| TCP/IP: | |||||||||||||||
| In 1983 the internet as we know it opened for business when the ARPANET switched over to TCP/IP | |||||||||||||||
| Four Layers: Current internet names for the layers (original DoD names) | |||||||||||||||
| Application (Process/Application) | |||||||||||||||
| Transport (Host-to-Host) | |||||||||||||||
| Internet | |||||||||||||||
| Network Access: Protocols not specified | |||||||||||||||
| At the Network Access layer any external access protocol can be used | |||||||||||||||
| as long as a driver is written that will deliver data to the TCP/IP stack | |||||||||||||||
| At the Internet Layer a 32-bit (4-octet) address and a 32-bit (4-octet) network mask are specified | |||||||||||||||
| For historical reasons these are generally referred to as octets rather than bytes in the literature | |||||||||||||||
| Networks are, by default, referred to as Class A, B, C, or D, depending on the neetwork number | |||||||||||||||
| The network classes decide the size of the network mask that will be ANDed with the IP address | |||||||||||||||
| Important protocols at the TCP/IP network layer | |||||||||||||||
| IP: Logical addressing and internetwork routing; ethernet type 0x800 | |||||||||||||||
| Address Resolution Protocol (ARP): Connect the IP address to a physical MAC address so the traffic can be delivered | |||||||||||||||
| Reverse ARP (RARP): Determine the IP address from the name, deprecated in IPv6 | |||||||||||||||
| ARP and RARP use a special ethertype 0x806 | |||||||||||||||
| Internet Control Message Protocol (ICMP): Errror detection and reporting | |||||||||||||||
| Internet Group Message Protocol (IGMP): Manage multicasting on the internetwork | |||||||||||||||
| At the Transport Layer source and target applications/processes are identified by port number | |||||||||||||||
| Standard applications ports are usually fixed (see: \WINNT\SYSTEM32\DRIVERS\ETC\SERVICES for a list used by Windows 2000) | |||||||||||||||
| User Application port numbers are generally dynamically assigned by the Remote Procedure Call (RPC) end-mapper | |||||||||||||||
| Communications are determined to be "connection-oriented" by calling the TCP part of the stack | |||||||||||||||
| Negotiates receive buffer sizes, determines segment size, establishes sequence numbers for tracking transmissions | |||||||||||||||
| or | |||||||||||||||
| Communications are determined to be "connectionless" by calling the UDP part of the stack | |||||||||||||||
| Just sends the packet to the destination and depends on the target application to determine if evrything arrived properly | |||||||||||||||
| The application layer provides various user services that are explicitly connected to TCP/IP | |||||||||||||||
| Telnet: Remote access, port 23 | |||||||||||||||
| Simple Mail Transfer Protocol (SMTP):Send mail to a remote hoset (usually a mail server), aka sendmail, port 25 | |||||||||||||||
| File Transfer Protocol (FTP): deliver files to a client, port 21 for administration, port 20 for data (from server to client) | |||||||||||||||
| Trivial File Transfer Protocol (TFTP): simplified TFTP, port 69. | |||||||||||||||
| HyperText Transfer Protocol (HTTP): web data transfer, port 80 | |||||||||||||||
| Bootstrap Protocol (BootP)/Dynamic Host Configuration Protocol (DHCP): | |||||||||||||||
| methods of automating client IP address assignment, BootP is seldom encountered today | |||||||||||||||
| both protocols use port 67 for the server function and port 68 for the client function | |||||||||||||||
| Domain Name Service (DNS): obtain IP addresses for named stations on the internetwork, port 53 (UDP and TCP) | |||||||||||||||
| Simple Network Management Protocol (SNMP): Obtaining system status and IP traffic statistics from the target, port 161 | |||||||||||||||
| Post Office Protocol 3 (POP3): download mail from a server, port 110 | |||||||||||||||
| Internet Message Acces Protocol 4 (IMAP4): access mail on server without downloading, corporate mail, port 143 | |||||||||||||||
| Ports: | |||||||||||||||
| These application ports are part of the "well known ports" which are registered with the Internet Corporation for Assigned Names and Numbers (ICANN) | |||||||||||||||
| ICANN was formerly known as IANA, the Internet Assigned Number Authority | |||||||||||||||
| General applications are dynamically assigned ports as needed by a software scheduler. In Windows this is known as the RPC end-mapper | |||||||||||||||
| The MS RPC end-mapper is assigned the port 135 | |||||||||||||||