Networking part 5 Protocols & Transmission

Protocols & Transmission

User Datagram ProtocolTransporting packages from one place to another like a stream of water. UDP is a transmission protocol that doesn’t check if the data got there- it is a connectionless protocol.

UDP does not offer validation or any verification of data packets, which makes it very vulnerable to data corruption. This means that it’s very necessary that the packets sizes/byte indexes are small and that they have to make sense in the right order. It is used for real-time services like watching streams and talking on voice. It utilizes an 8-byte packet header.

Transmission Control ProtocolTransporting packages from one place to another in a secure and safe wayTCP is a transmission protocol that supports «acknowledgement of delivery» (verification of packets) and puts a load number on each packet- which makes it a connection-oriented protocol. It has a larger package size and usually has additional info to identify the packet in the 20-byte header. If a packet is lost during a TCP stream, it will automatically resend it and verify again.

Three-way-handshake

The negotiation of connection to make sure I can hear you and you can hear me

Initiating side ← whoever starts the connectionIn addition to be a better way of transmitting data, it also offers a three-way-handshake for security. A three-way-handshake enables Comp1 to send a SYN(synchronized message) as a “hey, I need to sync and make sure we can talk before sending data.”,  if the connection is accepted Comp2 sends a SYN ACK(synchronizes acknowledge), after that comp1 will send an ACK(acknowledge) to reply “Ok, cool. I heard your SYN ACK”, and then a connection is established.

-Host A sends a TCP SYNchronize packet to Host B

-Host B receives A's SYN

-Host B sends a SYNchronize-ACKnowledgement

-Host A receives B's SYN-ACK

-Host A sends ACKnowledge

-Host B receives ACK.

TCP socket connection is ESTABLISHED.

Address Resolution Protocol

Determines MAC addresses and translates network layer to datalink layer

The Address Resolution Protocol is a communication protocol used for discovering physical addresses associated with their given network addresses. Usually when surfing the web, we interact with our IP address, and together with our transmission protocols we get our packets delivered. However, in order for the network to know which device to contact, we need the physical address of the destination machine. ARP is used to get the physical address (MAC) of that destination machine.“which IP is associated with which MAC?” “Where is X, tell X”“What specific NIC, which cable this packet goes to”Can also be used to show if someone is using a computer to find objects in our network. This is because ARP-discovery packets are broadcasted across the whole network, causing every computer to get this message. It also enables a huge vulnerability when it comes to Man-in-the-middle attacks.

Internet Control Message ProtocolTracert and pinging requestsDelivers errors/query to determine if the service is available → Pinging.If sending echo to target computer, asks: “can you hear or see me?”

Smurf attacks- forged ICMP requests sent on broadcast to DOS other hosts

Internet Group ManagementProtocol for multicastingMulticasting ← “One to many”Manages the multicast group membership to neighboring switches and routers in a network

File Transfer Protocol

File transfers

21: TCPWhen transferring standard files through a FTP server and a FTP clientNo encoding or overheadA bit insecure caused by the wireless attack “FTP bouncing”

Secure File Transfer Protocol

Secure file transfers

22: TCPEncrypted with SSHMore secure than FTP

Remote Desktop Protocol

Remote connections

33389: TCP/UDP

Remote desktop connections through RDP client softwareFirewalls can block RDP Protocols for security measures

Simple mail transfer protocol

Emailing

25: TCP

Describes and manages how an e-mail is sent from one computer to anotherEmail client > SMTP Server > Internet >POP/IMAP server > Email client

Post Office Protocol 3

110: TCPA “Client download” from the internet to get emailsby default typically copies from server > then deletes file from server (Can be changed)

Internet Message Access Protocol

Emailing143: TCPMore robust version of POP3More configuration abilityKeeps copy of message on server

Hypertext transfer protocol

Web page formatting

80: TCPHTTP transfers the HTML/programmingWeb browsers sends a “get” request to a web serverAll in clear text/nothing hidden or encrypted

HTTP Secure

Web page formatting securely443: TCPEncrypted HTTP over SSLCertificate between client/serverInfo not cleartext

Secure Shell

Secure connections

22: TCPEncrypted connection between portsMay work with other protocols such as Telnet, rlogin and RSH

Transport Layer Security

Secure connections

/varies from program that uses it/Successor to SSL- Small differences, but they’re mainly alikeUsed on different ports depending on which protocol they are securing

Telnet

Remote connections

23: UDP/TCPRemote terminal connection to another computer/deviceUnencrypted logins to connections/networksSSH is replacing Telnet or other encrypted connections caused by the non-secure sessions

Session Initiation Protocol

Session establish5060: UDP/TCPSIP is an application-layer control protocol that can establish, modify, and terminate multimedia sessions (conferences) such as Internet telephony calls.-Opens the door for RTP:-Only initiates a session, but sends no data-Indicates to remote computer to open port for communication-“please open this port that we set up for this device”

Real Time Protocol

real time Information sending

/varies depending on customization/

Initiated between communicating peers such as SIPA network protocol for delivering Stream/ video/audio/voiceDetects out of sequence arrival (Can be detected if some packets are out of sequence and adjust for that)