CompTIA A+ Core 1 | Domain 2.0: Networking

2.1 Compare and contrast Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports, protocols, and their purposes. 2.2 Compare and contrast common networking hardware. 2.3 Compare and contrast protocols for wireless networking. 2.4 Summarize services provided by networked hosts. 2.5 Given a scenario, install and configure basic wired/wireless small office/home office (SOHO) networks. 2.6 Compare and contrast common network configuration concepts. 2.7 Compare and contrast Internet connection types, network types, and their features. 2.8 Given a scenario, use networking tools.

FTP Port Number

TCP 20, 21

SSH (Secure Shell)

Cryptographic network protocol for operating network services securely over an unsecured network.

SSH Port Number

TCP 22

Telnet

A network protocol used to virtually access a computer and to provide a two-way, collaborative and text-based communication channel between two machines

Telnet port

TCP 23

True or False: Telnet is not encrypted.

True

DNS (Domain Name System)

Convert name in browsers into something for the network such as an IP address.

DNS port number

UDP/TCP 53

HTTP (Hypertext Transfer Protocol)

Protocol for how computers and servers communicate; Used to display webpages

HTTPS (Hypertext Transfer Protocol Secure)

An encrypted version of HTTP.

HTTP Port Number

TCP 80

HTTPS port number

TCP 443

RDP (Remote Desktop Protocol)

Share a desktop screen from a remote location. On many Windows versions. Can connect to an entire desktop or just an application.

RDP port number

TCP 3389

SMB (Server Message Block)

Protocol used by Microsoft windows. Used to transfer files or share printers between windows systems.Allows for direct SMB communication over IP protocol

SMB Also Known As

CIFS (Common Internet File System)

NetBIOS (Network Basic Input/Output System)

Older version of windows that use this inside of a UDP or TCP packet to transfer files or share printers between windows

NetBIOS Port Number

UDP 137, 138 TCP 139

SMB Port Number

TCP 445

AFP (Apple Filing Protocol)

Apple's version of Window's SMB.

AFP Port Number

TCP 548 (used for file services)

DHCP (Dynamic Host Configuration Protocol)

Automated configuration of IP Address, subnet mask, and other options.

DHCP Port Number

UDP 67, 68

LDAP (Lightweight Directory Access Protocol)

Store and retrieve info in a network directory.

LDAP Port Number

TCP 389

SNMP (Simple Network Management Protocol)

Gathers statistics from network devices.
- v1 uses structured tables in non-encrypted form.
- v2 allowed for bulk transfer of data and also in clear text.
- v3 provides message authentication, integrity and encryption

SNMP Port Number

UDP 161, 162

TCP (Transmission Control Protocol)

A protocol that has a formal process when you start the communication and a formal process when you end the communication. Guaranteed delivery of each packet

UDP (User Datagram Protocol)

Used instead of TCP when guaranteed delivery of each packet is not necessary. UDP uses a best-effort delivery mechanism.

TCP & UDP Ports

-can be any number between 0-65,535
-most servers use non-ephemeral port numbers (isn't always the case)
-port numbers are for communication, not security
-service port numbers need to be well known

TCP Handshakes

SYN, SYN/ACK, ACK

TCP Flow Control

Receiver controls sender, so sender won't overflow receiver's buffer by transmitting too much, too fast

FTPS (File Transfer Protocol Secure)

An extension of FTP that uses SSL or TLS encrypt FTP traffic.

FTPS Ports

TCP 989 & 990

DHCP Also Known As

bootp, or Bootstrap Protocol

DHCP process (DORA)

Discover, Offer, Request, Acknowledge

OSI Layer 4

The Transport layer breaks data down into manageable chunks. TCP & UDP operate at the Transport layer.

Ethernet Frame

A term referring to an Ethernet data link header and trailer, plus the data encapsulated between the header and trailer.

Non-ephemeral ports

Permanent ports / well known. Usually on a server or service.
0 - 1023

Ephemeral ports

Temporary ports used in real time by clients. 1024-65,535.

SLP (Service Location Protocol)

A protocol used by Apple Filing Protocol (AFP) to view the list of available devices.

SLP (Service Location Protocol) Port

TCP & UDP 427 (list of available devices)

DoD Model

Process/Application layer, Host-to-Host layer, Internet layer, Network Access layer

What protocols in the TCP/IP suite operate at the process/application layer of the DoD model?

