Types of protocols or protocol numbers

¡Supera tus tareas y exámenes ahora con Quizwiz!

22

(TCP) Secure Shell (SSH) is a secure alternative to Telnet. SSH provides security by encrypting data as it travels between systems. This makes it difficult for hackers using packet sniffers and other traffic-detection systems. It also provides more robust authentication systems than Telnet. Two versions of SSH are available: SSH1 and SSH2. Of the two, SSH2 is considered more secure. The two versions are incompatible. If you use an SSH client program, the server implementation of SSH that you connect to must be the same version. Although SSH, like Telnet, is associated primarily with UNIX and Linux systems, implementations of SSH are available for all commonly used computing platforms, including Windows and Macintosh. As discussed earlier, SSH is the foundational technology for Secure File Transfer Protocol (SFTP). Uses the same port.

53

DNS (UDP) converts www names to IP addresses.

143

Internet Message Access Protocol Version 4 - IMAP A mechanisms for downloading, or pulling, email from a server. They are necessary because although the mail is transported around the network via SMTP, users cannot always immediately read it, so it must be stored in a central location. From this location, it needs to be downloaded or retrieved, which is what IMAP4 enable you to do. It includes management of email inbox from multiple devices. IMAP4 offers an advantage over POP3. It uses a more sophisticated authentication system, which makes it more difficult for people to determine a password.

1812/1813

RADIUS uses these UDP ports.

554

RTSP. Real Time Streaming Protocol - used by Real Media, quicktime and others for video and audio streaming

20/21

File Transfer Protocol (FTP) (active / passive)* Works at the Application layer FTP provides for the uploading and downloading of files from a remote host running FTP server software. As well as uploading and downloading files, FTP enables you to view the contents of folders on an FTP server and rename and delete files and directories if you have the necessary permissions. One of the big problems associated with FTP is that it is considered insecure. Even though simple authentication methods are associated with FTP, it is still susceptible to relatively simple hacking approaches. In addition, FTP transmits data between sender and receiver in an unencrypted format. WinSCP is an example of an FTP client. *With passive FTP, the server doesn't use port 20. Instead, the client sends an FTP request on port 21, just like active FTP. But then the server sends back a random port number, telling the client which port it's listening on for data requests. The client, in turn, sends data to the port specified by the FTP server. Because the client initiates all conversations, the NAT router knows where to send the packet. Otherwise NAT would have no idea where to send the packet.

DHCP advantages

First, administrators do not need to manually configure each system. Second, human error such as the assignment of duplicate IP addresses is eliminated. Third, DHCP removes the need to reconfigure systems if they move from one subnet to another, or if you decide to make a wholesale change in the IP addressing structure.

1720

H.323 VOIP signalling protocol. Similarly to SIP protocol, it allows us to setup, ring and hang up the call. One of the earliest applications of VOIP still in circulation.

80

Hypertext Transfer Protocol HTTP HTTP, is the protocol that enables text, graphics, multimedia, and other material to be downloaded from an HTTP server. HTTP defines what actions can be requested by clients and how servers should answer those requests. HTTP is a connection-oriented protocol that uses TCP as a transport protocol.

DHCP Process

1. DISCOVER packet: client sends a broadcast looking for server. 2. OFFER packet: Server sends an address 3.REQUEST packet: Client then ask to have the offered address. 4. ACK packet: server assigns the address and sends an acknowledgement to the requesting client. These communications are done as broadcast.

TCP three-way handshake.

1. It sends a message called a SYN to the target host. 2. The target host opens a connection for the request and sends back an acknowledgment message called an ACK (or SYN ACK). 3. The host that originated the request sends back another acknowledgment, saying that it has received the ACK message and that the session is ready to be used to transfer data.

