The
Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP) are
used to transmit network data to and from server and client applications. The
main difference between the two protocols is that TCP uses a
connection-oriented transport, while UDP uses a connectionless type of
communication. When the TCP protocol is used, a special connection is opened up
between two network devices, and the channel remains open to transmit data
until it is closed.
On
the other hand, a UDP transmission does not make a proper connection and merely
broadcasts its data to the specified network address without any verification
of receipt. For certain types of applications and services, a TCP connection
makes more sense, while other types are more efficiently provided by UDP
communication. The advantage of TCP is that the transmission is much more
reliable because it uses acknowledgement packets to ensure delivery. The
advantage of UDP is that there is no connection, so it is much faster without
all the checks and acknowledgements going on, but is also less reliable. In
Table some common TCP/IP applications are shown with the type of protocol they
use.
|
Protocol
|
Common Port
|
|
FTP (File Transfer
Protocol)
|
20, 21
|
|
SSH (Secure Shell)
|
22
|
|
Telnet
|
23
|
|
SMTP (Simple Mail
Transfer Protocol)
|
25
|
|
DNS (Domain Name
Service)
|
53
|
|
TFTP (Trivial File
Transfer Protocol)
|
69
|
|
HTTP (Hypertext
Transfer Protocol)
|
80
|
|
POP3 (Post Office
Protocol version 3)
|
110
|
|
NNTP (Network News
Transport Protocol)
|
119
|
|
NTP (Network Time
Protocol)
|
123
|
|
IMAP4 (Internet
Message Access Protocol version 4)
|
143
|
|
HTTPS (Hypertext
Transfer Protocol Secure)
|
443
|
DNS
TCP/IP
networks communicate with hosts using their IP addresses. It would be very
difficult for someone to have to memorize the different IP addresses for the
hosts they want to connect to on the network. A Domain Name Service (DNS) makes
it easier to identify a host by a domain name. A domain name uses words rather
than numbers to identify Internet hosts. Suppose you want to connect to the
CompTIA Web site by using your Web browser. You would enter
http://www.comptia.org
In
the address bar to go to the Comp TIA Web page. www.comptia.org would be a
common name used for a numerical IP address. You could use 216.119.103.72
instead, but www.comptia.org is easier to remember. A DNS server translates
these addresses. Your Web browser asks the TCP/IP protocol to ask the DNS
server for the IP address of www.comptia.org. When the browser receives the
address, it connects to the Web site. Remember that DNS stands for Domain Name
System (or Domain Name Service) and that a DNS server translates domain names
into their IP addresses.
NAT (Network Address
Translation)
NAT
translates one IP address to another. This can be a source address or a
destination address. Two basic implementations of NAT can be used: static and
dynamic
Static NAT
With
static NAT, a manual translation is performed by an address translation device,
translating one IP address to a different one. Typically, static NAT is used to
translate destination IP addresses in packets as they come into your network,
but you can translate source addresses also.
Dynamic NAT
With
static address translation, you need to build the translations manually. If you
have 1000 devices, you need to create 1000 static entries in the address
translation table, which is a lot of work. Typically, static translation is
done for inside resources that outside people want to access. When inside users
access outside resources, dynamic translation is typically used. In this
situation, the global address assigned to the internal user isn’t that
important, since outside devices don’t directly connect to your internal
users—they just return traffic to them that the inside user requested.
ICS (Internet
Connection Sharing)
ICS
(Internet Connection Sharing) is a built-in feature of Windows 98 Second
Edition, Windows 2000, Windows Me, and Windows Xp. ICS provides networked
computers with the capability to share a single connection to the Internet.
Multiple users can use ICS to gain access to the Internet through a single
connection by using Dial-Up Networking or local networking.
WINS (Windows Internet
Name Service)
While
DNS resolves host names to IP addresses, WINS resolves NetBIOS names to IP
addresses. Windows Internet Name Service provides a dynamic database of IP
address to NetBIOS name resolution mappings. WINS, determines the IP address
associated with a particular network computer. This is called name resolution.
