2.1 Compare and contrast TCP and UDP ports, protocols, and their purposes. Flashcards
___ is one of the most popular protocols in use today.
TCP/IP
TCP stands for?
Transmission Control Protocol
IP stands for?
Internet Protocol
What are three common network types designed for TCP/IP?
Ethernet network
cable network
DSL network
UDP stands for?
User Datagram Protocol
We’re usually on an Ethernet network that is sending data using (1)___, which is using (2)___, which has application data inside of that.
(1) IP
(2) TCP
An Ethernet frame has a ___ in the middle of the frame.
Ethernet payload
An Ethernet frame has a ___ at the beginning of the frame.
header
An Ethernet frame has a ___ at the end of the frame.
trailer
An Ethernet payload is made up of a (1)___ which is followed by an (2)___.
(1) IP header
(2) IP payload
An IP payload can be broken down into an (1)___, which has its own (2)___.
(1) TCP header
(2) TCP payload
What’s inside of that TCP payload is ___.
application data
For example, HTTP data that’s being sent to a web server.
What is the nesting structure of a TCP Ethernet frame?
We have ethernet, which has IP. And inside of IP is either TCP or UDP.
……………………….Ethernet Frame:……………………………..
[ header || Ethernet payload || trailer ]
………………………..Ethernet Payload:…………………………..
[ IP header || IP payload ]
………………………….IP Payload:…………………………………….
[ TCP header || TCP payload ]
Ethernet is a network type that can transmit data using (1)___ packaged into smaller units called (2)___.
(1) TCP/IP
(2) frames
An ___ of protocols is putting one protocol within another within another.
encapsulation
What layer of the OSI model do TCP and UDP operate?
Layer 4; transport layer
___ involves taking multiple signals and combining them into one signal for transmission over a single medium
multiplexing
___ allows us to perform many different functions simultaneously over the same network connection
multiplexing
We refer to TCP as a ___ protocol.
connection-oriented protocol
Protocols that are ___ have a formal process when you start the communication and a formal process when you end the communication.
connection-oriented
If any errors occur during a communication, there’s a process for retransmitting that data to make sure that everything gets through the network without any problems.
TCP (Transmission Control Protocol)
UDP is known as a type of ___ protocol.
connectionless protocol
A connectionless, non-guaranteed method of communication with no sequencing or flow control.
UDP
There’s no formal communication setup and no acknowledgement of data received in ___ protocols.
connectionless
UDP and TCP both use ___ to know where to send data.
IP
We can send information into a server through IP and we know exactly which service on that server needs to receive that data thanks to ___.
port numbers
At the link/physical layer, Ethernet allows nodes to send one another frames of data using MAC addresses. These frames would typically be transporting IP packets. At the network layer, __ provides addressing and routing functionality for a network of networks
IP
One of the critical functions of the transport layer is to identify each type of network application. It does this by assigning each application a ___.
port number
What is the range of port numbers?
0 - 65535
TCP uses NACK, it stands for what? What does it do?
Negative Acknowledgement. It forces retransmission of data if it arrives corrupted.
A ___ is one endpoint of a two-way communication link between two programs running on the network
socket
client/server IP address, a protocol, and a client/server port number all combine to make up what?
IPv4 socket
permanent ports are known as
non-ephemeral port numbers
Most ports in the range 0-1023 are ___.
non-ephemeral
Port numbers that are used only for a single session typically chosen at random by the client are known as
ephemeral port numbers
___ are just a way to signify what room that particular data goes to, and there are no hard and fast rules over what ___ an application happens to use.
port numbers
The one thing that is important about the port number is that the client that you’re using needs to be able to know the port number that’s open on the server.
T or F?
True
TCP port numbers are not the same as UDP port numbers
True; There could be an application running on a server using TCP 80. There could be another application on that same server that uses UDP 80, and neither of those applications will be communicating with each other.
Service port numbers need to be ___.
well known
FTP (file transfer protocol) uses what port?
port 21 (control) port 20 (active mode data)
___ servers use usernames/passwords to authenticate. Some use “anonymous login” where you only need a password.
FTP
TCP does have security built in, so you can configure a username and a password that gains access to another system.
True or False?
True
As it transfers files, FTP provides what could be called ___. You can list the files available on a system. You can add files, delete, rename, and provide other file functions as well.
full featured functionality
If your console connection to another device over a network is over an encrypted channel, then it’s probably using ___.
SSH (Secure shell)
What port does SSH use?
TCP port 22
If your console connection to another device over a network is over an unencrypted channel, then it’s probably using ___.
Telnet
What port does Telnet use?
TCP port 23
___ remote connections always uses an encrypted communication link.
SSH
Telnet stands for ___, is not secure and use for old devices.
Telecommunication Network
TCP port 23
Telnet
TCP port 22
SSH
TCP port 21
FTP
TCP port 25
SMTP
SMTP stands for ___. It does what?
