Network Protocols

-

IN THIS ARTICLE

(a) What is Network Protocol?
(b) Examples of Protocols
(c) Layers of TCP/IP Model
(d) Explanations on different protocols

A computer network's data transmission, reception, and processing are governed by a set of rules and standards called as network protocols. These protocols define structure and format of data packets, the methods for error detection and correction, and the procedures for establishing and terminating connections between devices on a network.
Network protocols are crucial for facilitating communication between various systems and equipment, such as PCs, servers, routers, switches, and more, within a network. They ensure that data can be sent and received accurately and reliably, even in complex and diverse network environments.

Depending on different purposes and network types, requirements of the network, software and application running over the network, there many protocols designed, few of them as below:

(1) Transmission Control Protocol (TCP)
Transmission Control Protocol (TCP) is a basic most commonly used communication standard defined by the Internet Engineering Task Force (IETF) which enables the applications and devices to exchange messages over a computer network. It is designed to send packets across the internet as well as ensures the successful delivery of data and messages(end -to-end delivery) over computer networks.

Working:
TCP structured & organizes the data so that it can be transmitted between a server and a client, maintain integrity of the data being communicated over a computer network. Before transmitting the data, TCP establishes a connection between a source and its destination, to make it live until communication begins. After that it breaks large amounts of messages / data into small packets / bundles & maintains data integrity throughout the process.
The high-level protocols that need to transmit data use TCP Protocol.
For examples peer-to-peer sharing methods like File Transfer Protocol (FTP), Secure Shell (SSH), and Telnet. It is also used to send and receive email through Internet Message Access Protocol (IMAP), Post Office Protocol (POP), and Simple Mail Transfer Protocol (SMTP), and for web access through the Hypertext Transfer Protocol (HTTP).

Disadvantages: TCP can be an expensive network protocol as it includes absent or corrupted packets and protects data delivery with controls like acknowledgments, connection startup, and flow control.

(2) User Datagram Protocol (UDP)
UDP is an alternative option of TCP, used to establish low-latency connections between applications and decrease the transmissions time.
Latency means time delay happens between user takes an action on a network or web application and when user get a response or “round trip” needed for a packet of data to travel.
It is measured in milliseconds, it can be reduced but can not be zero reason that data travel takes some time.

Advantage: Better alternate option to use for time-sensitive situations like Domain Name Systems (DNS), Voice over Internet Protocol (VoIP) and streaming medium and is less expensive

Disadvantage: No error connection, packet sequencing, does not signal to destination before it delivers data due to which it is less reliable.

(3) Internet Protocol (IP)
IP is principal communication protocol used for sending data from one device to other over single network or internet. Each device has its own IP address by which it can be identified uniquely and enables it to communicate and exchange data with other devices connected to the internet.
It is fast and secure communication directly between computing devices.
It is also used to define applications and devices exchange packets of data with each other. 
IP is the main protocol within the internet layer of the TCP/IP.

Note: 
* IP contains unique addresses of source and destination while TCP is used to establish communication link, routing over network and ensure data transfer between that source and destination. 
TCP and IP both are different protocol but both will have to work together for proper communication and ensure guaranteed data transfer between source to destination either device to device or application to device. That is why the name is TCP/IP model.

Four layers of TCP / IP Model are as follows:
* Datalink layer: This layer manages data transmission between apps or devices on a network, specifies how data should be transferred, and performs the actual sending and receiving of data. This involves specifying the signals that hardware and other network transmission devices, including a network interface card (NIC), an Ethernet cable, a computer's device driver, or a wireless network, should use to transmit data. It is the combination of the physical and data link layers of the Open Systems Interconnection (OSI) model, which standardizes communications functions on computing and telecommunications systems. It is also known as the link layer, network access layer, network interface layer, or physical layer.
* Internet layer: The internet layer is in charge of sending packets out of a network and directing them as they travel through it to get to their intended location. It offers the tools and processes needed to move data sequences across networks between devices and apps.
* Transport layer: The transport layer is responsible for providing a solid and reliable data connection between the original application or device and its intended destination. This is the level where data is divided into packets and numbered to create a sequence. The transport layer then determines how much data must be sent, where it should be sent to, and at what rate. It ensures that data packets are sent without errors and in sequence and obtains the acknowledgment that the destination device has received the data packets.
* Application layer: The application layer refers to programs that need TCP/IP to help them communicate with each other. This is the level that users typically interact with, such as email systems and messaging platforms. It combines the session, presentation, and application layers of the OSI model.