WINS supports network client and server computers running Windows. WINS uses a
distributed database that is automatically updated with the names of computers
currently available and the IP address assigned to each one. DNS is an
alternative for name resolution suitable for network computers with fixed IP
addresses.
SNMP (Simple Network
Management Protocol)
Simple
Network Management Protocol, is a TCP/IP protocol for monitoring networks and
network components. SNMP uses small utility programs called agents to monitor
behavior and traffic on the network, in order to gather statistical data. These
agents can be loaded onto managed devices such as hubs, NIC's, servers,
routers, and bridges. The gathered data is stored in a MIB (management
information base). To collect the information in a usable form, a management
program console polls these agents and downloads the information from their
MIB's, which then can be displayed as graphs, charts and sent to a database
program to be analyzed.
NFS (Network File
System)
Network
File System (NFS) is a distributed file system that allows users to access
files and directories located on remote computers and treat those files and
directories as if they were local.
Zeroconf (Zero
configuration)
Zero
Configuration Networking is a set of techniques that automatically create a
usable IP network without configuration or special servers. This allows
unknowledgeable users to connect computers, networked printers, and other items
together and expect them to work automatically. Without Zeroconf or something
similar, a knowledgeable user must either set up special servers, like DHCP and
DNS, or set up each computer's network settings manualy.
Zeroconf currently solves three problems :
Zeroconf currently solves three problems :
·
Choose
numeric network addresses for networked items
·
Figure
out which computer has a certain name
·
Figure
out where to get services, like printing.
SMB (Server Message
Block)
A
file-sharing protocol designed to allow networked computers to transparently
access files that reside on remote systems over a variety of networks. The SMB
protocol defines a series of commands that pass information between computers.
SMB uses four message types: session control, file, printer, and message. It is
mainly used by Microsoft Windows equipped computers. SMB works through a
client-server approach, where a client makes specific requests and the server
responds accordingly. One section of the SMB protocol is specifically for
filesystem access, such that clients may make requests to a file server. The
SMB protocol was optimised for local subnet usage, but one could use it to
access different subnets across the Internet on which MS Windows file-and-print
sharing exploits usually focus. Client computers may have their own hard disks,
which are not publicly shared, yet also want access to the shared file systems
and printers on the server, and it is for this primary purpose that SMB is best
known and most heavily used.
AFP (Apple File
Protocol)
The
file sharing protocol used in an AppleTalk network. In order for non-Apple
networks to access data in an AppleShare server, their protocols must translate
into the AFP language. AFP versions 3.0 and greater rely exclusively on TCP/IP
(port 548 or 427) for establishing communication, supporting AppleTalk only as
a service discovery protocol. The AFP 2.x family supports both TCP/IP and
AppleTalk for communication and service discovery.
LPD (Line Printer
Daemon) and Samba)
LPD
is the primary UNIX printing protocol used to submit jobs to the printer. The
LPR component initiates commands such as "print waiting jobs,"
"receive job," and "send queue state," and the LPD
component in the print server responds to them. The most common implementations
of LPD are in the official
BSD UNIX operating system and the LPRng project. The Common Unix Printing
System (or CUPS), which is more common on modern Linux distributions, borrows
heavily from LPD. Unix and Mac OS X Servers use the Open Source SAMBA to provide Windows
users with Server Message Block (SMB) file sharing.
WAN (Wide Area Networks) technologies:
Circuit-switched
services
provide a temporary connection across a phone circuit. In networking, these are
typically used for backup of primary circuits and for temporary boosts of
bandwidth.
dedicated circuit
dedicated
circuit is a permanent connection between two sites in which the bandwidth is
dedicated to that company’s use. These circuits are common when a variety of
services, such as voice, video, and data, must traverse the connection and you
are concerned about delay issues with the traffic and guaranteed bandwidth.
