1.1 Protocols and ports Flashcards
Types of Ports
Port do FTP servers listen for incoming traffic and send their own traffic.
Port 21
what are network protcols
Network protocols are sets of rules and standards that define how devices communicate over a network.
Protocols are used by devices to
send and receive different types of communication
Segments are encapsulated in IP packets in which layer
3
what does NIC stand for
Network interface card
What is a network service
Provide a service
DHCP
DNS
MAIL SERVICE
What is a Apache
A web server. HTTP
SSL stands for
secure sockets layer
encryption-based Internet security protocol. Its main purposes are to provide privacy, authentication, and data integrity in Internet communications. SSL is the predecessor to the modern TLS (Transport Layer Security) encryption used today.
what does tls stand for
transport layer security It is a cryptographic protocol used to secure data sent over a network, such as internet traffic.
which layers do TCP and UDP segments send data from
layer 5, 6, and 7
IMAP stands for
Internet message access protocol
RTSP stands for
Real time streaming protocal.
Ensures data processed in the correct order.
UDP.Port 544
How does three way handshake work
A TCP feature.
Synronication - meaning two devices send a message stating that they are ready to send and receive data packets.
Acknowledgement- both devices send announcements that they have authenticated with each other and ready to being data transmission.
Transmission of data begins.
syn, syn ack, ack.
what four simple fields to UDP headers contain
source port, destination port, packet length (header and data), and a simple (and optional) checksum
what is a packet
Network layer pdu.
ICMP is used for
Utilites like ping and tracert/traceroute to provide control info to IP.
what three fields do ICMP headers start with
type, code and checksum
explain differences between tcp and udp
TCP - Accurate - connection-oriented, can’t lose packets, logical. UDP - Efficient, connectionless, can lose packets, quick performance.
well known port numbers
0-1023 used by major protocls and services
what does a port # do?
Gets data to the right applicaiton.
ports 1024 to 49151
Reserved ports assigned by IANA to specific companies that want a common port to be used for their programs or protocols.
49512 to 65535
Dynamic ports. Not assigned controled or registured. Used by client applications on an as needed basis.
which has more overhead, and which strives for accuracy and which integrity and one striving for efficiency.
TCP and UDP
What makes TCP have more overhead
3 way handshake and akmolw
what is checksum
Used for error detection.
two types of ICMP messages?
info messages and error messages
What is flow control.
TCP will use technique called Buffer Space. As data is sent over tcp protocol the receiving device will send the sending device the amount of available space it has on its end to receive data.
Allows sending device to send data at approate rate.
Error checking
TCP feature called a Checksum.
Checksum is an algorithm within each Data packet will be verified at the receiving device. If there is any type of modification to the checksum. then we know the data been modifed somewhere across the transmission path.
Name four features of TCP
Error checking, reassembly, flow control and full duplex.
Reassembly
When tcp sends packets across the network they are broken down into smaller units called segments. At the destination device all data packets are reassembled into their original form.
what is Full duplex
data can be sent and received at the same time.
Connection less protocol.
UDP. It does not have defined connection period.
What does UDP support that TCP does not support
Broadcasting and Multicasting.
What does UDP not have compared to TCP
Flow control, error checking, data reliably.
What is broadcasting.
Single data packet can be sent to all devices on network segment.
multicasting.
data can be sent to either one device or Mutiple users devices or users of your choosing.
UDP is used for:
Services that require a consistently open protocol.
DHCP
VOIP
Video streaming, online gaming
IPsec
Internet Protocol Security, is a set of protocols designed to secure internet communication.
Name two components of IPsec
autheincation header (AH) and security payload.
(AH) provides authentication and integrity verification for an entire IP data packet.
Security Payload (encapsuling) (ESP)
ESP
Encapsulating Security Payload. It’s a protocol used within IPsec to provide a secure path for data to travel across the internet or other networks.
Name two modes of IPSec
IPSec operates in two main modes, each designed for different security needs. Here’s a simple explanation of each:
Transport Mode: Imagine sending a private letter to a friend. In transport mode, the contents of the letter (the payload) are sealed and secure, but the envelope (the IP header) is visible, showing where it’s going. This mode is typically used for end-to-end communication between two computers.
Tunnel Mode: Now, think of sending a letter within another package. In tunnel mode, not only is the letter’s content secure, but the envelope is also hidden inside another envelope. This mode is used for network-to-network communications, like between two offices, where the entire original IP packet is encrypted and encapsulated within a new IP packet12
Three common protocol types used for data transmission.
TCP, UDP IPSec
DHCP Lease
How long IP address can be used before it’s released back into pool.
What does ESP do
Encapsulating Security Payload (ESP)
It encapsulates
It encrypts
It also checks that the data hasn’t been changed along the way.
GRE
Generic Routing Encapsulation
What does GRE do
It’s a tunnelling protocol capable of encapsulating a wide variety of network layer protocols.
PPTP
Older tech VPN. Supports dial up VPN connections.
Name a VPN Protocol
TLS
Which layer does TLS work
Layer 5 and above
IPSec works at which layer of the
layer 3 and above.
Why doesn’t TLS work on layers 1-4
- Lower layers (1-4) focus on the physical transmission of data, routing, and error handling. They do not handle the aspects of session management, encryption, and application-specific requirements that TLS addresses.
- Layer 4 (Transport Layer) already has protocols like TCP and UDP managing data transport, but they do not inherently provide encryption and security features that TLS adds on top.
By operating at layer 5 and above, TLS can provide a comprehensive security solution that includes encryption, data integrity, and authentication, ensuring secure end-to-end communication for applications.