TCP

A connection-oriented transport protocol. Connection-oriented transport protocols provide reliable transport, in that if a segment is dropped, the sender can detect that drop and retransmit that dropped segment. Specifically, a receiver acknowledges segments that it receives. Based on those acknowledgements, a sender can determine which segments were successfully received. TCP operates at the transport layer of the OSI model. TCP (no port number associated) Transmission Control Protocol (TCP)

UDP

A connectionless transport protocol. Connectionless transport protocols provide unreliable transport, in that if a segment is dropped, the sender is unaware of the drop, and no retransmission occurs. UDP operates at the transport layer User Datagram Protocol (no port associated)

219

Address Resolution Protocol (ARP) ARP, is responsible for resolving IP addresses to Media Access Control (MAC) addresses. When a system attempts to contact another host, IP first determines whether the other host is on the same network it is on by looking at the IP address. If IP determines that the destination is on the local network, it consults the ARP cache to see whether it has a corresponding entry. The ARP cache is a table on the local system that stores mappings between data link layer addresses (the MAC address or physical address) and network layer addresses (IP addresses).

67 / 68

Connectionless Dynamic Host Configuration Protocol (servers port / hosts port), enables ranges of IP addresses, known as scopes, to be defined on a system running a DHCP server application. When another system configured as a DHCP client is initialized, it asks the server for an address. If all things are as they should be, the server assigns an address from the scope to the client for a predetermined amount of time, known as the lease. In addition to an IP address and the subnet mask, the DHCP server can supply many other pieces of information; although, exactly what can be provided depends on the DHCP server implementation. In addition to the address information, the default gateway is often supplied, along with DNS information.

DHCP disadvantages

DHCP traffic is broadcast-based and thus generates network traffic—albeit a small amount. Finally, the DHCP server software must be installed and configured on a server, which can place additional processor load (again, minimal) on that system.

443

Hypertext Transfer Protocol Secure HTTPS One of the downsides of using HTTP is that HTTP requests are sent in clear text. For some applications, such as e-commerce, this method to exchange information is unsuitable—a more secure method is needed. The solution is HTTPS, which uses a system known as Secure Socket Layer (SSL), which encrypts the information sent between the client and host.

socket/endpoint

IP address + Port Number in a session

DHCP Reservation

In addition to having DHCP supply a random address from the scope, you can configure it to supply a specific address to a client. Such an arrangement is known as a reservation. Reservations are a means by which you can still use DHCP for a system but at the same time guarantee that it always has the same IP address. DHCP can also be configured for exclusions. In this scenario, certain IP addresses are not given out to client systems.

ICMP

Internet Control Message Protocol (no port number associated and CONNECTIONLESS as it only ever needs one packet for messages) Unreachable default gateway = ICMP - related issue. ICMP Is a protocol that works with the IP layer to provide error checking and reporting functionality. In effect, ICMP is a tool that IP uses in its quest to provide best-effort delivery. ICMP can be used for a number of functions. Its most common function is probably the widely used and incredibly useful ping utility, which can send a stream of ICMP echo requests to a remote host. ICMP also can return error messages such as Destination unreachable and Time exceeded. (The former message is reported when a destination cannot be contacted and the latter when the Time To Live [TTL] of a datagram has been exceeded.) ICMP performs source quench. In a source quench scenario, the receiving host cannot handle the influx of data at the same rate as the data is sent. To slow down the sending host, the receiving host sends ICMP source quench messages, telling the sender to slow down. This action prevents packets from dropping and having to be re-sent.

IGMP

Internet Group Management Protocol The protocol within the TCP/IP protocol suite that manages multicast groups. It enables, for example, one computer on the Internet to target content to a specific group of computers that will receive content from the sending system. IGMP is used to register devices into a multicast group, as well as to discover what other devices on the network are members of the same multicast group. Common applications for multicasting include groups of routers on an internetwork and videoconferencing clients.

389 / 636

Lightweight Directory Access Protocol - LDAP (389 default LDAP (not secure) / LDAPS i.e. LDAP over SSL but made obsolete by LDAP2, which is secure and uses 636) Lightweight Directory Access Protocol (LDAP) is a protocol that provides a mechanism to access and query directory services systems. In the context of the Network+ exam, these directory services systems are most likely to be Novell Directory Services (NDS) and Microsoft's Active Directory. Although LDAP supports command-line queries executed directly against the directory database, most LDAP interactions are via utilities such as an authentication program (network logon) or locating a resource in the directory through a search utility.

