TCP/IP model

TCP/IP Model

A four-layer data communication model
developed by the United States Department of Defense. To some extent, it is similar to the OSI model.

TCP/IP Model Layers

1. Application
2. Transport
3. Internet
4. Network Interface

network interface layer (TCP/IP)

Describes how to transmit bits across a network and determines how the network medium is going to be used

Internet Layer (TCP/IP)

where data is taken and packaged into IP datagrams

application layer (TCP/IP)

dictates how programs are going to interface with the transport layer by conducting session management

OBJ 1.1

compare and contrast the Open Systems Interconnections OSI model layer and encapsulation concepts

OBJ 1.5

Explain common ports and protocols their application and encrypted alternatives

OBJ 5.3

Given a scenario use the appropriate network software tools and commands

ports

a logical opening on a system representing a service or application that's listening and waiting for traffic

Ports numbers range from 0 to ____.

65,535

"Well-known" & Reserved Ports

Ports 0-1023.

ephemeral ports

1024 through 65535

IPv4 Packet

Consists of a source address, destination address, IP flags, and protocol

File Transfer Protocol (FTP)

Provides INSECURE file transfers

Ports 20,21

Secure Shell (SSH)

Provides SECURE remote control of another machine using a text-based environment

Port 22

Secure File Transfer Protocol (SFTP)

A protocol for SECURELY uploading and downloading files to and from a remote host. Based on SSH security.

Port 22

Telnet (Telecommunication Network)

Provides INSECURE remote control of another machine using a text based environment

Port 23

Simple Mail Transfer Protocol (SMTP)

The Internet standard protocol for transferring e-mail messages from one computer to another.

Port 25

Domain Name Service (DNS)

The service that translates URLs to IP addresses.

Port 53

Dynamic Host Control Protocol (DHCP)

Automatically provides network parameters to your clients, such as their assigned IP address, subnet mask, default gateway, and the DNS server they should use

Port 67,68

Trivial File Transfer Protocol (TFTP)

Used as a lightweight file transfer method for sending configuration files or network booting of an operating system

Port 69

Hypertext Transfer Protocol (HTTP)

Used for INSECURE web browsing

Port 80

Post Office Protocol version 3 (POP3)

A protocol for retrieving e-mail messages from an e-mail server.

Port 110

Network Time Protocol (NTP)

Used to keep accurate time for clients on a network

Port 123

Network Basic Input/Output System (NetBIOS)

Used for file or printer sharing in a Windows network

Port 139

Internet Mail Application Protocol (IMAP)

Port 143

A newer method of retrieving incoming emails which improves upon the older POP3

Simple Network Management Protocol (SNMP)

A protocol used to monitor and manage network devices,
Port 161, 162

Lightweight Directory Access Protocol (LDAP)

Used to provide directory services to your network

Port 389

Hypertext Transfer Protocol Secure (HTTPS)

the internet protocol that ensures data is sent SECURLEY over the web

SSL or TLS

Port 443

Server Message Block (SMB)

A protocol used by Windows to share files and printers on a network.

Port 445

System Logging Protocol (Syslog)

Port 514

Used to send logging data back to a centralized server

Simple Mail Transfer Protocol Transport Layer Security (SMTP TLS)

Port 587

Secure and encrypted way to send emails

Lightweight directory access protocol - secure (LDAPS)

Provides secure directory services

Port 636

Internet Message Access Protocol over SSL (IMAP over SSL)

Port 993

Secure and encrypted way to receive emails.

Post Office Protocol Version 3 over SSL (POP3 over SSL)

Port 995

Secure and encrypted way to receive emails

Structured Query Language Server Protocol (SQL)

Port 1433

Used for communication from a client to the database engine

SQLnet Protocol

Port 1521

Used for communication from a client to an Oracle database

MySQL

Port 3306

Used for communication from a client to the MySQL database engine

Remote Desktop Protocol (RDP)

Port 3389

Provides graphical remote control of another client or server

Session Initiation Protocol (SIP)

Port 5060 and 5061

Provides signaling and controlling multimedia communication sessions in applications.
Used for internet telephony for voice and video calls, VOIP, and instant messaging.

Nmap

A command-line tool used to scan networks. It is a type of network scanner.

TCP (Transmission Control Protocol)

A connection-oriented, guaranteed-delivery
protocol used to send data packets between computers over a network like the Internet.

UDP

User Datagram Protocol. Used instead of TCP when guaranteed delivery of each packet is not necessary. UDP uses a best-effort delivery mechanism.

ICMP (Internet Control Message Protocol)

used to communicate information about network connectivity issues back to the sender

error reporting mechanism

GRE (Generic Routing Encapsulation)

used as a simple and effective way to create a tunnel, called a GRE tunnel, OVER a public network, like the internet

- often used in site-to-site VPNs for example

no default encryption

IPSec (Internet Protocol Security)

used to protect one or more data flows between peers

encrypted data

used inside of vpns

Authentication Header (AH)

An IPsec protocol that authenticates that packets received were sent from the source identified in the header of the packet.

ESP (Encapsulating Security Payload)

An option within IPsec to provide confidentiality, integrity, and authentication.