CompTIA A+ 220-1101: 2.1 - Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports, protocols, and their purposes.

Network Topology

Represents a network's physical layout, including the arrangement of computers and cables. The "Road" that data gets transported on. For example, Ethernet, DSL, Cable System. Designed so that the Internet Protocol (IP) (The "Truck") can navigate it most efficiently from one point to another.

IP (Internet Protocol)

Routing protocol that is in charge of forwarding packets on the Internet. The "Truck" that transports data on the "road" of the Network Topology.
Contains "boxes" of UDP and TCP.

TCP/IP (Transmission Control Protocol/Internet Protocol)

Connection-oriented communication protocols developed by the U.S. Department of Defense to to enable dissimilar computers to share information over a network. The primary protocol most modern networks use, including the internet.

The "Boxes" transported in the IP "Truck". Encapsulated by IP Protocol.

Operates at layer 4 (Transport) of the OSI Model.

TCP Benefits

* Connection-oriented
-- A formal process to setup and close connections between one device and another.
* "Reliable" delivery
-- It has a built-in system to verify if data sent has been received by the other side.
-- It can re-order messages that have been received out-of-order.
-- Has error recovery.
* It has a "Flow Control" mechanism.
-- If a device feels it is receiving information too quickly, it can tell the other side to slow down.
* TCP handles all communication overhead, with the application not worrying about out-of-order frames or missing data. The application just has one job.

Protocols that use TCP

Connection-orientated protocols that prefer a "return receipt".
- HTTPS
- SSH

HTTPS (Hypertext Transfer Protocol Secure)

A connection-oriented protocol that uses TCP, commonly used to send information in our web browsers.

Port #443

SSH (Secure Shell)

A connection oriented protocol that uses TCP, which provides an encrypted form of terminal communication within our systems.
Commonly communicates over TCP using port 22.
* tcp/22
Looks and acts the same as Telnet.
Text-based front-end.

UDP (User Datagram Protocol)

Connectionless protocol that does not require a connection to send a packet and does not guarantee that the packet arrives at its destination.

The "Boxes" transported in the IP "Truck". Encapsulated by IP Protocol.

Operates at layer 4 (Transport) of the OSI Model.

UDP aspects

* Connectionless
-- No formal open or close to the connection. Simply sends data from one place to the other.
* "Unreliable" delivery
-- No receipt or any knowledge of if the information we sent was really received by a device on the other side.
-- Has no error recovery.
-- No ability to reorder data
* No flow control
-- Only the sender determines the amount of data being transmitted.
* The data might not get through.
-- The application keeps track and decides what to do.
-- It may not do anything.

UDP Benefits

Most associated with real-time communication, where you cannot stop, re-transmit information, and then catch up with yourself. Time doesn't stop for your network.

DHCP (Dynamic Host Configuration Protocol)

A connectionless protocol used to automatically assign IP addresses to our devices. Uses UDP as its main transport mechanism.
Automated configuration of IP address, subnet mask, and other options.
Uses UDP port 67 and 68 - udp/67 and udp/68
Requires a compatible server.

Protocols that use UDP

DHCP
TFTP

TFTP (Trivial File Transfer Protocol)

A connectionless protocol that uses UDP as its main transport mechanism.

Ethernet Frame

A data unit transferred across a network. Consists of several parts, such as the sending/receiving MAC addresses, the data being sent, and the frame check sequence.

Ethernet Payload

Data inside an Ethernet Frame excluding headers and trailers.

OSI Model

A conceptual framework that divides network communications functions into seven layers. Sending data over a network is complex because various hardware and software technologies must work cohesively across geographical and political boundaries.

OSI Model Layers

1. Physical
2. Data Link
3. Network
4. Transport
5. Session
6. Presentation
7. Application

Multiplexing

Having many different applications on your system all communicating with a separate server simultaneously.

IP Address

A number that uniquely identifies each computer or device connected to the Internet.
The "Physical Address" on the Network Topology "Road" that the IP "Truck" transports the UDP or TCP "Boxes" to.

Port Number

A number assigned to uniquely identify a connection endpoint and to direct data to a specific service.

The "PO Box" at the "Physical Address" (IP Address), directing which "Room" the box (UDP or TCP) should go to.
In the case of a server, it directs what application should receive the data.

Road Metaphor

Network Topology - Map
IP - Transport Truck
UDP or TCP - Box on the truck
Data - Box Contents
IP Address - Physical Address
Port Number - PO Box at Physical Address

Socket (Internet Socket)

An identification number that serves as a combination of one of the following:
- Server IP address, protocol, server application port number.
or
-Client IP address, protocol, client port number.

