Network+: transport layer protocols
Show Process ID for an application execute this command "Netstat -ano". Linux's command ps does the same
-o switch tells NETSTAT to show process ID. Each PID belongs to a program running on a computer. -s stats on TCP, UDP, IPv4, ICMP, etc
well-known port numbers are
A 16-bit value ranges from 0 to 1023. All ports range from 0 to 65,535. The well-known web servers' port is 80, which is specially reserved for specific TCP/IP applications.
HTTP (Hypertext Transfer Protocol)
A communications standard that is used to transport Web pages over the Internet Uses port 80 It does not execute commands and requires other technologies to execute commands. They are JavaScript/AJAX, server-side scripting, Adobe Flash, and cookies.
User Datagram Protocol (UDP)
A connectionless protocol that can be used with IP, instead of TCP. Unlike TCP, UDP does not require a confirmation of a session. One example of the applications using UDP is DHCP (dynamic host configuration protocol). DHCP does not require a computer from the ends of a session; DHCP just sends information but does not need or want a confirmation from the other end of a session. Another example is trivial file transfer protocol (TFTP). The file transfer protocol is not secured so it is only used within a LAN only.
Transport Layer Security (TLS)
A robust update to SSL that works with almost any TCP application. Are the cryptographic protocols that provide communications security over a computer network and between servers and web browsers.
Open port or listening port
A socket prepared to respond to any IP packets designed for that socket's port number.
Secure Shell (SSH) - port #22
Acts exactly like Telnet but has encryption A protocol that can create a secure channel between two computers or network devices. FreeSSHd is free Telnet Server. All Telnet servers are SSH servers due to SSH's popularity.
Internet control message protocol ICMP)
Designed for simple applications. So simple that an application can jay send one packet to another computer without an issue of getting there. For example PING, an echo request, is sent to another IP. The computer with the IP responds back with a reply echo.
MS' Internet Information Services (IIS)
Enables your network protection against more than 20 connections and DoS attack.
Telnet protocol or telnetd for Unix/Linux
Is a protocol allows administrator to access different network or a computer remotely. Runs at port 23. Allows users to access Telnet server and execute commands on that server as if you were sitting in front of it. It requires username and password. But no encryption though. Is rarely used on the Internet and was replaced with Secure Shell (SSH).
Secure Socket Layer (SSL)
Is a protocol developed by Netscape fo transmitting private documents over the Internet. Uses a public key to encrypt sensitive data, sends it over SSL connection, and be decrypted over the receiving end with a private key. Webpages using SSL are https://. HTTPS stands for HTTP over SSL. HTTPS uses port 443. Uses SSL or TLS to provide the security.
Internet Group Management Protocol (IGMP)
Is another example of Transport Layer Protocol. It is a multicast Protocol which does not assign IPs to members or individual hosts. A particular multicast, called an ICMP group, is assigned to a sample 224/8 address and whoever wishes to receive the multicast must tell their upstream router or switch (which must configure to handle multicast) that they wish to receive it. The IP individual in turn joins the group. Then the router or switch knows to send that multicast data stream to that client. TCP and UDP are at the Transport Layer and ICMP and IGMP are in the Network Layer.
A session
Is the initiation or a start of a communication between two applications just as two persons start talking. A session must have an ending of the session eventually. This type of connection is called connection-oriented communication.
A socket or endpoint
Is the session or connection information stored in RAM, in terms of TCP/IP communications. When talking about Info of two computers stored in RAM, it is call socket pairs or endpoints.
