Objective 1.1: Common Protocols
- 1 TCP/IP (Transmission Control Protocol/Internet Protocol) suite
- 2 ARP (Address Resolution Protocol)
- 3 DHCP (Dynamic Host Configuration Protocol)
- 4 DNS (Domain Name System)
- 5 FTP (File Transfer Protocol)
- 6 HTTP (Hyper Text Transfer Protocol)
- 7 HTTPS (Hypertext Transfer Protocol Secure)
- 8 ICMP (Internet Control Message Protocol)
- 9 IGMP (Internet Group Management Protocol)
- 10 IMAP4 (Internet Message Access Protocol version 4)
- 11 NTP (Network Time Protocol)
- 12 POP3 (Post Office Protocol version 3)
- 13 RTP (Real-time Transport Protocol) - VoIP (Voice over Internet Protocol)
- 14 SIP (Session Initiation Protocol) - VoIP (Voice over Internet Protocol)
- 15 SMTP (Simple Mail Transfer Protocol)
- 16 SNMP2/3 (Simple Network Management Protocol version 2 or 3)
- 17 SSH (Secure Socket Shell)
- 18 TCP (Transmission Control Protocol)
- 19 Telnet
- 20 TFTP (Trivial File Transfer Protocol)
- 21 TLS (Transport Layer Security)
- 22 UDP (User Datagram Protocol)
Objective 1.1: Explain the function of common networking protocols
In computing, a protocol is a convention or standard that controls or enables the connection, communication, and data transfer between computing endpoints. In its simplest form, a protocol can be defined as the rules governing the syntax, semantics, and synchronization of communication. Protocols may be implemented by hardware, software, or a combination of the two. At the lowest level, a protocol defines the behavior of a hardware connection.
While protocols can vary greatly in purpose and sophistication, most specify one or more of the following properties:
- Detection of the underlying physical connection (wired or wireless), or the existence of the other endpoint or node
- Handshaking (dynamically setting parameters of a communications channel)
- Negotiation of various connection characteristics
- How to start and end a message
- How to format a message
- What to do with corrupted or improperly formatted messages (error correction)
- How to detect unexpected loss of the connection, and what to do next
- Termination of the session and or connection.
The Internet Protocol Suite (commonly known as TCP/IP) is the set of communications protocols used for the Internet and other similar networks. The Internet Protocol Suite, like many protocol suites, may be viewed as a set of layers. Each layer solves a set of problems involving the transmission of data, and provides a well-defined service to the upper layer protocols based on using services from some lower layers. Upper layers are logically closer to the user and deal with more abstract data, relying on lower layer protocols to translate data into forms that can eventually be physically transmitted. The TCP/IP model consists of four layers. From lowest to highest, these are the Link Layer, the Internet Layer, the Transport Layer, and the Application Layer.
Some have attempted to map the Internet Protocol model onto the seven-layer OSI Model. The mapping results in the TCP/IP Link Layer corresponding to the OSI Data Link and Physical layers in terms of functionality. The Internet Layer is usually directly mapped to the OSI's Network Layer. At the top of the hierarchy, the Transport Layer is always mapped directly into the OSI Layer 4 of the same name. OSI's Application Layer, Presentation Layer, and Session Layer are collapsed into TCP/IP's Application Layer.
The following table provides some examples of the protocols grouped in their respective layers. See the below sections for details on each protocol.
|Application||DNS, DHCP, TFTP, TLS/SSL, FTP, HTTP, IMAP4, POP3, SIP, SMTP, SNMP, SSH, Telnet, RTP|
|Internet||IP (IPv4, IPv6), ICMP, IGMP|
The Address Resolution Protocol (ARP) is a communications protocol used for resolution of Internet layer addresses into link layer addresses, a critical function in the Internet protocol suite. ARP was defined by RFC 826 in 1982, and is Internet Standard STD 37. ARP is also the name of the program for manipulating these addresses in most operating systems.
ARP is used for mapping a network address (e.g. an IPv4 address) to a physical address like an Ethernet address (also named a MAC address). ARP has been implemented with many combinations of network and data link layer technologies, like IPv4, Chaosnet, DECnet and Xerox PARC Universal Packet (PUP) using IEEE 802 standards, FDDI, X.25, Frame Relay and Asynchronous Transfer Mode (ATM). IPv4 over IEEE 802.3 and IEEE 802.11 is the most common usage.
In Internet Protocol Version 6 (IPv6) networks, the functionality of ARP is provided by the Neighbor Discovery Protocol (NDP).
This is a protocol that is used to assist users to configure multiple network devices from a single source. This protocol is used to assist a user in configuring multiple networks.
This is a protocol that assists the users by helping to link between common usernames/works to an IP address and back, e.g. instead of cramming the IP address for Wikibooks the user can easily type https://www.wikibooks.org to be able to access the content from there.
FTP is a standard internet protocol for transmitting files between computers on the internet over TCP/IP connections. It is a client server protocol that relies on two communications channels between client and server; a command channel for controlling the conversation and a data channel for transmitting files content. Clients initiate conversations with servers by requesting to download a file.
FTP sessions work in a passive and active mode, after a client initiates a session via a command channel request, the server initiates a data connection back to the client and begins transferring data. In passive mode the server instead uses the command channel to send the client the information it needs to open a data channel. It works across firewalls and network Address Translation (NAT) gateways
This was the initial protocol that were used to access web content, because of its security vulnerabilities it was replaced by HTTPS.
This is the secure version of HTTP that is now commonly used to access website content. HTTPS (port 443) strengthens HTTP by incorporating SSL or TLS. This protocol allow for the use of encryption. You can see when they are in use because the URL begins with HTTPS and a padlock icon appears in the status bar or browser bar in the browser window. HTTPS is the worldwide standard that is used for payment transactions and for other data-sensitive Internet transactions.
Internet Control Message Protocol (ICMP) provides feedback that you can use for diagnostics or to report logical errors. The most common ICMP type is the ping. The designers of ICMP envisioned a protocol that would be helpful and informative. Unfortunately, hackers have a different vision; they use ICMP to send the ping of death, craft Smurf DoS packets, query the timestamp of a system or its netmask, or even send ICMP type 5 packets to redirect traffic.
Version 3 of IGMP adds support for "source filtering", that is, the ability for a system to report interest in receiving packets *only* from specific source addresses, or from *all but* specific source addresses, sent to a particular multicast address. That information may be used by multicast routing protocols to avoid delivering multicast packets from specific sources to networks where there are no interested receivers.
|17/18||0||Subnet Mask Request/Response|
IGMP is the protocol used by IPv4 systems to report their IP multicast group memberships to neighboring multicast routers.
This is the protocol that is used to send and receive emails between servers.
Provides secure access to remote desktops. (Also refers to the suite of utilities that impliment the protocol)
Transport Layer Security (TLS) is the updated version of Secure Sockets Layer (SSL). TLS uses more secure cryptographic protocols and algorithms. TLS uses hybrid encryption, which means that it uses symmetric encryption for data and asymmetric encryption for key exchange of the symmetric key.