119

Network News Transfer Protocol NNTP (aka USENET) USENET enjoyed great popularity for some years, though it barely survives today. It might turn up as an incorrect answer on the exam. Is a protocol associated with posting and retrieving messages to and from newsgroups. A newsgroup is a discussion forum hosted on a remote system. By using NNTP client software, like that included with many common email clients, users can post, reply to, and retrieve messages. Although web-based discussion forums are slowly replacing newsgroups, demand for newsgroup access remains high. The distinction between webbased discussion forums and NNTP newsgroups is that messages are retrieved from the server to be read. In contrast, on a web-based discussion forum, the messages are not downloaded. They are simply viewed from a remote location.

123

Network Time Protocol - NTP CONECTIONLESS NTP is the part of the TCP/IP protocol suite that facilitates the communication of time between systems. The idea is that one system configured as a time provider transmits time information to other systems that can be both time receivers and time providers for other systems.

110

Post Office Protocol Version 3 POP A mechanisms for downloading, or pulling, email from a server. They are necessary because although the mail is transported around the network via SMTP, users cannot always immediately read it, so it must be stored in a central location. From this location, it needs to be downloaded or retrieved, which is what POP3 enable you to do. One of the problems with POP3 is that the password used to access a mailbox is transmitted across the network in clear text. This means that if people want to, they could determine your POP3 password with relative ease.

3389

Remote Desktop Protocol - RDP Allows to connect to entire desktop or just an application on the remote device.

ARP

Resolves IP addresses to MAC addresses and maintains a table of mappings (broadcast traffic no port associated)

RARP

Reverse Address Resolution Protocol (RARP) Performs the same function as ARP, but in reverse. In other words, it resolves MAC addresses to IP addresses. RARP makes it possible for applications or systems to learn their own IP address from a router or Domain Name Service (DNS) server. Such a resolution is useful for tasks such as performing reverse lookups in DNS.

520

Routing Information Protocol (RIP) is a protocol that routers can use to exchange network topology information. It is characterised as an interior gateway protocol, and is typically used in small to medium-sized networks.

22 (for file transfer)

SFTP - Secure File Transfer Protocol (TCP) A protocol that transfers files between clients securely. Based on Secure Shell (SSH) technology, provides robust authentication between sender and receiver. It also provides encryption capabilities, which means that even if packets are copied from the network, their contents remain hidden from prying eyes.

161/162

SNMP for nonsecure communication; A NMS receives/listens on port __2. The agent receives/listens on port __1. When security is added via Transport Layer Security (TLS) the standard ports used are 10162 and 10161, respectively.)

10161/1162

SNMP for secure communication; When security is added via Transport Layer Security (TLS) the standard ports used are ____ and ____ An NMS receives/listens on port __2. The agent receives/listens on port __1.

22 (for secure copying of files)

Secure Copy Protocol Secure Copy Protocol (SCP) is another protocol based on SSH technology. SCP provides a secure means to copy files between systems on a network. By using SSH technology, it encrypts data as it travels across the network, thereby securing it from eavesdropping. It is intended as a more secure substitute for Remote Copy Protocol (RCP). SCP is available as a command-line utility, or as part of application software for most commonly used computing platforms. ___ works well but lacks features such as a directory listing. ____ still exists, especially with the well-known UNIX scp command-line utility, but it has, for the most part, been replaced by the more powerful SFTP.

445

Server Message Block - SMB Protocol used by Microsoft Windows for file sharing and printer sharing (aka CIFS Common Internet File System)

5060 /5061

Session Initiation Protocol SIP An application layer protocol designed to establish and maintain multimedia sessions, such as Internet telephony calls (VOIP: call, ring, hang-up). This means that SIP can create communication sessions for such features as audio/videoconferencing, online gaming, and person-to-person conversations over the Internet. SIP does not operate alone; it uses TCP or UDP as a transport protocol.

25

Simple Mail Transfer Protocol (TCP) SMTP is a protocol that defines how mail messages are sent between hosts. SMTP uses TCP connections to guarantee error-free delivery of messages. SMTP is not overly sophisticated and requires that the destination host always be available. SMTP can be used to both send and receive mail (i.e. to relay messages to and from the server). Commonly configured on mobile devices and email clients. Post Office Protocol version 3 (POP3) and Internet Message Access Protocol version 4 (IMAP4) can be used only to receive mail.

