Full Transcript

Protocols Franklin M. Miranda Jr. The history of TCP/IP The Defense Advanced Research Projects Agency, the research branch of the U.S. Department of Defense, created the TCP/IP model in the 1970s for use in ARPANET, a wide area network that preceded the internet. TCP/IP was originally...

Protocols Franklin M. Miranda Jr. The history of TCP/IP The Defense Advanced Research Projects Agency, the research branch of the U.S. Department of Defense, created the TCP/IP model in the 1970s for use in ARPANET, a wide area network that preceded the internet. TCP/IP was originally designed for the Unix OS, and it has been built into all of the OSes that came after it. The TCP/IP model and its related protocols are now maintained by the Internet Engineering Task Force OSI model V.S. TCP/IP model The OSI model is TCP/IP model is more generic more practical and and protocol- guides the design independent, and management while the TCP/IP model is more of networks. functional and based on specific protocols. TCP/IP MODEL (Protocol suite) Internet Protocol Suite, is a collection of networking protocols that work in tandem to transfer a data packet from one computer to another using computer networks. TCP/IP Protocol Suite The TCP/IP model is an abstract idea. The TCP/IP protocol suite is an actual implementation of the model. Let us now identify each protocol and discuss it one by one TCP-transmission Control Protocol Protocol and is a suite of communication protocols used to interconnect network devices on the internet. TCP/IP is also used as a communications protocol in a private computer network (an intranet or extranet). TCPIP PROTOCOL TCP/IP protocol suite functions as an Network address translation (NAT) is the abstraction layer between internet virtualization of IP addresses. NAT helps improve security and decrease the number applications and the routing and of IP addresses an organization needs switching fabric. TCP Common TCP/IP protocols include the following: Hypertext Transfer Protocol (HTTP) handles the communication between a web server and a web browser. E.g. http://info.cern.ch - home of the first website HTTP Secure handles secure communication between a web server and a web browser Collectively, the TCP/IP suite of protocols is classified as stateless, which means each client request is considered new because it is unrelated to previous requests The 4 layers of the TCP/IP model 1. The application layer provides applications with standardized data exchange. Its protocols include HTTP, FTP, Post Office Protocol 3, Simple Mail Transfer Protocol and Simple Network Management Protocol. At the application layer, the payload is the actual application data. 2. The transport layer is responsible for maintaining end- to-end communications across the network. TCP handles communications between hosts and provides flow control, multiplexing and reliability. The transport protocols include TCP and User Datagram Protocol, which is sometimes used instead of TCP for special purposes TCP 3. The network layer, also called the internet layer, deals with packets and connects independent networks to transport the packets across network boundaries. The network layer protocols are IP and Internet Control Message Protocol, which is used for error reporting TCP 4. The physical layer, also known as the network interface layer or data link layer, consists of protocols that operate only on a link -- the network component that interconnects nodes or hosts in the network. The protocols in this lowest layer include Ethernet for local area networks and Address Resolution Protocol Advantage of TCP/IP helps establish a connection between different types of computers; works independently of the OS; supports many routing protocols; uses a client-server architecture that is highly scalable; can be operated independently; supports several routing protocolsIs lightweight disadvantages of TCP/IP complicated to set up and manage; transport layer does not guarantee delivery of packets; is not easy to replace protocols in TCP/IP; does not clearly separate the concepts of services, interfaces, and protocols, so it is not suitable for describing new technologies in new networks vulnerable to a synchronization attack, which is a type of denial-of-service attack in which a bad actor uses TCP/IP. Tcp/ip model in computer network Internet Control Message Protocol (ICMP) The Internet Control Message Protocol (ICMP) is a network layer protocol used by network devices to diagnose network communication issues. ICMP is mainly used to determine whether or not data is reaching its intended destination in a timely manner. Commonly, the ICMP protocol is used on network devices, such as routers. ICMP is crucial for error reporting and testing, but it can also be used in distributed denial-of-service (DDoS) attacks. What is ICMP used for? The primary purpose of ICMP is for error reporting. When two devices connect over the Internet, the ICMP generates errors to share with the sending device in the event that any of the data did not get to its intended destination. For example, if a packet of data is too large for a router, the