TCP/IP PROTOCOL – protocol that is being used to run the internet

When u use the internet you are ustilziing the TCP/IP PROTOCOL -> It is a suite or a bunch of protocol
that is combined together in order to have a set of protocols that wil govern the communication
process.

- Was developed by US DoD 1970 -> construction of worldwide internetworks

TCP and IP – 2 best known in this suite

The TCP/IP was ahead than the OSI -> OSI didn’t exist at that time when the TCP/IP was produced
4 Layers of TCP/IP
1. Application -> Telnet, FTP, SMTP, DNS, RIP, SNMP
2. Transport -> TCP, UDP, IGMP, ICMP
3. Internet -> Internet, IPSEC
4. Network Interface -> Ethernet, Token Ring, Frame Relay, ATM
Network interface layer -> combination of Physical and Data Link in the OSI
Internet Layer -> Network Layer
Transport -> Transport
Application -> Session, Presentation, Application
Ethernet -> Protocol that is used in LAN
Token Ring -> For Ring Topology
Frame Relay -> for WAN communication
ATM

IF you are using a mobile phone and you are using the internet (GSM, LTE)
Common TCP/IP Protocols
Category: Mac Address Resolution
- Address Resolution Protocol (ARP)
It provides IP address-to-MAC address name address resolution
Purpose of the mac address is to discover the corresponding MAC address given the IP
address.
2 types of addresses
Logical and Physical address
Logical Address -> Address at the network layer of the OSI model
If we are using Network Layer Protocol Suite -> when we create packets we are using the IP address
We need the IP address of the source and the destination in order to create the packet. When packet
is created we can transfer to the Data Link Layer for futher processing for the frame to be created so
that its ready for transmission in the Physical Layer.
Frame -> needs destination MAC address (physical address) or (burned in address)
Network interface Card – Called EEPROM Electronically Erasable Programmable Read only Memory.
The sending device will send an ARP broadcast so all of the devices in the network will hear the
broadcast.

Bootstrap Protocol (BootP) – Internet protocol that enables a diskless workstation to discover its
own IP address, the IP address of a BOOTP server on the network, and a file to be loaded into memory
to boot the machine. This enables the workstation to boot without requiring a gard or floppy disk
drive.
TheBootP protocol is defined by RFC 951
We have 2 types of address, logical address – address at the network layer
Physical address, address at the data link layer
For LAN we use the MAC address ( it is still technically the physical address)
IP address at the network

RARP (reverse address resolution protocol) – A TCP/IP Protocol that permits a physical address such as
an ethernet address, to be translated into an IP address. Host such as diskless workstations often only
know their hardware interface addresses, or MAC address, when booted but not their IP address. They
must discover their IP address from an external source, usually a RARP server.
RARP is defined in RFC 903

IP (Internet Protocol) – the main TCP/IP protocol. It is a connectionless protocol that makes routing
path decisions, based on the information it receives from ARP. IT also handles logical addressing issues
though the use of IP address.

2 major protocols that is used in the transport layer

1. TCP (Transmission Control Protocol) – operates at the (Laayer 4) Transport layer. It provides
connection-oriented services and performs segment sequencing and service addressing. It also
performs important error-checking function, uses flow control, and is considered a host- to-host
protocol.
Host to host protocol – the communication is from the sending host to the receiving host. So they
were able to communicate atLayer 4.

2. UDP – is considered a host-to host protocol like TCP. It also performs functions at the Transport
layer. However, it is not connection-oriented lice TCP. Because of Less overhead, it transfers data
faster, but is not as reliable. It is a good protocol to use for small amounts of data and applications
that use a simple query/response model.
Take note that TCP is connection oriented while UDP is connectionless oriented
Why is there connection oriented and connectionless oriented.

Connection oriented protocol – if you transmit info, the receiver will acknowledge your
transmission, there is an acknowledgement. The sender is assures that the data that has been sent
was received by the receiver because of the acknowledgement
connectionless oriented - it will receive the data but IT WILL NOT SEND AN ACKNOWLEDGEMENT
that the data has been received.
TCP is more reliable than UDP. Because of acknowledgement. So the sender can assure that the
data has been sent has successfulkly received because of acknowledgement.
For UDP, the sender has no idea if the intended receiver has received the data.