Simple Mail Transfer Protocol. It sends emails from devices to servers or between two servers.
What port does SMTP use?
TCP port 25
If you’re receiving email messages, you’re probably using __ or ___.
POP3/IMAP
DNS stands for ___. What does it do?
Domain Name System. It converts domain names into IP addresses.
UDP port 53
DNS
Waht port does DNS communicate over?
UDP port 53
If you’re in a web browser and you’re communicating to a web server, then you’re probably using ___ or ___ as those protocols
HTTP/HTTPS
HTTP stands for ___. What does it do?
Hypertext Transfer Protocol. Provides web server communication.
HTTP uses port
TCP port 80
HTTPS uses port
TCP port 443
TCP port 80
HTTP
TCP port 443
HTTPS
POP3 is the Post Office Protocol version 3, it uses port
TCP port 110
TCP port 110
POP3
IMAP is the Internet Message Access Protocol version 4 it uses port
TCP port 143
TCP port 143
IMAP
(1)___ offers enhanced functionality over (2)___; it allows folders and ability to access mail on mulitple devices.
1) IMAP
2) POP3
If you’ve ever needed to view or take control of someone’s desktop across the network, then you’ve needed to use ___.
RDP (Remote Desktop Protocol)
TCP port 3389
RDP
RDP uses what port?
TCP port 3389
You’ll find that ___ is available on many different Windows servers and allows you to either view the entire desktop of the remote system or view just a single application that’s running on that remote system.
RDP
Microsoft Windows doesn’t use FTP to transfer files from one system to another. Instead, it uses its own format to be able to transfer files called ___.
SMB (server message block)
SMB (server message block), also known as CIFS (common internet file system) uses what port?
TCP port 445
TCP port 445
SMB/CIFS
Older Windows systems may use ___ that is inside of a UDP or TCP packet.
NetBIOS
UDP ports 137-138, TCP port 139
NetBIOS
NetBIOS uses ports
UDP ports 137-138, TCP port 139
Modern Windows devices don’t need to parse out these different NetBIOS protocols and put them inside of TCP or UDP. Instead, they can communicate directly over ___.
TCP port 445 via SMB/CIFS
Just as Windows has its own protocols for transferring files, Mac OS also has its own protocols for the ___
AFP (Apple filing protocol)
TCP port 548
AFP
Apple filing protocol uses port
TCP port 548
To be able to view the list of available servers, you’re probably going to use the ___ in Mac OS.
SLP (service location protocol)
SLP uses port
TCP port 427 and UDP port 427
TCP port 427 and UDP port 427
SLP
very similar to (1)___ in Windows, (2)___ in Mac OS is also full feature. You have the ability to view the available list of files to copy files, move files, rename files, and more.
(1) SMB
(2) AFP
When you turn on your computer for the first time, it automatically configures itself with an IP address. It’s able to do this because it’s using ___.
DHCP
DHCP stands for ___. It does what?
Dynamic Host Configuration Protocol. Automatically configures devices for IP network communication.
ports UDP 67 and UDP 68
DHCP
DHCP uses what ports?
ports UDP 67 and UDP 68
___ is a network management protocol used to automate the process of configuring devices on IP networks, thus allowing them to use network services such as DNS, NTP, and any communication protocol based on UDP or TCP.
DHCP
How does DHCP work?
Device communicates with DHCP server, obtains lease which assigns private IP address to it.
Able to communicate across network until it expires.
Device must request lease renewal for continued use, or obtain a new IP address.
The DHCP servers can also be configured with ___. This means when a workstation or a server requests an IP address, the server can recognize the MAC address of that device and provide the same IP address to that device every time.
DHCP reservations
If you connect to a corporate network for the first time, you’re often asked to provide a username and password. The same thing occurs if you connect through a VPN or if you log into a web server that’s on the network. The process of providing that authentication is usually to a centralized database, and one very common form of database that’s used for this is ___.
LDAP (Lightweight Directory Access Protocol)
TCP port 389
LDAP
LDAP (Lightweight Directory Access Protocol) uses what port?
TCP port 389
Network administrators may have tens or hundreds or even thousands of devices they have to manage on a single network. In order to constantly monitor and gather statistics from these devices, these network administrators use a specialized protocol called ___.
SNMP (Simple Network Management Protocol)
SNMP stands for ___. It is used for what?
Simple Network Management Protocol. It is used to monitor and gather statistics from many devices
SNMP queries devices using what port?
UDP port 161
UDP port 161
handles SNMP queries sent to devices from server
UDP port 162
handles SNMP alarms sent from devices to server
SNMP can recieve alarms using what port?
UDP port 162
There may be three different versions of SNMP that could be running in an environment. What do each do?
SNMPv1 - unencrypted, sends simple queries to a router.
SNMPv2 - unencrypted, could ask many questions at the same time and receive a bulk response.
SNMPv3 - almost same as 2 but encrypted and secure.