router will drop the packet and send an ICMP message back to the original source for the data. ICMP/TRACEROUTE A secondary use of ICMP protocol is to perform network diagnostics; the commonly used terminal utilities traceroute and ping both operate using ICMP. The traceroute utility is used to display the routing path between two Internet devices. The routing path is the actual physical path of connected routers that a request must pass through before it reaches its destination. The journey between one router and another is known as a ‘hop,’ and a traceroute also reports the time required for each hop along the way. This can be useful for determining sources of network delay. ICMP /PING The ping utility is a simplified version of traceroute. A ping will test the speed of the connection between two devices and report exactly how long it takes a packet of data to reach its destination and come back to the sender’s device. Although ping does not provide data about routing or hops, it is still a very useful metric for gauging the latency between two devices. The ICMP echo- request and echo-reply messages are commonly used for the purpose of performing a ping. Unfortunately, network attacks can exploit this process, creating means of disruption such as the ICMP flood attack and the ping of death attack. What Is File Transfer Protocol (FTP) The term file transfer protocol (FTP) refers to a process that involves the transfer of files between devices over a network. The process works when one party allows another to send or receive files over the Internet. FILE TRANSFER PROTOCOL Originally used as a way for users to communicate and exchange information between two physical devices, it is now commonly used to store files in the cloud, which is usually a secure location that is held remotely. FTP may be used by a business or individual to transfer files from one computer system to another or by websites to upload or download files from their servers KEY TAKEAWAYS File transfer protocol (FTP) is a way to download, upload, and transfer files from one location to another on the Internet and between computer systems. FTP enables the transfer of files back and forth between computers or through the cloud. FTP Users require an Internet connection in order to execute FTP transfers. FTP is an essential tool for those who build and maintain websites. Many FTP clients are free to download, although most websites already have the FTP built-in. What Is an Example of FTP Examples of FTP clients include CoffeeCup Free FTP, Core FTP, FileZilla Client, FTP Voyager, and WinSCP. What is Kerberos Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography KERBEROS Kerberos was created by MIT as a solution to these network security problems. The Kerberos protocol uses strong cryptography so that a client can prove its identity to a server (and vice versa) across an insecure network connection. KERBEROS Kerberos is a solution to your network security problems. It provides the tools of authentication and strong cryptography over the network to help you secure your information systems across your entire enterprise The Three Main Parts of Kerberos User/client Key distribution center (KDC) Authentication server (AS) Ticket-granting server (TGS) Service/application Kerberos authentication allows service systems and users to authenticate each other. During all steps of the process, the user and the server will know that the counterparts that they are interacting with are authentic. User Datagram Protocol (UDP) Transport Layer protocol. UDP is a part of the Internet Protocol suite, referred to as UDP/IP suite. Unlike TCP, it is an unreliable and connectionless protocol Applications of UDP: Used for simple request- response communication when the size of data is less and hence there is lesser concern about flow and error control. It is a suitable protocol for multicasting as UDP supports packet switching. UDP is used for some routing update protocols like RIP (Routing Information Protocol). Following implementations uses UDP as a transport layer protocol NNP (Network News Protocol) Quote of the day protocol TFTP, RTSP, RIP. used for the distribution, inquiry, retrieval, and posting of news articles using a reliable stream-based mechanism, usually TCP/IP. The Domain Name System (DNS) protocol is a core network service that allows users to navigate the internet using hostnames instead of IP addresses. DNS DNS stands for Domain Name System. DNS is a directory service that provides a mapping between the name of a host on the network and its numerical address. DNS is required for the functioning of the internet. Each node in a tree has a domain name, and a full domain name is a sequence of symbols specified by dots. DNS is a service that translates the domain name into IP addresses. This allows the users of networks to utilize user-friendly names when looking for other hosts instead of remembering the IP addresses. For example, suppose the FTP site at EduSoft had an IP address of 132.147.165.50, most people would reach this site by specifying ftp.EduSoft.com. Therefore, the domain name is more reliable than IP address. DNS (Domain Name Service) DNS servers translate the website domain names users search in web browsers into corresponding numerical IP addresses. BOOTP, DHCP. A protocol important part of the web's infrastructure, serving as the Internet's phone book: every time you visit a website, your computer performs a DNS lookup. What if every search in web you use the dot ip address? Equivalent dot IP address of FACEBOOOK 69.63.176.13 Dot IP address for Google Browser 69.63.181.15 69.63.187.17 For IPv4: 8.8.8.8 and/or 8.8.4.4. For IPv6: 2001:4860:4860::8888 and/or 69.63.187.18 2001:4860:4860::8844 69.63.184.142 69.63.187.19 69.63.181.11 69.63.181.12 DNS is a TCP/IP protocol used on different platforms. The domain name space is divided into three different sections: generic domains, country domains, and inverse domain. Country Domain ▪ The format of country domain is same as a generic domain, but it uses two- character country abbreviations (e.g., us for the United States) in place of three character organizational abbreviations. The domain name space is divided into three different sections: generic domains, country domains, and inverse domain. Generic Domains ▪ It defines the registered hosts according to their generic behavior. ▪ Each node in a tree defines the domain name, which is an index to the DNS database. ▪ It uses three-character labels, and these labels describe the organization type. The application layer can do some of the tasks through UDP Record Route Provides a facility for routers to record their IP addresses, allowing a system to see the route that an IP datagram took Trace Route on its way from the A traceroute provides a map of how data on the internet travels from its source to its destination. original source to the final destination. Inverse Domain ▪ The inverse domain is used for mapping an address to a name. When the server has received a request from the client, and the server contains the files of only authorized clients. To determine whether the client is on the authorized list or not, it sends a query to the DNS server and ask for mapping an address to the name. Timestamp the current time of an event that a computer records. Through mechanisms, such as the Network Time Protocol, a computer maintains accurate current time, calibrated to minute fractions of a second. A timestamp is a digital record of the date and time when an event occurred, usually represented in a human-readable format. SMTP(Simple Mail Transfer Protocol) is a TCP/IP protocol used in sending and receiving email. SMTP is used most commonly by email clients, including Gmail, Outlook, Apple Mail and Yahoo Mail. SMTP can send and receive email, but email clients typically use a program with SMTP for sending email. Simple Mail Transfer Protocol (SMTP) is a standard internet protocol that allows computers and servers to exchange email messages over a network. SMTP is used by email service providers like Gmail and Outlook, as well as other message transfer agents. Model of SMTP POP3 (Post Office Protocol) An older protocol was originally designed to be used on only one computer. Unlike modern protocols that use two-way synchronization, POP3 only supports one-way email synchronization, only allowing users to download emails from a server to a client. IMAP(Internet Message Access Protocol) is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection. IMAP is defined by RFC 9051. SNMP(Simple Network Management Protocol) SNMP is a framework used for managing devices on the internet. It provides a set of operations for monitoring and managing the internet. Simple Network Management Protocol (SNMP) is an application-layer protocol. Part of the Transmission Control Protocol/Internet Protocol (TCP/IP) suite. Used to monitor and manage network devices, such as routers, servers, and printers, by collecting and organizing information about them and changing that information to modify their behavior. Examples of SNMP Routers, switches, firewalls, and wireless access points are examples of devices that you can manage via SNMP. RFC stands for Request for Comments is a collection of technical documents published by the Internet Engineering Task Force (IETF) that describe the internet's technical foundations and specify protocols. These protocols are used to deliver services like email, real-time collaboration, and the domain name system. Reverse Address Resolution Protocol (RARP) is a protocol a physical machine in a local area network (LAN) can use to request its IP address. It does this by sending the device's physical address to a specialized RARP server that is on the same LAN and is actively listening for RARP requests. ActiveX is a software framework from Microsoft that includes protocols, technologies, and APIs that allow applications to share data and functionality with each other through web browsers. ActiveX is a deprecated software framework created by Microsoft that adapts its earlier Component Object Model (COM) and Object Linking and Embedding (OLE) technologies for content downloaded from a network, particularly from the World Wide Web. Microsoft introduced ActiveX in 1996.

Use Quizgecko on...
Browser
Browser