TCP Exam

Final Review

  • Course: TCP/IP Internet Services
      - Code: COMP-10043

TCP & UDP

  - Fundamental protocols in TCP/IP suite.

Connectionless vs. Connection-Oriented

  - Connectionless protocols (e.g., IP and UDP):
    - Package Application layer data without establishing a connection.
    - Send data without guarantees of successful delivery.
  - Connection-oriented protocols (e.g., TCP):
    - Provide reliable delivery with mechanisms for error correction.
    - Introduce overhead, potentially reducing speed compared to connectionless protocols.

User Datagram Protocol (UDP)

  - UDP characteristics:
    - Simple, high-speed, low-functionality wrapper between application and network layer.
    - Uses port numbers for identifying application layer protocols.
    - Optional checksum for error checking.
    - No reliability mechanisms, delivery guarantees, or connection handling.
  - Ideal use cases:
    - Streaming video, gaming applications where speed is prioritized over reliability.

Advantages of UDP

  - Speed:
    - No handshakes, flow control, or error correction.
  - Efficiency for Real-time Data:
    - Ideal for applications where speed is critical (e.g., VoIP, gaming).
  - Simplicity:
    - Easier implementation in systems without need for connection-oriented protocols.

Disadvantages of UDP

  - Lack of Reliability:
    - No retransmission of lost packets and no acknowledgments.
  - No Ordering:
    - Packets may arrive out of order.
  - No Flow Control:
    - Potential for congestion if packets are processed too slowly.
  - Error Handling:
    - Basic checksum verification without automatic error correction.

Port Number Ranges

  - TCP and UDP port numbers range: 0 to 65535.
  - Well-Known Port Numbers (0-1023):
    - Assigned to core services (e.g., UDP ports 67 & 68 for DHCP).
  - Registered Port Numbers (1024-49151):
    - For industry applications (e.g., TCP port 3389 for RDP).
  - Dynamic Port Numbers (49152-65535):
    - Temporary ports for client-server communications.
  - Resources: List of TCP and UDP Port Numbers

Transmission Control Protocol (TCP)

  - Purpose:
    - Ensure reliable, consistent, and timely data delivery from source to destination.
  - Mechanisms:
    - Establishes logical/virtual connections via a handshake.
    - Allows bi-directional data flow between hosts via multiplexing using ports.

TCP Packaging and Sequence Numbers

  - TCP packages data into segments, assigning each segment a sequence number.
  - Segmented data is transmitted in streams.
  - Reliability mechanisms include:
    - Sliding window acknowledgment system ensuring all data packets are received.
    - Error corrections and flow control mechanisms for data transmission rate management.

TCP Connection Mechanics

  - Three-Way Handshake: Connection Initialization
  - Connection Termination

TCP Reliability Mechanisms

  - Sequence Numbers:
    - Allow reassembly of out-of-order segments and detection of missing segments.
  - Acknowledgments:
    - Recipient sends ACK packets, confirming receipt of segments, negating retransmission.
  - Error Detection and Recovery:
    - Positive Acknowledgment with Retransmission (PAR) mechanism.
      - Retransmission timer starts after sending a packet, expiring if no acknowledgment is received.
  - Flow Control:
    - Flow control through receive and send windows assigned during the handshake.

TCP Flow Control and Congestion Control

  - Mechanisms to manage data flow to prevent buffer overflow in hosts.
  - Sliding Window Mechanism:
    - Tracks receive window size communicated in ACKs.
  - Congestion Control:
    - Maximum amount of data sent without acknowledgment.
    - Four algorithms for congestion management:
        - Slow start
        - Congestion avoidance
        - Fast retransmission
        - Fast recovery
       (details may be outside course scope).

TCP/IP Services

  - Fundamental behavior depends on conventions:
    - Message structure specifications.
    - Well-known port addresses where servers listen for requests.

Client-Server Model in TCP/IP Applications

  - Clients send request messages for services.
  - Servers send reply messages, differentiating roles.
  - In peer-to-peer services, roles may switch.

Server-to-Server Communications

  - Characterized by replication for redundancy and performance.
  - Pull Operation: Receiver initiates data transfer.
  - Push Operation: Sender initiates data transfer.

Telnet and SSH

  - Telnet:
    - Uses port 23, designed for terminal access.
    - NVT (Network Virtual Terminal) model.
    - Negotiation structures (Do, Don’t, Will, Won’t).
  - Secure Shell (SSH):
    - Secure alternative to Telnet with encrypted communication capabilities.
    - Multiple authentication methods like password-based and key-based.

HTTP Architecture

  - Client-server interactions; stateless protocol for request/response:
    - Efficient server handling for multiple users.
    - Caching and proxy server capabilities.

FTP and TFTP

  - FTP:
    - Standard for file transfers, operates using TCP.
    - Composed of User Interface, Protocol Interpreter, and Data Transfer Process.

IPv6

  - Provides vastly more IP addresses than IPv4:
    - Address space: 128 bits supporting 340 undecillion unique addresses.
  - Advantages Over IPv4:
    - Larger address space, simplified networking without NAT, and improved routing and support for IoT.

IPv6 Addressing and Message Types

  - Two types of addresses: link-local (FE80::/10) and unique global addresses (2000::/3).
  - No broadcast, replaced with multicast.

Neighbor Discovery Protocol

  - Enables communication and discovery of network devices using NDP messages carried in ICMPv6:
    - Neighbor Solicitation, Neighbor Advertisement, Router Solicitation, Router Advertisement.

Stateless Address Autoconfiguration (SLAAC)

  - Allows devices to configure IP addresses automatically without DHCP.

Securing TCP/IP Environments

  - Importance of physical, system, network, and user security measures.
  - Best practices include multi-factor authentication, layered security controls.

Security Best Practices

  - Reduce attack surfaces, filter out unwanted addresses, restrict access.
  - Protocol security considerations, emphasizing TLS for secure data transfer.

Common Attack Vectors

  - Phishing, Spoofing, Brute-force attacks, Credential stuffing, Code injections.

Malware Types

  - Ransomware, Wipers, Trojans, Viruses, Worms, Rootkits.

Email Protocols

  - MUA, MTA, MDA:
  - SMTP for email sending, IMAP and POP3 for retrieval.

SNMP

  - Simple Network Management Protocol managing monitoring of devices.
  - Versions: SNMPv1, SNMPv2c, SNMPv3 (most secure).

RADIUS

  - Remote Authentication Dial-In User Service for centralized network access management via AAA: Authentication, Authorization, Accounting.

Session Initiation Protocol (SIP)

  - Establishes real-time communication sessions like voice and video calls, integrates with other protocols (RTP, SDP).

Summary

  - The TCP/IP stack encompasses a diverse range of protocols and services that together secure, manage, and facilitate communication over the internet and private networks. Continuous advancements, such as moving towards IPv6 and enhancing security protocols (SSL/TLS), reflect an evolving landscape addressing modern networking challenges.

Key Takeaways

  - Understanding these protocols and their implementations is crucial for successfully navigating network design, management, and security in contemporary environments.