7. "Window" field

You can modify the value of the "Window" field. Handling is only possible when the packet was built at a hidden data source. Due to the manipulations that occur on the source host, the receiving party will not be able to properly assemble the original packet

### 8. "Pointer Urgent" field

You can modify the value of this field. This injection is only possible if all URG options are present.

So, if the Urgent Pointer is filled in and the flag of URG is not setting, it means that the Urgent Pointer is not used correctly.

### 9. "Options" field

We could modify the data of this field. In the options, you can realize the data after value 0x00, but it is not considered after this byte header data.

TCP header option values are limited, and network analysis results in attempting to identify a possible option that attempts to identify incorrectly filled options or unknown options whose appearance indicates a possible injection of information.

10."Padding" field

It is possible to fill the field of any padding.

It should be noted that manipulation is only possible if the package is made up of hidden source data. Because of the manipulation that occurs at the source, the receiving party cannot properly collect packets.

Handling "Padding" is one of the most interesting. The "Padding" field starts after the 0x00 in the "Options" field; the value is the EOL option and takes up to 32-bit header boundaries. Interest in this manipulation is contained in the following text after the EOL does not produce a 32-bit header, which means that these bytes are invisible to network devices and sniffer. Although the analysis of this field is simple enough, the EOL up to 32-bit header boundaries must be set to "0" at the standard behind the "Options" field, causing any other value of this field to indicate that the data is being injected.