Cell-switched
cell-switched
services can provide the same features that dedicated circuits offer. Their
advantage over dedicated circuits is that a single device can connect to
multiple devices on the same interface. The downside of these services is that
they are not available at all locations, they are difficult to set up and
troubleshoot, and the equipment is expensive when compared to equipment used for
dedicated circuits.
Packet switching
Packet-switched
services are similar to cell-switched services. Whereas cell-switched services
switch fixed-length packets called cells, packet-switched services switch
variable-length packets. This feature makes them better suited for data
services, but they can nonetheless provide some of the QoS features that
cell-switched services provide. Packet switching offers more efficient use of a
telecommunication provider's network bandwidth. With packet switching, the switching
mechanisms on the network route each data packet from switch to switch
individually over the network using the best-available path. Any one physical
link in a packet-switched network can carry packets from many different senders
and for many different destinations. Where as in a circuit switched connection,
the bandwidth is dedicated to one sender and receiver only.
ISDN (Integrated
Services Digital Network)
Integrated
Services Digital Network adapters can be used to send voice, data, audio, or
video over standard telephone cabling. ISDN adapters must be connected directly
to a digital telephone network. ISDN adapters are not actually modems, since
they neither modulate nor demodulate the digital ISDN signal. Like standard
modems, ISDN adapters are available both as internal devices that connect
directly to a computer's expansion bus and as external devices that connect to
one of a computer's serial or parallel ports. ISDN can provide data throughput
rates from 56 Kbps to 1.544 Mbps using a T1 service. ISDN hardware requires a
NT (network termination) device, which converts network data signals into the
signaling protocols used by ISDN. Some times, the NT interface is included, or
integrated, with ISDN adapters and ISDN-compatible routers. In other cases, an
NT device separate from the adapter or router must be implemented. ISDN works
at the physical, data link, network, and transport layers of the OSI Model.
FDDI (Fiber
Distributed Data Interface)
Fiber
Distributed Data Interface, shares many of the same features as token ring,
such as a token passing, and the continuous network loop configuration. But
FDDI has better fault tolerance because of its use of a dual, counter-rotating
ring that enables the ring to reconfigure itself in case of a link failure. FDDI
also has higher transfer speeds, 100 Mbps for FDDI, compared to 4 - 16 Mbps for
Token Ring. Unlike Token Ring, which uses a star topology, FDDI uses a physical
ring. Each device in the ring attaches to the adjacent device using a two
stranded fiber optic cable. Data travels in one direction on the outer strand
and in the other direction on the inner strand. When all devices attached to
the dual ring are functioning properly, data travels on only one ring. FDDI
transmits data on the second ring only in the event of a link failure.
|
Media
|
MAC Method
|
Signal Propagation Method
|
Speed
|
Topologies
|
Maximum Connections
|
|
Fiber-optic
|
Token passing
|
Forwarded from
device to device (or port to port on a hub) in a closed loop
|
100 Mbps
|
Double ring Star
|
500 nodes
|
T1 (T Carrier level 1)
A
1.544 Mbps point to point dedicated, digital circuit provided by the telephone
companies. T1 lines are widely used for private networks as well as
interconnections between an organizations LAN and the telco. A T1 line uses two
pairs of wire one to transmit, and one to receive. and time division
multiplexing (TDM) to interleave 24 64-Kbps voice or data channels. The
standard T1 frame is 193 bits long, which holds 24 8-bit voice samples and one
synchronization bit with 8,000 frames transmitted per second. T1 is not
restricted to digital voice or to 64 Kbps data streams. Channels may be
combined and the total 1.544 Mbps capacity can be broken up as required.
T3 (T Carrier level 3)
A
T3 line is a super high-speed connection capable of transmitting data at a rate
of 45 Mbps. A T3 line represents a bandwidth equal to about 672 regular
voice-grade telephone lines, which is wide enough to transmit real time video,
and very large databases over a busy network. A T3 line is typically installed
as a major networking artery for large corporations, universities with
high-volume network traffic and for the backbones of the major Internet service
providers.