Telnet, FTP, LPD, SNMP, TFTP, SMTP, NFS, HTTP

Internet Layer Protocols

Internet Protocol (IP), Internet Control Message Protocol (ICMP), Address Resolution Protocol (ARP), Reverse Address Resolution Protocol (RARP), Proxy ARP

ICMP (Internet Control Message Protocol)

A core protocol in the TCP/IP suite that notifies the sender that something has gone wrong in the transmission process and that packets were not delivered.

Address Resolution Protocol (ARP)

Part of the TCP/IP protocol for determining the MAC address based on the IP address.

RARP (Reverse Address Resolution Protocol)

Resolves MAC addresses to IP addresses

TCP vs UDP

TCP is a connection oriented protocol where UDP isn't. TCP is suitable for connections the require high reliability and transmission time is less critical. TCP establishes a connection with counterpart where UDP doesn't have any guarantee that the packets sent made it to the destination. TCP uses error checking, where UDP does not. TCP uses sequencing (putting frames in the right order) where UDP does not.

FTP (File Transfer Protocol)

20, 21

SSH (Secure Shell)

22

Telnet

23

SMTP (Simple Mail Transfer Protocol)

25

DNS

53

DHCP (Dynamic Host Configuration Protocol)

67, 68 UDP

TFTP (Trivial File Transfer Protocol)

UDP 69

HTTP (Hypertext Transfer Protocol)

80

POP3

110

NetBIOS/NetBT (Network Basic Input/Output System)

137-139

IMAP4

143

SNMP (Simple Network Management Protocol)

UDP 161

LDAP (Lightweight Directory Access Protocol)

TCP 389

HTTPS (Hypertext Transfer Protocol Secure)

443

SMB/CIFS

445

RDP (Remote Desktop Protocol)

3389

Port 20/21—File Transfer Protocol (FTP)

Both a protocol and application, lets you copy files, list and manipulate directories, and view file contents.

Provides insecure file transfers

Downside is it's unsecure. Use alternatives for secure file transfers. Transmits usernames and passwords in plain text, meaning no encryption. Don't use same password for FTP servers as other important services.

Port 22: Secure Shell (SSH)

Provides secure remote control of another machine using a text-based environment such as a command shell

Connection-oriented protocol that can be used to set up a secure Telnet session for remote logins or for remotely executing programs and transferring files., using encryption

Best known for its use as a remote login capability

RWE: Change configuration of my web server, I can login from my house in Puerto Rico to my file server in California over the internet

Port 23 (Telnet)

Provides insecure remote control of another machine using a text-based environment

Used to provide bidirectional interactive text-oriented communication using virtual terminal connections (convoluted way of saying it provides us remote access via the command prompt)

Similar to SSH, has been around forever, but is unsecure like FTP.

Port 25: Simple Mail Transfer Protocol (SMTP)

Designed to send only, considered a "push" protocol. Email client locates its email server by querying the DNS server for a mail exchange (MX) record. Once located, this protocol pushes the message to the email server, which will then process the message for delivery.

Port 53: (DNS) Domain name system

Resolve host names to IP addresses

URL (Uniform Resource Locator)

A location or address identifying where documents can be found on the Internet; a Web address

Port 67/68—Dynamic Host Configuration Protocol (DHCP)

Dynamically assigns IP addresses and other IP configuration information; subnet mask, default gateway, and the DNS server, to network clients.

Port 69: Trivial File Transfer Protocol (TFTP)

Similar to FTP, only simpler and faster. No authentication required, UDP (connectionless), 5 commands vs 70, and it's primary use is transmitting configurations to and from network devices.

Port 80 (Hypertext Transfer Protocol)

Foundation of data communication for the worldwide web and is used for insecure web browsing

Manages communication between a web server and a client but is not secure and has been supplanted by HTTPS.

Port 110 Post Office Protocol (POP3)

Used for receiving incoming emails, was the preferred protocol for downloading email. Has been replaced by IMAP4.

Uses a "store and forward method of communication". So if somebody sends you an email, it will go to your email server where it will wait until you're ready to receive it.

Port 137/139 - Network Basic Input/Output System (NetBIOS)/NetBIOS over TCP/IP (NetBT)

Used for file or printer sharing in a Windows network, conducting name querying, sending of data, and other functions

Application programming interface (API) that allows computers to communicate with each other over the network. Works in Layer 5 of the OSI model. Because of this, it needs to work with anohter network protocol to handle the functions of Layer 4 and below.

NetBIOS (Network Basic Input/Output System)

Protocol that operates at the Session layer of the OSI seven-layer model. This protocol creates and manages connections based on the names of the computers involved.

