|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
TCP/IP: |
|
|
|
In 1983 the internet as we know it
opened for business when the ARPANET switched over to TCP/IP |
|
|
|
Four Layers: Current internet names for the layers (original DoD names) |
|
|
|
Application (Process/Application) |
|
|
Transport (Host-to-Host) |
|
|
Internet |
|
|
Network Access: Protocols not
specified |
|
|
|
At
the Network Access layer any external access protocol can be used |
|
|
as long as a driver is written that
will deliver data to the TCP/IP stack |
|
|
|
At the Internet Layer a 32-bit
(4-octet) address and a 32-bit (4-octet) network mask are specified |
|
|
For historical reasons these are
generally referred to as octets rather than bytes in the literature |
|
|
Networks are, by default, referred
to as Class A, B, C, or D, depending on the neetwork number |
|
|
The network classes decide the size
of the network mask that will be ANDed with the IP address |
|
|
|
Important protocols at the TCP/IP
network layer |
|
|
IP:
Logical addressing and internetwork routing; ethernet type 0x800 |
|
|
Address Resolution Protocol (ARP):
Connect the IP address to a physical MAC address so the traffic can be
delivered |
|
|
Reverse ARP (RARP): Determine the IP
address from the name, deprecated in IPv6 |
|
|
ARP and RARP use a special ethertype 0x806 |
|
|
Internet Control Message Protocol
(ICMP): Errror detection and reporting |
|
|
Internet Group Message Protocol
(IGMP): Manage multicasting on the internetwork |
|
|
|
At the Transport Layer source and
target applications/processes are identified by port number |
|
|
Standard applications ports are
usually fixed (see: \WINNT\SYSTEM32\DRIVERS\ETC\SERVICES for a list used by
Windows 2000) |
|
|
User Application port numbers are
generally dynamically assigned by the Remote Procedure Call (RPC) end-mapper |
|
|
Communications are determined to be
"connection-oriented" by calling the TCP part of the stack |
|
|
Negotiates receive buffer sizes,
determines segment size, establishes sequence numbers for tracking
transmissions |
|
|
or |
|
|
Communications are determined to be
"connectionless" by calling the UDP part of the stack |
|
|
Just sends the packet to the
destination and depends on the target application to determine if evrything
arrived properly |
|
|
|
The application layer provides
various user services that are explicitly connected to TCP/IP |
|
|
Telnet: Remote access, port 23 |
|
|
Simple Mail Transfer Protocol
(SMTP):Send mail to a remote hoset (usually a mail server), aka sendmail,
port 25 |
|
|
File Transfer Protocol (FTP):
deliver files to a client, port 21 for administration, port 20 for data (from
server to client) |
|
|
Trivial File Transfer Protocol
(TFTP): simplified TFTP, port 69. |
|
|
HyperText Transfer Protocol (HTTP):
web data transfer, port 80 |
|
|
Bootstrap Protocol (BootP)/Dynamic
Host Configuration Protocol (DHCP): |
|
|
methods of automating client IP
address assignment, BootP is seldom encountered today |
|
|
both protocols use port 67 for the
server function and port 68 for the client function |
|
|
Domain Name Service (DNS): obtain
IP addresses for named stations on the internetwork, port 53 (UDP and TCP) |
|
|
Simple Network Management Protocol
(SNMP): Obtaining system status and IP traffic statistics from the target,
port 161 |
|
|
Post Office Protocol 3 (POP3):
download mail from a server, port 110 |
|
|
Internet Message Acces Protocol 4
(IMAP4): access mail on server without downloading, corporate mail, port 143 |
|
|
|
Ports: |
|
|
|
These application ports are part of
the "well known ports" which are registered with the Internet
Corporation for Assigned Names and Numbers (ICANN) |
|
ICANN was formerly known as IANA,
the Internet Assigned Number Authority |
|
|
General applications are
dynamically assigned ports as needed by a software scheduler. In Windows this is known as the RPC
end-mapper |
|
|
The MS RPC end-mapper is assigned
the port 135 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|