Advantages and DIsadvantges

For TCP – because of acknowledgement, the turnaround or the rate of transmission will be a little
bit slower than UDP. Because everytime you send a packet it need to pass through the
acknowledgement.
For UDP – the sender will send the data and it will cause less delay in the transmission in data but
its faster than TCP.
For sending email you need TCP. If you are video streaming, time is important in sending the
packets on the network.When there is packet loss, then it is no need to transmit the data agan
because it is not practical. So that means you need UDP. Basically in realtime application you need
UDP like video streaming and voice streaming.

Protocols for web browsing.

HTTP - is used by Web browsers and web servers to exchange files (web pages)through the World
Wide Web and intranets. HTTP can be described as an information requesting and responding
protocol. It is typically used to request and send Web documents, but is also used as the protocol
for communication between agents using different TCP/IP protocols.
HTTP is not secure. Basically its not encrypted and the ISP will see your data.

HTTPS(HyperText Tranfer Protocol over Secure Socket Layer) or HTTP over SSL (HTTPS)
HTTPS – is a secure form of HTTP that use SSL as a sublayer for security.
NOTE: when you put your password or data you NEED TO CHECK IF THE WEBSITE IS HTTPS as it is
more secure. Basically your username and password will be converted to ASCII or something to be
encrypted if it is SECURE and not plain text.

Protocols for Security

SSL Secure Sockets Layer – SSL secures messages on the internet. It used RSA for authentication
and encryption. Web browsers use SSL to ensure safe WEB transactions. URLs that begin with
https:// trigger you web browser to use SSL.

TLS(Transport Layer Security) – ensures that messages being transmitted on the internet are
private and tamper proof.
TLS is implemented through 2 protocols:
 TLS RECORD – can provide connection security with encryption (with DES for example)
 TLS Handshake – provides mutual authentication and choice of encryption method.
TLS and SSL are similar but not interoperable.

Protocols for File Transfer

FTP – provices a generic method of transferring files. It can include file security through usernames
and passwords, and it allows file transfer between dissimilar computer systems. FTP can transfer
both binary and text files, including HTML, to another host. FTP URLs are preceded by ftp://
followed by the DNS name of that FTP server. TO log in to an FTP server use:
ftp//username@servername

TFTP (Trivial File Transfer Protocol)

It is similar to FTP, it lets you transer files between a host and an FTP server. However it provides no
user authentication and uses UDP instead of TCP as the transport protocol.
Basically TFTP is faster because it uses UDP
FTP is more reliable cause it uses TCP
NOTE: FTP AND TFTP IS NOT ENCRYPTED

SFTP (Secure File Transfer Protocol) – is a file transfer protocol that uses SSH (secure shell) to
secure data transfers. SSH ensures that SFTP transmission use encrypted commands and data which
prevent data from being transmitted over the network in clear text.

SCP (Secure Copy) – is associated with Unix/Linux network and used to transfer files between
systems. Like SFTP, SCP relies on SSH to ensure that data and passwords are not transmitted over
the network in clear text.

RCP (Remote copy Protocol) – is used to transfer files between computers, however, it is an
insecure protocol and transmits data ovet the network in clear text.

Simple Mail Transfer Protocol (SMTP) - SMTP is used to route electronic mail through the
internetwork. E-mail applications provide the interface to communicate with SMTP or mail servers.

Internet Message Access Protocol (IMAP) - IMAP is an e-mail retrieval protocol designed to enable
users to access their e-mail from various locations without the need to transfer messages or files
back and forth between computers. Messages remain on the remote mail server and are not
automatically downloaded to a client system.

Post Office Protocol 3 (POP3) POP3 is part of the TCP/IP protocol suite and used to retrieve e-mail
from a remote server to a local client over a TCP/IP connection. With POP3, e-mail messages are
downloaded to the client.

Basically if u want to send email you use SMTP

If you are going to retrieve your email you use IMAP and POP3

Category: Network Management

Simple Network Management Protocol (SNMP) SNMP is a protocol designed for managing complex
networks. SNMP lets network hosts exchange configuration and status information. This
information can be gathered by management software and used to monitor and manage the
network.

Remote Terminal Emulation (Telnet) Telnet allows an attached computer to act as a dumb terminal,
with data processing taking place on the TCP/IP host computer. It is still widely used to provide
connectivity between dissimilar systems. Telnet can also be used to test a service by the use of
HTTP commands.

Secure Shell (SSH) SSH allows for secure interactive control of remote systems. SSH uses RSA public
key cryptography for both connection and authentication. SSH uses the IDEA algorithm for
encryption by default, but is able to use Blowfish and DES. SSH is a secure and acceptable
alternative to Telnet.
Category: File and Print Services

Network File System (NFS) NFS was initially developed by Sun Microsystems. It consists of several
protocols that enable users on various platforms to seamlessly access files from remote file
systems.

