I am not quite sure what you are trying to accomplish, but let me just chime in.
Data sent on the internet is broken into packets. Each packet is 64K. Well if each packet is 64K how are you able to download 10mb file?
The 10mb file is broken down into 64K serialized chunks. Serialization numbers the packets as 1 of 10, 2 of 10 etc. The beauty of the Internet Protocol is, as Bert stated, to get the packets there as fast as possible. This means each packet can take the fastest rout to the destination, at the instant it is sent. This also means that the packets can arrive out of order - packet 9 of 10 can arrive before packet 4 of 10; however, because of serialization, the entire file is can be reconstructed when all the packets arrive. And a specific pack can be re-requested if it does not arrive.
Each packet also contains the address of the sender/requester as well as the destination. This is where SPI (Stateful Packet Inspection) comes in. When you click on a hyperlink, if you look at your status bar, you will briefly see "website found waiting for reply." In essence you have sent out a request packet with your return address. When the reply is sent, the reply is tagged as a response to a request. Your firewall "inspects" the packet, to see if it is indeed a response to a request you made. If it is, the firewall lets the packet through. If it is not, it is rejected.
This is essentially how hackers are kept out, and at the same time how they get in. A webpage shows you something to entice you to click a link, a button, etc. Once you click that button, you have now made a request. When the packet arrives at your firewall, it says "he requested me" the firewall says "hmmm you look awfully suspicious" but I'll let you in. Boom! You've been hacked.
More advanced firewall, have signatures of these types of tools and will reject them anyway.
Last edited by gkfahnbulleh; 05/01/2009 7:42 PM.
