**3.1 TCP**

Transmission Control Protocol is a reliable protocol of transport layer. TCP is oriented to establish a logical connection, that is, the hosts negotiate and create a session and then begin to transfer data. Every time a package is sent, the sender is awaiting acknowledgement of delivery receipt. This protocol is standardized by RFC 793.

### *3.1.1 Header of TCP*

Header's format of TCP is presented in **Figure 3**. "Source Port" field

1.You can change the "Source Port" field value. Processing is only possible when the package was a hidden data source. Due to the manipulations that occur on the source host, the receiving party will not be able to properly assemble the original packet. This manipulation cannot be detected by the packet sniffer.

**81**

*Analysis of Network Protocols: The Ability of Concealing the Information*

You can change the value of "Destination Port" field. Handling is only possible when the packet was a hidden data source. Due to the manipulations that occur on the source host, the receiving party will not be able to properly assemble the

We could modify the information in this field. Processing is only possible when the package was a source of hidden data. Because of the modification that had occurred at the source device, the receiving PC cannot correctly build the original packets. This modification cannot be observed by the network sniffer.

We could change the contents of this field. Modification is allowed provided that the package was made up source of hidden data. Due to the modification that occurred on the source host, the receiving party will not be able to prop-

The manipulation is as follows: this increases the size of the "Data Offset" field, expands the TCP header, and adds a parameter field. In the options you

At standard byte 0x00 EOL, bytes with a value of "0" should be due to some

By default, the values of all standard bits must be set to "0" as a result of some

other value that indicates that a data injection has occurred.

other values that indicate that a data injection has been occurred.

original packet. This modification cannot be detected by sniffer.

*DOI: http://dx.doi.org/10.5772/intechopen.88098*

2. "Destination Port" field

**Figure 3.** *Header format TCP.*

3. "Sequence Number" field

4. "Acknowledgment Number" field

erly assemble the original packet.

can add data after byte 0x00 EOL.

You can modify the value of this field.

5. "Data Offset" field

6. "Reserved" field

*Analysis of Network Protocols: The Ability of Concealing the Information DOI: http://dx.doi.org/10.5772/intechopen.88098*

**Figure 3.** *Header format TCP.*

*Computer and Network Security*

4. "Source Address" field

as a source address.

**3. Result of injection**

transmitted symbol.

5. "Destination Address" field

will be responsible for the packet delivery.

Two different options need to be considered:

This manipulation cannot be detected by the packet sniffer.

You have the possibility to change the data of this field at IPv4 format, but international standards from the IPv6 community do not recommend using it

In this protocol, you can use the IPv6 "Destination Address" field in the IPv4 encapsulation header to load information into it. In this case, the IPv4 header

The standard IPv6 header size with options and fields with padding is 320 bits.

1.IPv6 is a carrier, that is, it is responsible for addressing the package. As a result of the manipulations described above, 156 bits can be used, which is 48.75% of the total number of bits. This volume allows you to insert a caption with 19 characters from 8 bits into the ASCII character set. Thus, after calculations get a value of 4 bits. The treated residue was included in an additional 8 bits of the

2.IPv6 is a passenger and is transmitted by IPv6 encapsulation header to other headers, such as IPv4 or GRE. In this case, the method for implementing the target address can be used. As a result of the manipulations described above, it is possible to use 284 bits, which is 88.75% of the total number of bits. This volume allows you to implement a 35-character header with 8 bits in ASCII. Thus, after calculations, we get a possible value of 4 bits. The processed remainder

Transmission Control Protocol is a reliable protocol of transport layer. TCP is oriented to establish a logical connection, that is, the hosts negotiate and create a session and then begin to transfer data. Every time a package is sent, the sender is awaiting acknowledgement of delivery receipt. This protocol is standardized by

1.You can change the "Source Port" field value. Processing is only possible when the package was a hidden data source. Due to the manipulations that occur on the source host, the receiving party will not be able to properly assemble the original packet. This manipulation cannot be detected by the

will be added as an additional 8 bits of transmitted characters.

Header's format of TCP is presented in **Figure 3**.

**80**

**3.1 TCP**

RFC 793.

*3.1.1 Header of TCP*

"Source Port" field

packet sniffer.

2. "Destination Port" field

You can change the value of "Destination Port" field. Handling is only possible when the packet was a hidden data source. Due to the manipulations that occur on the source host, the receiving party will not be able to properly assemble the original packet. This modification cannot be detected by sniffer.

3. "Sequence Number" field

We could modify the information in this field. Processing is only possible when the package was a source of hidden data. Because of the modification that had occurred at the source device, the receiving PC cannot correctly build the original packets. This modification cannot be observed by the network sniffer.

4. "Acknowledgment Number" field

We could change the contents of this field. Modification is allowed provided that the package was made up source of hidden data. Due to the modification that occurred on the source host, the receiving party will not be able to properly assemble the original packet.

5. "Data Offset" field

The manipulation is as follows: this increases the size of the "Data Offset" field, expands the TCP header, and adds a parameter field. In the options you can add data after byte 0x00 EOL.

At standard byte 0x00 EOL, bytes with a value of "0" should be due to some other value that indicates that a data injection has occurred.

6. "Reserved" field

You can modify the value of this field.

By default, the values of all standard bits must be set to "0" as a result of some other values that indicate that a data injection has been occurred.
