Transport Layer Protocol Flashcards
1
Q
Port
A
- Unique indentification number used to direct incoming packets to appropriate service or application
- Multiple can be run simultaneously
- 0-1023 are preassigned to well known server applications
- Others must be assigned to applications to track requests
2
Q
Socket
A
- Port number used in conjunction with source IP.
- Each socket is bound to software purpose.
- Only one process can operate a socket at a given time
- Connection is formed when client socket requests service from server socket.
- Server socket can serve a number of client sockets.
3
Q
TCP
A
Transmission Control Protocol
- Works at Transport layer to provide connection-orients, guaranteed communications with acknowledgements confirm delivery.
- Can be used for Unicast only
- Missing packets can be resent
4
Q
TCP Segment
A
- Data from application layer is divided up and given header
- Becomes payload for underlying Datagrams
5
Q
Source Port
A
- Part of TCP segment header
- TCP Port Sending Host
6
Q
Destination Port
A
- Part of TCP segment header
- TCP port of destination host
7
Q
Sequence Number
A
- Part of TCP segment header
- ID number of the current TCP segment
- Allows receiver to rebuild message and deal with out of order packets
8
Q
ack number
A
- Part of TCP segment header
- Sequence number of next segment expected from other host
- allows for retransmission of missing data
- Negative Acknowledgment (NAK or NACK) forces retransmission
9
Q
Data length
A
- Part of TCP segment header
- Length of TCP Segment
10
Q
Flags
A
- Part of TCP segment header
- Type of conent in segment (ACK, SYN, FIN etc.)
11
Q
Window
A
- Part of TCP segment header
- Amount of data host is willing to receive before sending another ack
- TCPs flow control can slow down traffic if one side is getting overwhelmed
12
Q
Checksum
A
- Part of TCP segment header
- Ensures validity of segment
- Calculated on the TCP header and payload but also part of IP header (source and destination addresses)
- Process is different to calculate for IPV4 and v6
13
Q
Urgent Pointer
A
- If urgent data is being sent, specifies end of that data in segment
14
Q
Options
A
- Allows further connection parameters to be configured
- Most important is Maximum Segment Size
- Allows host to specify the size of segments to minimize fragmentation
15
Q
TCP Handshake 1
A
- Client sends segment with TCP flag SYN set to server with randomly generated number sequence. Client enters SYN-SENT state
16
Q
TCP Handshake 2
A
- Server (currently in LISTEN state) responds with SYN/ACK segment
- segment contains random number sequence
- Server enters SYN-RECEIVED state
17
Q
TCP Handhsake 3
A
- Client responds with an ACK segment
- Client assumes the connection is ESTABLISHED
18
Q
TCP Handshake 4
A
Server opens connection with Client and enters ESTABLISHED state
19
Q
TCP Teadown 1
A
- Client sends FIN segment to server and enters FIN-WAIT1 state
20
Q
TCP Teardown 2
A
Server responds with an ACK segments and enters CLOSE-WAIT state
21
Q
TCP Teardown 3
A
- Client receives the ACK segment and enters FIN-WAIT2 state.
- Server sends its own FIN segment to the client and goes to the LAST-ACK state
22
Q
TCP Teardown 4
A
- Client responds with an ACK and enters TIME-WAIT state. After a defined period, client closes its connection
23
Q
TCP Teardown 5
A
- Serve cloes connection when it recieves ACK form client
24
Q
RST segment
A
- Can be used to end TCP sessions abruptly
- Not typical behavior and should be investigated
- Could be a faulty application or a sign of suspicious scanning activity
25
UDP
User Datagram Protocol
- Works on Transport Layer
- Connectionless, not a guaranteed method of communication
- No acknowledgments or flow control
- Used to send small amounts of data in each packet
- Used by application layer protocols to send multicast and broadcast traffic
- Also used for time-sensitive data that do not need complete reliability, voice, and video.
- Faster overall delivery
26
Port 20
Transport Protocol: TCP
Service: ftp-data
Description: File Transfer Protocol - Data
27
Port 21
Transport Protocol: TCP
Service: ftp
Description: File Transer Protocol - Control
28
Port 22
Transport Protocol: TCP
Service: ssh/sftp
Description: Secure Shell/FTP over SSH
29
Port 23
Transport Protocol: TCP
Service: Telnet
Description: Telnet
30
Port 25
Transport Protocol: TCP
Service: smtp
Description: Simple Mail Transfer Protocol
31
Port 53
Transport Protocol: TCP/UDP
Service: domain
Description: Domain Name System
32
Port 69
Transport Protocol: UDP
Service: tftp
Description: Trivial File Transfer Protocol
33
Port 80
Transport Protocol: TCP
Service: http
Description: HTTP
34
Port 110
Transport Protocol: TCP
Service: POP
Description: Post Office Protocol
35
Port 123
Transport Protocol: UDP
Service: ntp/sntp
Description: Network Time Protocol/Simple NTP
36
Port 143
Transport Protocol: TCP
Service: imap
Description: Internet Message Access Protocol
37
Port 161
Transport Protocol: UDP
Service: snmp
Description: Simple Network Managment Protocol
38
Port 389
Transport Protocol: TCP/UDP
Service: ldap
Description: Lightweight Directory Access Protocol
39
Port 443
Transport Protocol: TCP
Service: https
Description: HTTP-Secure (Secure Sockets Later(SSL)/ Transport Later Security (TLS)
40
Port 445
Transport Protocol: TCP
Service: smb
Description: Server Message Block over TCP/IP
41
Port 514
Transport Protocol: UDP
Service: syslog
Description: Syslog
42
Port 587
Transport Protocol: TCP
Service: smtps
Description: SMTP-Secure
43
Port 636
Transport Protocol: TCP
Service: ldaps
Description: LDAP-Secure
44
Port 1521
Transport Protocol: TCP
Service: sqlnet
Description: Oracle SQL*Net
45
Port 3389
Transport Protocol: TCP
Service: rdp
Description: Remote Desktop Protocol
46
5060 and 5061
Transport Protocol: TCP/UDP
Service: sip and sips
Description: SIP and SIP-Secure