Port 143 - Internet Mail Access Protocol (IMAP)

A newer method of retrieving incoming emails which improves upon the older POP3

Secure protocol designed to download email.

Advantages over POP3 include:
works in connected and disconnected modes, allows storage on the server, allows multiple clients to be simultaneously connected to the same inbox.

Port 161-162 - Simple Network Management Protocol (SNMP)

Used to collect data about network devices and monitor their status, including devices such as routers, switches, VoIP phones

Gathers and manages network performance information.

Port 389 - Lightweight Directory Access Protocol (LDAP)

Open vendor-neutral industry standard for accessing and maintaining distributed directory information services for your network

Active Directory in Windows but it's not JUST AD in Windows. AD is microsoft's proprietary version of LDAP

Delivery services protocol based on the X.500 standard. Designed to access information stored in an information directory typically called...?

Port 445 - Server Message Block (SMB)

Used for Windows file and printer sharing services, operating a lot with NetBIOS. NetBIOS does the authentication over port 139 and then SMB will handle the actual passing out of those files

Provides share access to files, printers, and other network resources. in a Windows based network

Common Internet File System (CIFS)

A method for accessing data in Windows networks. CIFS is a public version of Server Message Block (SMB) that was invented by Microsoft.

Port 3389 - Remote Desktop Protocol (RDP)

Provides graphical remote control of another client or server

Allows users to connect to remote computers and run programs on them.

connectionless protocol

A type of Transport layer protocol that services a request without requiring a verified session and without guaranteeing delivery of data.

Audio/video streaming, DHCP, and TFTP

connection-oriented protocol

A type of Transport layer protocol that requires the establishment of a connection between communicating nodes before it will transmit data.

SSH, HTTP, or HTTPS? Why do we require connection-oriented protocols here? Because with SSH, we are doing two-way remote control with a remote server or wks. If we want to reboot the server, if we are using ssh, we know that command got there.

TCP (Transmission Control Protocol)

A connection-oriented,
reliable data transmission
communication service that operates
at the transport layer of the OSI
model. TCP is part of the TCP/IP
suite. Features flow control.

Connection-oriented protocols are HTTPS and SSH.

UDP (User Datagram Protocol)

Protocol that operates instead of TCP in applications where delivery speed is important and quality can be sacrificed. DHCP and TFTP.

Unreliable and it transmits segments called datagrams

Great for streaming because the constant three-way handshake is not occuring

Connectionless, unreliable delivery with no error recovery or flow control

Service Location Protocol (SLP)

Port 427

protocol or method of organizing and locating the resources (such as printers, disk drives, databases, e-mail directories, and schedulers) in a network. This is an alternative protocol to LDAP in newer networks.

Network Time Protocol (NTP)

Port 123, Networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks.

System Logging Protocol (Syslog)

Port 514
Used to send logging data back to a centralized server

Well Known Ports

Ports 0 to 1023 are considered well-known and are assigned by the Internet Assigned Numbers Authority (IANA)

Registered Ports

Ports 1024 to 49151 are considered registered and are usually assigned to proprietary protocols

Have to be used by vendors for their own proprietary protocols and each vendor is going to register them with IANA prior to using them

Dynamic or Private Ports

Ports 49152-65535 can be used by any application without being registered with IANA

Usually used by your client whenever it picks a random high number port for its application

Commonly used for gaming, instant messaging, and chat

Port 22 - Secure File Transfer Protocol (SFTP)

Provides secure file transfers and operates on the exact same port we use for SSH because all we are doing is tunneling the FTP protocol

Port 443 Hypertext Transfer Protocol - Secure (HTTPS)

Used as a secure and encrypted version of web browsing, providing browsing over an encrypted tunnel. This tunnel can either use a Secure Socket Layer (SSL) or Transport Layer Security (TLS) to operate.

Three Way Handshake (TCP)

A three-step process in which Transport layer protocols establish a connection between nodes. The three steps are: Node A issues a SYN packet to node B, node B responds with SYN-ACK, and node A responds with ACK.

Port

Different path or road that data can travel down to get to different places.

TCP (Transmission Control Protocol)

Secure, reliable connection

Makes sure that the data gets to where it needs to be

UDP (User Datagram Protocol)

Connectionless.

Not guaranteed that the data is going to make it.

Connectionless Protocols

"I start talking. I don't even check if Bob's on the other end"

Ex. DHCP and TFTP