click below
click below
Normal Size Small Size show me how
Section 1
Term | Definition |
---|---|
TCP - Transmission Control Protocol | OSI Layer 4, “ Reliable” delivery • Recovery from errors • Can manage out-of-order messages or retransmissions |
Non-ephemeral ports | Permanent port numbers • Ports 0 through 1,023 • Usually on a server or service |
Ephemeral ports | Temporary port numbers • Ports 1,024 through 65,536 • Determined in real-time by the clients |
ICMP- Internet Control Message Protocol | • “Text messaging” for your network devices • Another protocol carried by IP - Not used for data transfer |
tcp/22 | SSH - Secure Shell • Encrypted communication link - tcp/22 • Looks and acts the same as Telnet |
udp/53 | DNS - Domain Name System Converts names to IP addresses |
tcp/25 | SMTP - Simple Mail Transfer Protocol • Used to send mail from a device to a mail server • Commonly configured on mobile devices and email clients • Other protocols are used for clients to receive email • IMAP, POP3 |
tcp/22 | SFTP - Secure FTP Uses the SSH File Transfer Protocol Provides file system functionality Resuming interrupted transfers, directory listings, remote file removal |
tcp/20 (active mode data) or tcp/21 (control) | FTP - File Transfer Protocols Transfers files between systems • Authenticates with a username and password • Full-featured functionality (list, add, delete, etc.) |
udp/69 | TFTP – Trivial File Transfer Protocol • Very simple file transfer application • Read files and write files • No authentication - Not used on production systems |
TCP/23 | Telnet - Telecommunication Network • Login to devices remotely • Console access • In-the-clear communication • Not the best choice for production systems |
udp/67, udp/68 | DHCP - Dynamic Host Configuration Protocol • Automated configuration of IP address, subnet mask and other options |
HTTP | Hypertext Transfer Protocol |
udp/161 | SNMP - Simple Network Management Protocol |
SNMP | • v1 – The original • Structured tables, in-the-clear • v2 – A good step ahead • Data type enhancements, bulk transfers • Still in-the-clear • v3 – The new standard • Message integrity, authentication, encryption |
tcp/3389 | RDP - Remote Desktop Protocol Share a desktop from a remote location Remote Desktop Services on many Windows versions • Can connect to an entire desktop or just an application |
udp/123 | NTP - Network Time Protocol • Switches, routers, firewalls, servers, workstations • Every device has its own clock |
tcp/5060 and tcp/5061 | SIP - Session Initiation Protocol • Voice over IP (VoIP) signaling |
tcp/445 | SMB - Server Message Block Protocol used by Microsoft Windows • File sharing, printer sharing • Also called CIFS (Common Internet File System) |
TCP/110 | POP3 - Post Office Protocol version 3 Receive mail into a mail client |
Tcp/143 | IMAP4 - Internet Message Access Protocol v4 A newer mail client protocol |
tcp/389 | LDAP - Lightweight Directory Access Protocol - A newer mail client protocol |
tcp/636 | LDAPS - Lightweight Directory Access ProtocoL SECURE LDAP over SSL |
tcp/1720 | H.323 - ITU Telecommunica5on H.32x protocol series Voice over IP signaling |
Layer 1 | Physical Signaling, cabling, connectors (Cable, NIC, Hub) |
Layer 2 | Data Link The Switching layer (Frame, MAC Address, EUI-48, EUI-64, Switch |
Layer 3 | Network The routing Layer (IP Address, router, packet) |
Layer 4 | Transport The post office layer (TCP SEGMENT, UDP DATAGRAM) |
Layer 5 | Session Communication between devices( Control protocols, tunneling protocols) |
Layer 6 | Presentation Encoding and encryption (SSL/TLS) |
Layer 7 | The layer we see (Google Mail, Twitter, Facebook) |
Preamble | 7 bytes 56 alternating ones and zeros used for synchronization |
SFD | 1 bytes Start Frame Delimiter - designates the end of the preamble |
Destination MAC Address | 6 bytes Ethernet MAC address of the Destination device |
Source MAC Address | 6 bytes Ethernet MAC address of the source device |
EtherType | 2 bytes Describes the data contained the payload |
Payload | 46 - 1500 bytes Layer 3 and higher data |
FCS | 4 bytes Frame Check Sequence - CRC checksum of the frame |