OCx (Optical Carrier)
Optical
Carrier, designations are used to specify the speed of fiber optic networks
that conforms to the SONET standard.
|
Level
|
Speed
|
|
OC-1
|
51.85
Mbps |
|
OC-3
|
155.52
Mbps |
|
OC-12
|
622.08
Mbps |
|
OC-24
|
1.244
Gbps |
|
OC-48
|
2.488
Gbps |
X.25
X.25
is a network layer protocol that runs across both synchronous and asynchronous
physical circuits, providing a lot of flexibility for your connection options.
X.25 was actually developed to run across unreliable medium. It provides error
detection and correction, as well as flow control, at both the data link layer
(by LAPB) and the network layer (by X.25). In this sense, it performs a
function similar to what TCP, at the transport layer, provides for IP. Because
of its overhead, X.25 is best delegated to asynchronous, unreliable
connections. If you have a synchronous digital connection, another protocol,
such as Frame Relay or ATM, is much more efficient. An X.25 network transmits
data with a packet-switching protocol, bypassing noisy telephone lines. This
protocol relies on an elaborate worldwide network of packet-forwarding nodes
that can participate in delivering an X.25 packet to its designated address.
Internet access technologies:
xDSL (Digital
Subscriber Line)
xDSL
is a term referring to a variety of new Digital Subscriber Line technologies.
Some of these varieties are asymmetric with different data rates in the
downstream and upstream directions. Others are symmetric. Downstream speeds
range from 384 Kbps (or "SDSL") to 1.5-8 Mbps (or "ADSL").
Asymmetric Digital
Subscriber Line (ADSL)
A
high-bandwidth digital transmission technology that uses existing phone lines
and also allows voice transmissions over the same lines. Most of the traffic is
transmitted downstream to the user, generally at rates of 512 Kbps to about 6
Mbps.
Broadband Cable (Cable
modem)
Cable
modems use a broadband connection to the Internet through cable television
infrastructure. These modems use frequencies that do not interfere with
television transmission.
POTS / PSTN
(Plain
Old Telephone Service / Public Switched Telephone Network) POTS
/ PSTN use modem's, which is a device that makes it possible for
computers to communicate over telephone lines. The word modem comes from
Modulate and Demodulate. Because standard telephone lines use analog signals,
and computers digital signals, a sending modem must modulate its digital signals
into analog signals. The computers modem on the receiving end must then
demodulate the analog signals into digital signals. Modems can be external,
connected to the computers serial port by an RS-232 cable or internal in one of
the computers expansion slots. Modems connect to the phone line using standard
telephone RJ-11 connectors.
Wireless
A
wireless network consists of wireless NICs and access points. NICs come in
different models including PC Card, ISA, PCI, etc. Access points act as
wireless hubs to link multiple wireless NICs into a single subnet. Access
points also have at least one fixed Ethernet port to allow the wireless network
to be bridged to a traditional wired Ethernet network, such as the
organization’s network infrastructure. Wireless and wired devices can coexist
on the same network.
·
WLAN (Wireless Local Area Network) A group of computers
and associated devices that communicate with each other wirelessly.
·
WPA (Wi-Fi Protected Access) A security protocol
for wireless networks that builds on the basic foundations of WEP. It secures
wireless data transmission by using a key similar to WEP, but the added
strength of WPA is that the key changes dynamically. The changing key makes it
much more difficult for a hacker to learn the key and gain access to the
network.
·
WPA2 (Wi-Fi Protected Access 2) WPA2 is the second
generation of WPA security and provides a stronger encryption mechanism through
Advanced Encryption Standard (AES), which is a requirement for some government
users.
·
WPA-Personal A version of WPA that
uses long and constantly changing encryption keys to make them difficult to
decode.
·
WPA-Enterprise A version of WPA that
uses the same dynamic keys as WPA-Personal and also requires each wireless
device to be authorized according to a master list held in a special
authentication server.
0 comments:
Post a Comment