Emailed servers: mail-send from UNIX and Linux and MS Exchange Server
Mailsend only uses SMTP so needs to run either POP3 or IMAP4 program to receive email. Eudora's Qpopper handles sending mail to POP3 email clients. Exchange Server has both SMTP and POP3 in one packet.
netstat -a, -n and -t
Netstat command asks "show me the endpoints". TCPView written by Mark Russinovich only works in Windows. Linux uses Net Activity Viewer at http://netactview.sourceforge.net Http://technet.microsoft.com/en-us/sysinternals/default.aspx. Click networking utilities for a latest copy. -n displays active TCP connections, including IP and ports -a displays ALL active connections and the TCP and UDP ports on which the computer is listening. -p shows specific protocol (tcp, UDP, ICMP, ip, tcpv6, udpv6, icmpv6, ipv6) -r display routing table's content
The Internet applications' portsj
Port #20/21 - app FTP uses TCP for file transfer Port #22 - App SSH uses TCP for secure terminal emulation or connection Port# 23 - app Telnet uses TCP for unencrypted, insecure terminal emulation or connection Port #25 - app SMTP uses TCP for sending email Port #69 - app TFTP uses UDP for file transfer Port #80 - app HTTP uses TCP for the web Port #110 - app POP3 uses TCP for email delivery Port #143 - app IMAP4 uses TCP for email delivery Port #443 - app HTTPS uses TCP for the secure web
UNIX's remote access to servers: 3 work similarly to Telnet insecurely.
Rlogin - it can be configured to log in automatically. It works over TCP port #513 RSH - Remote Shell allows to send a single command to a remote server. It can be used in a script and runs over TCP port #514 by default. RCP - Remote copy has the ability to copy files to and from a remote server without FTP or NFS (Network File System, the UNIX form of folder sharing. it can also be used in a script and shares TCP port #514.
Apache HHTP Server
Runs by UNIX and Linux, free. Is an executable program and many text files.
3 email protocols: SMTP, POP3, IMAP4. SMTP sends and POP3 and IMAP4 receive.
SMTP - Simple Mail Transfer Protocol is used to send email on the TCP port #25. POP3 - Post Office Protocol version 3 is one of the two protocols receives emails from SMTP. Most email clients use this rather than IMAP4. This protocol uses the TCP port #110. IMAP4 - Internet Message Access Protocol version 4 retrieves email from server. It allows to search for specific email from server and supports creation of folders for organization. Two other email options are web-based and propriety emails. Web-based email examples are yahoo, google, and hotmail. Clients or users can access them anywhere as long as there is internet connection access. They are free as well.
A client generates a random port in the range of 1024 to 5,000, which are ephemeral port numbers.
The dynamic or private port numbers ranges from 49,152 to 65,535, only which the Internet Assigned Numbers Authority (IANA) today recommends to use. Port numbers ranged from 1024 to 49,151 are registered ports for popular applications. Less popular TCP/IP applications can register their ports with IANA. 0-1023 - well known ports 1024 - 49,151 - registered ports 49,152 - 65,535 - private or dynamic ports
Hypertext Markup Language (HTML)
The language used to create hypertext (Internet text). Today, it is eXtensible HTML (XHTML) and HTML with XML syntax. XML language is similar to HTML, but includes how data presents.
FTP (File Transfer Protocol)
UnLike HTTP, FTP can transfer files faster and more reliable. The FTP websites can be secured or unsecured for anybody to use. Unsecured means anybody can log in anonymously and secure means you must have username and password. FTP uses the TCP ports #20 and #21 by default. FTO Servers store files, accept incoming connections and requests, verify usernames and passwords and transfer files. Clients just log in and download files from local hard drives. To use FTP over a web browser, type ftp:// followed by the IP address of the FTP server,
Google web server (GWS)
Uses only by google and has about 5% of pages out there
How Transmission Control Protocol (TCP) works?
When a client or you open a website, it sends a SYN (synchronize) packet to a web server. If get SYN, the server sends back SYN, ACK (synchronize, acknowledge) packet. Client then sends Server a single ACK packet and immediately requests that Server begin sending over the web page to client. Once server completes sending the web page, the server sends FIN (finished) packet. Client responds with an RST, ACK (reset, acknowledge) packet and the session is over.