Chapter 9 - TCP/IP Applications

Question 1

What does TCP over IP include

Answer 1

HTTP
DHCP
POP
… 500 other terms over tcp/udp & ICMP over IP

Question 2

Define a session

Answer 2

Any single communication between a computer and another computer

Question 3

What happens when an URL is entered

Answer 3

TCP Three Way Handshake
1. A SYN packet is ent to the Web Server.
2. Assuming the server has recieved it returns a SYN,
ACK packet
3. Client sends ACK and requests web page

Question 4

How is a session closed

Answer 4

Server sends FIN packet and Client sends ACK to close session

Question 5

Explain how DHCP works

Answer 5

Ports 67 (server) and 68 (DHCP clients)
Uses a connectionless packet, if server doesn't respond it sends again

Question 6

What is NTP/SNTP used for

Answer 6

Ports 123

Used to synchronize the clocks of devices on a network

Question 7

What is TFTP used for

Answer 7

Port 69

Enables you to tranfer files from one machine to another. Common to send files via LAN

Question 8

What is ICMP used for

Answer 8

used bynetwork devices, includingrouters, to send error messages and operational information indicating. This is the protocol used by ping.

Question 9

What is the ‘ping of death’

Answer 9

Malicious users will send malformed ping packets to a destination causing the computer to crash.. now a fixed issue

Question 10

Define IGMP

Answer 10

Internet Group Management Protocol enables routers to communicate with hosts to determine a ‘group’ membership
Uses a particular multicast where those who wish to receive a particular multicast must tell their upstream router/switch they want to receive. They are then added to the IGMP group

Question 11

How big is a port number

Answer 11

16 bit

Question 12

What is the range of the well known port numbers

Answer 12

0 to 1023, reserved for specific TCP/IP applications

Question 13

Define Ephemeral Port numbers and the range

Answer 13

1024-5000 (varies by OS) + 49512-65535

A number is generated at random within this range to be used as the Web clinet’s source port number

Question 14

What are the important (3) ranges to remember

Answer 14

0-1023 = well known ports
1024-49151 = Registered ports
49512 - 65535 = Dynamic or Private ports

Question 15

Define Socket/Endpoint

Answer 15

Terms for the session information (IP address and port number) stored on a single computer

Question 16

Define Socket Parts / Endpoints

Answer 16

Terms for the connection data stored on two computers about the same connection

Question 17

Define connection / session

Answer 17

Terms for the whole interconnection

Question 18

What is a open port /listening port

Answer 18

A socket prepared to respond to any IP packets sent its way

Question 19

How does one use the netstat switches

Answer 19

• a = all used ports
• n = raw port numbers & IP
• o = process ID
• b = name of process

Question 20

Define XML

Answer 20

Extensible Markup Language provides the basic format for everything from RSS feeds to Office documentse

Question 21

Define NNTP

Answer 21

Network Nets transfer Protocol used to access USENET

Port 119

Question 22

Define USENET

Answer 22

in the early days of internet it was used to swap info, ideas, and files.

Question 23

Define URL

Answer 23

Uniform resource locator

Question 24

Define TLS

Answer 24

Transport Layer Security is being used as a replacement for SSL

Question 25

What was Telnet used for

Answer 25

connecting to different mainframes outside the local network. Connect via the command line

Question 26

What features does IMAP4 have

Answer 26

Enables you to search through messages on the email server to find specific keywords and select the messages you want to download onto your machine. Also implements folders.

Question 27

Explain the use of FTP

Answer 27

Using port 21 (outbound) and 20 )(requests) for old active connections and 21 only for passive connections. Anonymous sites mean anyone can log on

Question 28

What issue does FTP have with NAT

Answer 28

Port 20 won’t be initiated and NAT won’t know where to send the packet. Firewalls will see this as evil.
Passive connections will receive a random port number from server so they work with NAT