PROTOCOLS DEFINITIONS - Unit 1

Connection-oriented communication

data delivery is guaranteed, higher overhead, more bandwidth, like TCP

Connectionless communication

information is just sent with no confirmation, used in streaming audio and video, like UDP

Internet Protocol (IP)

used to transport data from one node on a network to another, performs fragmentation and reassembly tasks for network transmissions, addressing; connectionless; operates at network layer

Transmission Control Protocol (TCP)

establishes mutually acknowledged sessions between 2 hosts before communication takes place, reliable IP connections with flow control, sequencing, error detection and correction; connection-oriented; transport layer

3 way handshake

TCP - sends SYN to target host, target host sends ACK, original host sends ACK

User Datagram Protocol (UDP)

brother of TCP but doesnt guarantee delivery like TCP; connectionless protocol; transport layer

Internet Control Message Protocol (ICMP)

works with IP layer to provide error checking and report functionality; has ping utility which sends echo request to another device and if device and connection is working, it responds with an echo reply;

TTL (time to live) (ICMP)

every message on the network has TTL - like a countdown. If it takes too long to arrive, ICMP makes it an expired message

Source quench (ICMP)

sender slows down rate of data sent for receiving host to handle and digest

Internet Protocol Security (IPsec)

provides secure communications between systems such as communication in same network and external networks; IP layer security protocol that can encrypt and authenticate network transmissions; provides data verification, protection from data, and private transactions; operates at network layer; Has AH and ESP

Authentication Header (AH) (IPsec)

authentication and integrity checking for data packets

Encapsulating Security Payload (ESP) (IPsec)

encryption services

Generic Routing Encapsulation (GRE)

tunneling encapsulating protocol used to wrap data and securely send across VPNs and Point to Point links

Encapsulation (GRE)

data packets from source network is encapsulated within GRE header and new IP header before transmitted over IP network

GRE headers

contains fields such as protocol type, key field for security purposes, and sequence number field for packet ordering

New IP Header (GRE)

new header specifies source and destination IP addresses of tunnel endpoints as well as protocol type and TTL field to prevent infinite routing (default 64 hops for macOS/Linux & 128 hops for Windows)

Decapsulation (GRE)

GRE encapsulated packets are decapsulated to extract original packets

File Transfer Protocol (FTP)

uploading and downloading of files from a remote host running FTP server software, as well as viewing content of folder and renaming and deleting files and directories; used to distribute files to general public over networks like the Internet; sends info unencrypted; application layer protocol;

FTP Server

using a computer to log into another computer

Telnet

virtual terminal protocol that enables sessions to be opened on a remote host; used to access UNIX and Linux systems

Secure File Transfer Protocol (SFTP)

uses Secure Shell (SSH) technology to provide authentication between sender and receiver and encryption capabilities

Secure Shell (SSH)

secure alternative to Telnet by encrypting data as it travels between systems

Simple Mail Transfer Protocol (SMTP)

defines how mail messages are sent between hosts; uses TCP connections to guarantee error free delivery of messages; used to send and receive mail

Domain Name System (DNS)

turns hostnames like www.google.com to IP addresses

Dynamic Host Configuration Protocol (DHCP)

automatically assigns IP addresses to devices on a network

Trivial File Transfer Protocol (TFTP)

variation of FTP that is a connectionless file transfer method; uses UDP; application layer

Hypertext Transfer Protocol (HTTP)

enables text, graphics, multimedia, and other materials to be downloaded from HTTP server; connection-oriented protocol that uses TCP as transport protocol; insecure

Network Time Protocol (NTP)

part of TCP/IP protocol that facilitates communication and synchronization of time between sequences; uses UDP

Simple Network Management Protocol (SNMP)

uses port 161 to send data and port 162 to receive data; facilitates network management functionality to central system

SNMP Manager (or NMS – Network Management System)

• The central controller in an SNMP setup.

• Sends Get and Set requests to devices and receives status info.

• Can receive Trap alerts (unsolicited messages from agents).

•Used to monitor devices like routers, switches, printers, etc.

Lightweight Directory Access Protocol (LDAP)

protocol to access and query directory services systems; UNIX/Linux or Microsoft Active Directory based; uses port 389 by default with secure version using port 636

Hypertext Transfer Protocol Secure (HTTPS)

secure version of HTTP where data is encrypted using Transport Layer Security (TLS), formerly known as Secure Sockets Layer (SSL); both client and server need to support it to be used

Server Message Block (SMB)

used on network for providing access to resources like files, printers, ports, etc that run on Windows; operates at application layer

Syslog

UNIX/Linux based systems, network devices, and printers use it for message logging; used for security, troubleshooting, or management reasons; syslog server listens for and logs data messages coming from syslog client

Simple Mail Transfer Protocol Secure (SMTPS)

uses TLS to provide authentication of communication partners along with data integrity and confidentiality by wrapping SMTP data in TLS

Lightweight Directory Access Protocol over SSL (LDAPS)

adds more security to LDAP; compared to LDAP, upon connection, client and server establishes a TLS session before any LDAP messages are transferred and LDAPS connection closes if TLS closes

Structured Query Language (SQL) Server

SQL allows queries to be configured in real time and passes to database servers; uses port 1433 by default with Oracle’s SQLnet using port 1521 and default port for MySQL is 3306

Remote Desktop Protocol (RDP)

used in Windows environment for remote connections; provides a way for client system to remotely connect to a server by operating on the server as if it were a local client application

Voice over IP (VoIP)

enables regular voice convos to occur by traveling through IP packets and via Internet

Session Initiation Protocol (SIP)

application layer protocol designed to establish and maintain multimedia sessions such as video conferencing and online gaming; uses either TCP or UDP; includes security services and encryption

Content Delivery Network (CDN)

globally distributed network of proxy servers used to speed up the process of getting data from one place to another by caching data

Virtual Pritvate Network (VPN)

secure private data traversing a public network by encrypting communication

Quality of Service (QoS)

manages bandwidth priority for applications and can be configured in routers, switches, and firewalls

Address Resolution Protocol (ARP)

data link layer; map an IP address to a physical MAC address

Internet Key Exchange (IKE) (IPsec)

secure connections, encryption, exchange cryptographic keys