Non-Ephemeral Ports

-Permanent port numbers
-Ports 0 through 1,023
-Usually on a server or service
-Most servers use these, but not always.

Ephemeral Ports

-Temporary port numbers
-Ports 1,024 through 65,535
-Determined in real-time by the client

Port Number details

TCP and UDP ports can be any number between 0 and 65,535. However, their Port Numbers don't correspond, so if one service running on TCP port 80, and a completely different service running on UDP port 80.

They are for communication not security.

There are a series of "Well-Known" port numbers that websites use, so they can be easily accessed.

FTP (File Transfer Protocol)

A protocol used to move files from one device to another.
Uses two port numbers:
* tcp/20 (data transfers)
* tcp/21 (controls data transfers)
Commonly requires authentication to log into the remote device, such as a username/password.
Includes a number of file management functions, so when you connect to an FTP server, you can list all the files on the server, add, delete, rename, etc.

Telnet (Telecommunication Network Protocol)

Terminal emulation program for TCP/IP networks that allows one machine to control another machine if the user is sitting in front of it. Uses TCP port 23 - tcp/23
All information sent over it is In-The-Clear (Unencrypted)

DNS (Domain Name System)

The Internet's system for converting alphabetic names into numeric IP addresses.
Uses UDP port 53 - udp/53

DHCP Benefits

Dynamic / pooled
* IP addresses are assigned in real-time from a pool.
* Each system is given a lease and must renew at set intervals.
* All IP addresses are assigned in real time, so when you start up your computer, it queries the DHCP server, which assigns your device all of your IP configuration details.
DHCP Reservation
* Addresses are assigned by MAC address in the DHCP Server
* Manage addresses from one location.

HTTP and HTTPS

Hypertext Transfer Protocol. A protocol for controlling how Web browsers and servers pass information back and forth over the Internet. HTTPS uses encryption.
HTTP - tcp/80 - Web server communication
HTTPS - tcp/443 - Web server communication with Encryption.

POP3/IMAP

• Receive emails from an email server
- Authenticate and transfer
• POP3 - Post office Protocol version 3
-- tcp/110
-- Basic mail transfer functionality
• IMAP4 - Internet Message Access Protocol v4
-- tcp/143
-- Includes email inbox management from multiple clients

SMB (Server Message Block)

Protocol used by Microsoft Windows
- File sharing, printer sharing
- Also called CIFS (Common Internet File System)
*Using NetBIOS over TCP/IP (Network Basic Input/Output System)
- udp/137 - NetBIOS name services (nbname)
- tcp/139 - NetBIOS session service (nbsession)
*Direct over tcp/445 (NetBIOS-less)
- Direct SMB communication over TCP without the netBIOS transport

SNMP (Simple Network Management Protocol)

A set of standards for communication for with devices connected to a TCP/IP network. Protocol that allows a network management device to query these infrastructure devices for performance details, and receive those metrics in return. Device examples include Routers, Hubs, Switches.
-- Queries: udp/161
-- Traps: udp/162
Two versions: v1 and v2

Traps (SNMP)

An alert sent by an infrastructure device, using SNMP. The device has been set to monitor for certain metrics, and if it exceeds those metrics, it sends such an alert to the management station.
* Use UDP Port 612 - udp/162

SNMP v1

The original form of SNMP
-Structured tables
-In-the-clear (no encryption)

SNMP v2

The second form of SNMP
• Data type enhancements
• Bulk transfers, still in-the-clear

SNMP v3

The third form of SNMP
-A secure standard
-Message integrity
-Authentication method
-Encryption

LDAP (Lightweight Directory Access Protocol)

A protocol used by many OS's and applications to access directories.
* Uses TCP port 389 - tcp/389

LDAP Benefits

Store and retrieve information in a network directory.
Commonly used in Microsoft Active Directory.

RDP (Remote Desktop Protocol)

A protocol used for sharing a desktop from a remote location, for Microsoft's Remote Desktop tool.
Available on many different Windows system.
Can connect to an entire desktop or just an application.
Clients for Windows, macOS, Linux, Unix, iPhone, Android, and many other OS's.
Uses TCP port 3389 - tcp/3389

SMTP (Simple Mail Transfer Protocol)

The main protocol used to send electronic mail from server to server on the Internet.
Uses TCP port 25 - tcp/25
Also used to send mail from a device to a mail server.
- Commonly configured on mobile devices and email.
Other protocols are used for clients to receive mail, such as IMAP or POP3.