Line Printer Daemon/Line Print Remote (LPD/LPR) LPD/LPR is the most widely-used cross platform
print protocol. LPD/LPR establishes connection between printing devices and workstations. LPD is
usually loaded on the printing device. LPR is usually loaded onto the client workstation.

Category: Additional Protocols

Internet Control Message Protocol (ICMP) - ICMP works closely with IP in providing error and
control information, by allowing hosts to exchange packet status information, which helps move
the packets through the internetwork. Two common management utilities, ping and traceroute,
use ICMP messages to check network connectivity. ICMP also works with IP to send notices when
destinations are unreachable, when devices' buffers overflow, the route and hops packets take
through the network, and whether devices can communicate across the network.

Internet Group Membership Protocol (IGMP) IGMP is a protocol for defining host groups. All group
members can receive broadcast messages intended for the group (called multicasts). Multicast
groups can be composed of devices within the same network or across networks (connected with a
router).

Category: Services
Domain Name System (DNS) - DNS is a system that is distributed throughout the internetwork to
provide address/name resolution. For example, the name www.yahoo.com would be identified
with a specific IP address.
Basically DNS will convert youtube.com into an ip address as DNS is the one responsible resplving it.

Network Time Protocol (NTP) - NTP is used to communicate time synchronization information
between systems on a network.

Network News Transport Protocol (NNTP) NNTP is the most widely-used protocol that manages
notes posted on Usenet Newsgroups.

Lightweight Directory Access Protocol (LDAP) LDAP is used to allow searching and updating of a
directory service. The LDAP directory service follows a client/server model. One or more LDAP
servers contain the directory data, the LDAP client connects to an LDAP Server to make a directory
service request.

Ports operate at the transport layer ( laeyr 4)

Ports

> In the TCP and UDP protocols used in computer networking, a port is a special number present in
the header of a data packet.Ports are typically used to map data to a particular process
running on a computer.

> TCP and UDP are transport protocols used for communication between computers. The IANA is
responsible for assigning port numbers to specific uses.

The Internet Assigned Numbers Authority (IANA) is the entity that oversees global IP address
allocation, DNS root zone management, and other Internet protocol assignments. It is operated by
Internet Corporation for Assigned Names and Numbers (ICANN).

Some characteristics of ports :

> Ports allow a single host with a single IP address to run network services.
> each port number identifies a distinct service
> Each host can have over 65,000 ports per IP address.
> Port use is regulated by ICANN.
A PORT IS A 16 BIT 2^16 combination

The Internet Assigned Numbers Authority (IANA) is the entity that oversees
global IP address allocation, DNS root zone management, and other Internet
protocol assignments. It is operated by Internet Corporation for Assigned
Names and Numbers (ICANN).

ICANN specifies three categories for ports.

Categories Characteristics

Well Known » Assigned for specific protocols and services

>> Port numbers range from 0 to 1023

Registered >> ICANN can assign a specific port for a newly created
network service
>>Port numbers range from 1024 to 49151

Dynamic » Assigned when a network service establishes contact and released when the session
(Private or HIgh) ends

>>Allows applications to 'listen' to the assigned port for other incoming requests (traffic
for a protocol can be received through a port other than the port that protocol
is assigned, as long as the destination application or service is ‘listening’ for that type of traffic on
that port)
>>Port numbers range from 49,152 to 65,535
Internet connectivity parameters
To connect a Windows workstation to the Internet, you need, at a minimum, to configure the IP
address, subnet mask, default gateway, and DNS server parameters. Depending upon the network
configuration, you may also need to configure the workstation with the IP address of the proxy
server. The following table summarizes many of the configuration settings for a TCP/IP network.

Parameter Purpose
IP address Identifies both the logical host and logical network addresses. Two devices on
the same network must have IP addresses with the same network
portion of the address.

Subnet Mask Identifies which portion of the IP address is the network address. Two devices
on the same network must be configured with the same network mask.
Default gateway Identifies the router to which packets for remote networks are sent. The default
gateway address is the IP address of the interface on the same subnet as the
local host. Without a default gateway set, most clients will be unable to
communicate with hosts outside of the local subnet.
Parameter Purpose

DNS server Identifies the DNS server that is used to resolve host names to IP addresses.

Host name Identifies the logical name of the local system.

MAC address Identifies the physical address. On an Ethernet network, this address is burned
in to the network adapter hardware. (this is the data link address Layer
2 address)