993 / 995 / 587

Some well-known email ports are as follows: IMAP: 143 (retrieves messages from the receiving server) POP3: 110 (receive) SMTP: 25 (send) Each of these protocols has two secure versions - one that uses the same port above (via STARTTLS) and another that uses different ports, as follows:

STP

Spanning Tree Protocol. The Spanning Tree Protocol (STP) is a network protocol that builds a loop-free logical topology for Ethernet networks. The basic function of STP is to prevent bridge loops and the broadcast radiation that results from them

69

TFTP - Trivial File Transfer Protocol CONNECTIONLESS A variation on FTP is TFTP, which is also a file transfer mechanism. However, TFTP does not have the security capability or the level of functionality that FTP has. TFTP, is most often associated with simple downloads, such as those associated with transferring firmware to a device such as a router and booting diskless workstations. Another feature that TFTP does not offer is directory navigation; nor does it offer username and password restrictions. TFTP is an application layer protocol that uses UDP, which is a connectionless transport layer protocol. For this reason, TFTP is called a connectionless file transfer method.

23

Telnet is a virtual terminal protocol. It enables sessions to be opened on a remote host, and then commands can be executed on that remote host. For many years, Telnet was the method by which clients accessed multiuser systems such as mainframes and minicomputers. It also was the connection method of choice for UNIX systems. Today, Telnet is still commonly used to access routers and other managed network devices. One of the problems with Telnet is that it is not secure. As a result, remote session functionality is now almost always achieved by using alternatives such as SSH.

RTP

The Real-time Transport Protocol (no typically associated port no, although IETF recommends ports 6970 - 6999) Instead, the ports are allocated dynamically and then signalled using a different protocol such as SIP or H245 is the Internet-standard protocol for the transport of real-time data, including audio and video. RTP can use either TCP or UDP as a transport mechanism. However, UDP is used more often because applications using RTP are less sensitive to packet loss but typically are sensitive to delays. UDP, then, is a faster protocol because packet delivery is not guaranteed. RTP is often used with VoIP. VoIP data packets live in RTP packets, which are inside UDP-IP packets. The data part supports applications with real-time properties such as continuous media (such as audio and video), including timing reconstruction, loss detection, security, and content identification. The control part (RTCP) supports real-time conferencing of groups of any size within an internet.

socket pairs or endpoints

The connection data stored on two computers about the same session / connection so that they know where to send and receive data. At any given point in time, your computer probably has a large number of communications going on. If you want to know who your computer is communicating with, you need to see this list of endpoints > use netstat -n to see active TCP/IP connections; sometimes there are multiple connections for a single website.

DHCP Scope

The range of IP address available to assign to clients.

TLS

Transport Layer Security A security protocol designed to ensure privacy between communicating client/server applications. When a server and client communicate, TLS ensures that no one can eavesdrop and intercept or otherwise tamper with the data message. TLS is the successor to SSL. TLS record protocol: Uses a reliable transport protocol such as TCP and ensures that the connection made between systems is private using data encryption. TLS handshake protocol: Used for authentication between the client and server.

DHCP lease

lease is the length of time the client can have the assigned IP address. At various points during the lease (normally the 50 percent and 85 percent points), the client attempts to renew the lease from the server. If the server cannot perform a renewal, the lease expires at 100 percent, and the client stops using the address.

Commonly Used FTP Commands

ls Lists the files in the current directory on the remote system cd Changes the working directory on the remote host lcd Changes the working directory on the local host put Uploads a single file to the remote host get Downloads a single file from the remote host mput Uploads multiple files to the remote host mget Downloads multiple files from the remote host binary Switches transfers into binary mode ascii Switches transfers into ASCII mode (the default)


Conjuntos de estudio relacionados

Algebra 5:03 Simplify Radical Expressions

View Set

5000+ Collegiate Words (SAT Vocabulary)

View Set

Excel Essential Training (Office 365/Microsoft 365) chapter quiz questions

View Set

MedSurg - PrepU Ch. 62 - Cerebrovascular Disorders

View Set