Protocol: Protocol is used to exchange data between networks or internet. What i will show you here is closer look at the TCP/IP Suit. So you can have a closer look whats really going on when you send an packet to another system. When you understand the TCP/IP you will also understand more how the Denial Of Service attacks will work and effect an system so is under attack by it. Diffrent Layers: Application Layer: FTP, SMTP Network Layer: ICMP, IP Link Layer; ARP, RARP, PPP Transport Layer: TCP, UDP Physical Layer: Cable and wires Here you see the basic structure of the TCP/IP Suit. Remember that the Physical Layer aren't part of the TCP/IP Suit. I just set it there since you can have a better view how it work. Application Layer: This layer is included if you are going to send an E-mail for example. Simple Mail Transport Protocol is used to send mails to other people around the globe this will basically allowing you to send E-mails. POP is the Protocol so allow you to read the mail you got. POP stands for Post Office Protocol. Also you must have the Physical Layer this will say your cables and wires in your house are connected with the internet. Network Layer: When ever you are going to send packets over the internet to a remote computer the transport layer need the IP header file so it know the way to the remote computer. IP is includes the IP to remote computer and port, When they are together we can call it an "Socket Pair". Also the IP-Header have the checksums value so it can can error check the packet. I will go more into that later in this tutorial. Link Layer: When ever you are going to send an packet to remote system you will also need the MAC-Address to the computer you are going to send the packets to. So ARP will now send an packet to the remote computer and ask for MAC-Address. I will not go further into the Link Layer than this. Transport Layer: This layer is used to transport the data to the remote computer. When data is sended over the internet the TCP is break down the data into smaller data this will be called datagrams. When that its done it can transport the packet in so big numbers that the remote computer can handle them without it should crash. What the computer can handle is different from computer to computer. Since it have been broken down into smaller data it has been given an unique number so TCP knows the combination to restore them on. Without this number the packets will not be able to restore to normal size again. If the data isn't needed to be broken down anymore than they already is the UDP will transport them instead of the TCP. Checksums: Before the packets have been sended to the remote computer it will get an checksums value this is used to check if the packets is error free or not. When the as i said before this value will be saved into the IP-Header. So when the packet have reached the remote computer it will check the value of the checksums and packet value. If both values are matching each other this will say they are error free. If they aren't matching each other it will indicate that the packet have an error. Now it will send an new request to the host computer about sending the same packet over to the remote computer again. The same will happened until the packet is error free. There is 2 Error so might occurred under the Operation of sending packet to a remote computer. - Data Corruption (This will say the packet is damaged when it have reached the remote computer) - Data Lost (This will say the packet never reached the remote computer) ESTABLISHED Connection: When an remote computer wan to make direct connection with you. They will first send an SYN Packet to your computer. This will indicate the computer want to Establish connection with you. Your Computer will then send an ACK Packet back. This will say that the computer have receiver the SYN Packet. When have happened the remote computer will answer back with an ACK Packet. When this is done the computer's have been handshaked with each other and it will say the connection is ok.