(4) Hypertext Transfer Protocol (HTTP)
It is an application layer protocol used for data exchange on the World Wide Web over the internet, particularly when transmission of hypertext—structured text that contains links to other documents, sometimes in the form of web pages.

Key Points

* Client-Server Model: It operates on a client-server architecture / model, in which a client (web browser), sends requests to a server, which then provides the required content. An HTTP request is sent by the client to establish the connection, and an HTTP response is sent by the server in response.
Stateless: Because HTTP is a stateless protocol, a client's and server's responses to each other are handled independently. Each request/response pair is self-contained because the server does not keep track of prior queries.
* Request-Response: An HTTP request usually consists of methods (GET, POST, PUT, DELETE, etc.), a resource's URL (Uniform Resource Locator), and optional headers for more details. After processing the request, the server delivers an HTTP response that contains the requested content, extra response headers, and a status code that indicates whether the request was successful or unsuccessful.
* Text-Based: Human-readable text is used in HTTP messages. Their composition comprises headers that include metadata pertaining to the request or response, and in the event of a response, the resource's content (often presented in HTML, XML, or alternative forms).
* Connection Methods: HTTP can be connected via a variety of techniques, such as HTTPS (secure via SSL/TLS encryption), plain HTTP (insecure), and others.
* Headers: HTTP messages contain headers that provide additional information about the request or response. Headers can include information about the content type, caching instructions, cookies, and more.

Uses: HTTP is not just for websites and web browsers. Additionally, it is utilized in a variety of apps, web services, and APIs to transfer data between clients and servers.

(5) File Transfer Protocol (FTP)
A common network protocol called File Transfer Protocol (FTP) is used to move files over TCP-based networks like the internet from one host or computer to another. FTP makes it possible for users to reliably and efficiently upload and download files between a client, which is usually the user's computer, and a server, which is a remote computer or host.
It's crucial to remember that although while FTP is a commonly used protocol, its absence of encryption raises significant security issues. For sensitive file transfers, safe substitutes like FTPS and SFTP have grown in popularity as a result. Because these safe substitutes include authentication and data encryption, they better meet the needs of contemporary internet security regulations.

Key Points

* FTP operates on a client-server architecture. File transfers are started by users or applications known as clients; on the other side, servers store files and respond to queries from clients.
* Two Modes: Active and passive are the two main modes in which FTP functions. When the server is in active mode, it connects to a random port that the client has opened for data transfer. When using passive mode, the client connects to a random port that the server has opened for data transfer. When a client is protected by a firewall or network address translation (NAT), passive mode is frequently utilized.
* Authentication: In order to access files on an FTP server, users normally need to provide their login and password. A username and password are not required to access certain files on servers that support anonymous file transfer protocol (FTP).
* Commands: FTP facilitates communication between the client and server by using a set of commands. Among these instructions are "GET" for file retrieval, "PUT" for file uploading, "LIST" for directory contents listing, and several other commands for file management and navigation.
* Data transport Modes: Binary and ASCII are the two data transport modes that FTP offers. For non-text files (such graphics and executables), the binary mode is used to prevent character translations during transfer; ASCII mode is used for text files.
* Security: Since standard FTP does not offer encryption, data exchanged through it is not safe. Data transfer via encryption is employed by secure alternatives like SFTP (SSH File Transfer Protocol) and FTPS (FTP Secure).
* FTP can be either passive or active. Since the client can start the data connection, passive FTP is frequently used when the client is protected by a firewall or network area translator. In contrast, the server initiates the data connection via active file transfer protocol. Each mode has potential benefits and use cases.
* FTP employs well-defined port numbers: additional ports are used for data transfer, while port 21 is used for the control connection, which is used to send and receive orders.

