authoritative Answer

TC field definition

1 - Truncation

RD field definition

1 - Recursion Desired

RA field definition

1 - Recursion Available

Z field definition

Z reserved, set to 0

Response Codes

``` 0 - No error 1 - Format error 2 - Server Failure 3 - Non-existant domain (NXDOMAIN) 4 - Query type not implemented 5 - Query refused ```

QDCOUNT definition

Number of entries in Question section

Ping fields

``` Type Code Checksum Identifier Sequence number Data ```

ARP header

``` Hardware Address Type Protocol Address type H/w Addr Len Prot. Addr. Len Operation Source hardware address Source Protocol address Traget Hardware Address Target Protocol Address ```

tcpdump -e

Display data link header

tcpdump -F

filter expression in file

tcpdump -i

Listen on interface

tcpdump -n

don't resolve IP address

tcpdump -r

read packet from file

tcpdump -s

get snaplen bytes from each packet

tcpdump -S

use absolute TCP sequence numbers

tcpdump -t

don't print timestamp

tcpdump -v

verbose mode

tcpdump -w

write packet to file

tcpdump -x

display in hex

tcpdump -X

display in hex and ASCII

IPv6 Header Size

40 bytes

IPv6 Address Size

128 bits

IPv4 TOS field is now what in IPv6

Traffic Class

IPv4 TTL field is now what in IPv6

HOP

IPv4 Protocol field is now what in IPv6

Next Header

IPv6 Header

``` Version 0-4 bytes Traffic class 5-12 bytes Flow label 12-31 bytes Payload Length 32-47 Next Header Hop Limit Source Address Target Addresss ```