Allows sessions to be opened on a remote host
File Transfer Protocol (FTP)
Ports 20 & 21
A protocol for uploading and downloading files to and from a remote host. Also accomodates basic file-management tasks.
Secure File Transfer Protocol (SFTP)
Ports 20 & 21
A protocol for securely uploading anddownloading files to and from a remote host. Based on SSH security
Trivial File Transfer Protocol (TFTP)
UDP port 69
A file transfer protocal that does not have the security or error checking FTP. TFTP uses UDP as a transport protocol and therefore is connectionless
Network File System (NFS)
A network file system protocol allowing a user on a client computer to access files over a network in a manner similar to how local storage is accessed.
Simple Mail Transfer Protocol (SMTP)
Simple Mail Transfer Protocol (SMTP) is used to send mail
It uses a spooled, or queued, method of mail delivery. Once a message has been sent to a destination, the message is spooled to a device, usually a disk. The server software at the destination posts a vigil, regularly checking the queue for messages. When it detects them, it proceeds to deliver them to their destination.
Post Office Protocol (POP)
Used to retrieve email from the server on which it is stored. Can only be used to retrieve mail.
Internet Message Access Protocol, Version 4 (IMAP4)
Makes it so you get control over how you download your mail. With it, you can choose to store messages on the email server hierarchically, and link to documents and user groups too. IMAP even gives you search commands to use to hunt for messages based on their subject, header, or content. It also supports Kerberos authentication.
Transport Layer Security (TLS)
A protocol that come in really handy for enabling secure online data‐transfer activities like browsing the Web, instant messaging, internet faxing, and so on.
Session Initiation Protocol (SIP) is an application-layer protocol designed to establish and maintain multimedia sessions such as Internet telephony calls, video conferencing, streaming multimedia distribution, instant messaging, presence information, and online games.
Real-time Transport Protocol (RTP) is the Internet-standard protocol for the transport of real-time for delivering audio and video over the Internet.
Line Printer Daemon (LPD)
A protocol designed for printer sharing. The LPD, along with the Line Printer (LPR) program, allows print jobs to be spooled and sent to the network's printers using TCP/IP.
Line Printer Remote (LPR)
LPD, installed on all printing devices, handles both printers and print jobs. LPR acts on the client, or sending machine, and is used to send the data from a host machine to the network's print resource so you end up with actual printed output.
X Window defines a protocol for writing client/server applications based on a graphical user interface (GUI).
Simple Network Management Protocol (SNMP)
UDP port 161
Used in network management systems to monitor network-attached devices for conditions that may need attention from an administrator.
Secure Shell (SSH)
Allows secure sessions to be opened on a remote host.
Hypertext Transfer Protocol (HTTP)
Used to manage communications between web browsers and web servers
Hypertext Transfer Protocol Secure (HTTPS)
Sometimes you'll see it referred to as SHTTP or S‐HTTP
Used to securely manage communications between web browsers and web servers
Network Time Protocol (NTP)
Used to communicate time synchronizaton information between devices.
Network News Transfer Protocol (NNTP)
Facilitates the access and downloading of messages from
Secure Copy Protocol (SCP)
Allows files to be copied securely between two systems. Uses Secure Shell (SSH) technology to provide encryption services.
Lightweight Directory Access Protocol (LDAP)
A protocol used to access and query directory services systems such as Novell eDirectory and Microsoft Active Directory.
Internet Group Management Protocol (IGMP)
Provides a mechanism for systems within the same multicast group to register and communicate with each other.
Domain Name Service (DNS)
UDP port 53
Resolves fully qualified domain names (FQDN) to IP addresses
Dynamic Host Configuration Protocol (DHCP)
UDP port 67
Dynamic Host Configuration Protocol (DHCP) assigns IP addresses to hosts with information provided by a server.
Bootstrap Protocol (BootP)
UDP port 67
BootP assigns an IP address to a host but the host's hardware address must be entered manually in a BootP table. BootP is also used to send an operating system that a host can boot from.
DHCP server can provide
Default gateway (routers)
Windows Internet Naming Service (WINS) information
In order to receive an IP address
A client sends out a DHCP DISCOVER message at both Layer 2 and Layer 3. The Layer 2 broadcast is all Fs in hex, which looks like this: FF:FF:FF:FF:FF:FF. The Layer 3 broadcast is 255.255.255.255, which means all networks and all hosts.
DHCP server that received the DHCP Discover message sends back a unicast DHCP Offer message
The client broadcasts to the server a DHCP Request message asking for the offered IP address and possibly other information
The server finalizes the exchange with a unicast DHCP Acknowledgment message
With APIPA, clients can automatically self‐configure an IP address and subnet mask. The IP address range is 169.254.0.1 through 169.254.255.254. The client also uses a default class B subnet mask of 255.255.0.0
Transmission Control Protocol (TCP)
A connection-oriented protocol that offers flow control, sequencing, and retransmission of dropped packets.
The TCP header is 20 bytes long, or up to 24 bytes with options
Windowing flow control
User Datagram Protocol (UDP)
A connectionless, scaled-down alternative to TCP used for applications that do not require the functions offered by TCP.
UDP assumes that the application will use its own reliability method.
No Virtual circuit
No Windowing or flow control
Internet Protocol (IP)
A connectionless protocol used to move data around a network.
Identifying devices on networks requires answering these two questions
Which network is it on?
And what is its ID on that network?
Internet Control Message Protocol (ICMP)
Internet Control Message Protocol (ICMP) works at the Network layer and is used by IP for many different services. ICMP is a management protocol and messaging service provider for IP. Its messages are carried as IP packets.
ICMP packets have the following characteristics:
They can provide hosts with information about network problems.
They are encapsulated within IP datagrams.
Address Resolution Protocol (ARP)
Resolves IP addresses to MAC addresses to enable communication between devices
Reverse Address Resolution Protocol (RARP)
Resolves MAC addresses to IP addresses
Proxy Address Resolution Protocol (Proxy ARP)
A technique by which a device on a given network answers the ARP queries for a network address that is not on that network.
Protocol Data Units (PDUs)
Hold the control information attached to the data at each layer of the model. They're usually attached to the header in front of the data field but can also be in the trailer, or end, of it.
This PDU information is read only by the peer layer on the receiving device. After it's read, it's stripped off, and the data is then handed to the next layer up.
At a transmitting device, the data‐encapsulation method works like this:
User information is converted to data for transmission on the network.
Data is converted to segments, and a reliable connection is set up between the transmitting and receiving hosts.
Segments are converted to packets or datagrams, and a logical address is placed in the header so each packet can be routed through an internetwork.
Packets or datagrams are converted to frames for transmission on the local network. Hardware (Ethernet) addresses are used to uniquely identify hosts on a local network segment.
Frames are converted to bits, and a digital encoding and clocking scheme is used.
If you're using TCP, the virtual circuit is defined by the source port number
The host just makes this up starting at port number 1024 (0 through 1023 are reserved for well‐known port numbers). The destination port number defines the upper-layer process (application) that the data stream is handed to when the data stream is reliably rebuilt on the receiving host.