Uses: FTP is frequently used for a variety of purposes, including transferring huge files, updating software, and maintaining websites. In the past, file sharing and web server administration have made extensive use of it.

(6) Simple Mail Transfer Protocol (SMTP): A protocol for sending and receiving email messages. It is used by email clients to communicate with email servers.

(7) Post Office Protocol (POP) and Internet Message Access Protocol (IMAP): These are protocols used by email clients to retrieve email messages from email servers.
POP is suitable for downloading and store emails locally and have offline access.
IMAP is a better choice for real-time synchronization, access to folders, and the ability to manage emails from multiple devices while keeping them on the server.
In most cases, IMAP is the recommended choice for modern email users because its flexibility and ensures that your emails are accessible and synchronized across all your devices.

(8) Dynamic Host Configuration Protocol (DHCP): A protocol that automates the assignment of IP addresses and other network configuration parameters to devices on a network.

(9)Secure Shell (SSH): A protocol for secure remote access to network devices, such as servers and routers.

(10) Domain Name System (DNS): A protocol that translates human-readable domain names into IP addresses, allowing users to access websites using domain names.

Comments

Post a Comment

Popular posts from this blog

OWASP Top 10

-
OWASP Top 10 is an awareness document mentioning top 10 most critical risks in web application security which is regularly updated by an international non-profit organization called Open Web Application Security Project, dedicated to web application security. 1. Broken Access Control Broken access control vulnerability allows attackers to read / view sensitive data and carry out actions that they are not authorized to carry out. As an illustration, consider a website allows only admin users to view its admin pages and protected from regular users. If access control is compromised, an unauthorized user can read private data belonging to other users, gain access to admin and carry out actions that they are not intended to. Example of such type of vulnerability is Insecure Direct Object References (IDOR). Consider a user on a website uses following URL to access his / her account: https://xyz.com/user_acct?user_num=123 Using the URL, user retrieving his information from the database in th
Read more

TCP/IP Model

-
Image
TCP/IP stands for Transmission Control Protocol/Internet Protocol and is a standard protocol suite used to facilitate communication between network devices over the internet which consists of two components TCP and IP. TCP/IP is a compact form of OSI model. Unlike the OSI model, which has seven layers, it has four layers. The data is divided into packets by the TCP/IP Model at the sender's end, and in order to preserve data correctness, the same packets must be reassembled at the recipient's end. The data is divided into four layers by the TCP/IP paradigm, which arranges the data in a sequential fashion at the sender's end and reorders it at the recipient's end. Network Access Layer: A combination of Physical layer & Data Link layer defined in OSI model, responsible for the transmission of the data between two devices over network. Ethernet protocol is used by this layer. Network Layer / Internet Layer: It is responsible to send the packets from a network to the des
Read more

AAA

-
Image
AAA stands for Authentication, Authorization & Accounting. AAA is an information security framework used for controlling access to computer resources, enforcing policies & tracking for auditing usage of resources required for billing of resources.                           AAA used to control which user is allowed to access the network resources by comparing user's login credentials (user id & password) with AAA server's database (Active Directory) stored user credential data called Authentication, authorize that user for performing a pre-defined task as per roles & responsibilities set in the database (enforcing policies) called Authorization and tracking the actions performed while accessing the network called Accounting. Here AAA server acts as an Identity & Access Management Tool. For example, administrator can access a network device by using console normally.  In case of accessing network device remotely, it can happen only by using IP address. But the
Read more