4.1.15 Layer 4: Transport

TCP Packet Header

Contains 10 fields totaling 160 bits in size, including source port, destination port, sequence number, acknowledgment number, checksum, and control flags.

CH: Understanding header size and fields helps distinguish TCP reliability and overhead compared to UDP.

UDP Datagram Header

Contains 4 fields totaling 64 bits in size, including source port, destination port, length of data, and checksum.

CH: Smaller header size explains why UDP is faster but less reliable than TCP.

TCP 3 Way Handshake

Method used by TCP to set up a TCP/IP connection over an IP network.

1. Host A sends SYN.

2. Host B replies with SYN ACK.

3. Host A replies with ACK.

This sequence establishes the connection.

CH: Frequently tested to explain connection establishment and attacks like SYN flooding. Implement rate limiting, use syn cookies, and deploy firewalls with anti-flood features.

Telnet

OSI Layer 7 protocol which provides text based communication between a client and server over an IP network. Telnet is not secure and SSH should be used instead.

CH: Often tested as an example of insecure plaintext protocols.

Border Gateway Protocol (BGP)

A routing protocol that operates at the border between separate networks, allowing gateway routers of different autonomous systems to exchange reachability information and decide which network paths to use across the Internet.

CH: Internet-scale routing protocol between autonomous systems. Path selection is policy-based, not shortest-path. Commonly tested in route hijacking and BGP trust failure scenarios.