Ch. 9 TCP / IP Applications
IGMP
- Provides multi-casting support 1. Type 2. Checksum 3. Group Address 4. Source Address
POP3
- Runs on TCP port 110 - a protocol for receiving email by downloading it to your computer from a mailbox on the server of an Internet service provider.
IMAPv4
- Runs on TCP port 143 - standard email protocol that stores email messages on a mail server, but allows the end user to view and manipulate the messages as though they were stored locally on the end user's computing device(s).
Telnet
- Runs on TCP port 23 - All data is un-encrypted and enables you to access a remote computer
SMTP
- Runs on TCP port 25 - Internet standard for electronic mail (email) transmission
HTTPS
- Runs on TCP port 443
HTTP
- Runs on TCP port 80
TFTP
- Runs on UDP port 69 - Secure version of FTP
SSH
- Runs on port 22 - Encrypted transmission
FTP
- Runs on ports 21 and 20 - Not an encrypted protocol meaning user names and passwords are wide open. Old but popular for transferring files
Mutlicast
- Starts with 224. Anything - Used for video streaming
rlogon
- Uses port 513 - Long obsolete way of remotely using a computer
Ending TCP Connection
1. Client -> FIN -> Server 2. Server -> FIN/ACK-> Client 3. Client -> ACK -> Server
TCP 3 Way Handshake
1. Client -> SYN -> Sever 2. Server ->SYN/ACK-> Client 3. Client -> ACK -> Server
UDP Datagram
1. Port # To 2. Port # From 3. Length 4. Checksum 5. Data
TCP Segment
1. Port # To 2. Port # From 3. Sequence 4. ACK 5. Data
TCP
Connection oriented protocol
UDP
Connection-less protocol
netstat
Text based cmd that lists all the open ports and connections on your computer
ICMP
Works at the IP layer of TCP model. No data or ports are used. Examples include ping and arp
netstat -n
presents results numerically
netstat -a
shows all active ports
netstat -b
shows executable for every connection
netstat -r
shows local routing table on your own computer. AKA to cmd: route print
netstat -o
shows the executable and process ID (PID) for every connection