Sign in

Introduction To Some Network Protocols

Hi guys , This is my first write-up and it is about some network protocols so I hope you’ll like and enjoy it. if you are new to IT field or old =)) it will give you a lot of general information about protocols , I’m sure it’ll worth your time ;)

In the networking and communications area, a protocol is the formal specification that defines the procedures that must be followed when transmitting or receiving data. Protocols define the format, timing, sequence, and error checking used on the network.

In plain English, the above means that if you have 2 or more devices e.g computers which want to communicate, then they need a common “Protocol” which is a set of rules that guide the computers on how and when to talk to each other

my purpose in this article is giving you a general information about them so i shall not go too deep. Any way lets start.

As you may know TCP and UDP are the huge protocols out there and all other protocols fundamentally rely on these two , so i’ll first go through TCP & UDP then I’ll explain more about the other protocols that are dependent on TCP or UDP or both.

Transmission Control Protocol
(Connection oriented)

The Transmission Control Protocol, TCP for short, is part of the protocol family TCP / IP.
TCP is a connection-oriented protocol and should significantly prevent data loss, divide files and data streams and assign data packets to the applications.
As a connection-oriented protocol, TCP is responsible for establishing the connection and disconnecting between two stations of end-to-end communication.
Through TCP transmitter and receiver are constantly in contact with each other
TCP is reliable transmission and includes multiple mechanisms that ensure reliable transmission of packets.
As one example, a sending computer can detect when a packet has been lost by noticing that a packet hasn’t been acknowledged within a period of time. Once the sender detects packet loss,
it will re-transmit the lost packet.

User Datagram Protocol
(Connection less)

UDP is a connection-less transport protocol and works on layer 4
,the transport layer of the OSI layer model.
It thus has a similar task as the connection-oriented TCP.
However, it works connection-less and therefore unsafe.
This means that the sender does not know if his sent data packets have arrived.
While TCP sends acknowledgments when receiving data, UDP does without it.
This has the advantage that the packet header is much smaller and the transmission path does not have to transmit acknowledgments.
Typically, UDP is used for DNS requests, VPN connections, audio and video streaming.

File Transfer Protocol
Ports: 20–21
Transport protocol: TCP

FTP is a communication protocol for transferring files between different computer systems. The transfer takes place according to the client-server principle. An FTP server makes files available to the FTP client. The FTP client can save, delete or download files on the FTP server.
With a comfortable FTP client you work in a similar way as with a file manager.
FTP has been around since 1971, making it the oldest and most solid protocol on the Internet. Since 1985, virtually nothing has changed in the transmission mechanisms.
ftp asks username and password

Trivial File Transfer Protocol
Port: 69
Transport protocol: UDP

Similar to FTP, TFTP is a protocol for file transfer within a network. Unlike FTP, TFTP has significantly fewer commands and only uses UDP port 69. Because of the use of the unprotected transport protocol UDP, TFTP itself takes over the backup of the data packets and independently takes care of the repeated transmission in case of packet loss.
An authentication is omitted. Instead, it relies on the access limitation of the operating system. For example, only files that are readable or writable by all users may be read and written.
TFTP is very often used to load new BIOS and firmware versions onto active network components.

Simple Network Management Protocol
Ports : 161–162
Transport protocol: UDP

SNMP is a protocol for managing and controlling networks. It is responsible for transporting management information, status and statistics data between network stations and a management system.
Devices that typically support SNMP include cable modems, routers, switches, servers, workstations, printers
The SNMP architecture separates the manager, the agents, the management information, and the management protocol. The manager is an application on a dedicated computer. The agents are the individual network components.
The flow between manager and agent is always the same. The manager sends a request to the agent. This executes the command and sends a response back. This procedure is called polling. There are also trusts that cause an agent to report unforeseen events to the manager. However, many concurrent traps can overload the manager. Therefore, traps are only recommended for critical events. In order to avoid an unnecessary network load,
the data exchange of SNMP takes place via UDP.

Dynamic Host Configuration Protocol
Ports: 67–68
Transport protocol: UDP

DHCP is a protocol for managing IP addresses in a TCP / IP network and distributing them to the requesting hosts. DHCP provides ip address to computers. With DHCP each network participant is able to configure itself automatically.
How DHCP works is similar to the client-server architecture. The DHCP client asks the DHCP server for an IP configuration. The DHCP server has a pool of IP addresses that it can allocate to the DHCP clients. For larger networks, the DHCP server must also know which subnets and standard gateways are available

Secure Shell
Port: 22
Transport protocol: TCP / UDP

SSH or Secure Shell is a cryptographic protocol with which one can access a remote computer via an encrypted connection over an insecure network.
The developer of this protocol and the associated software is the Finn Tatu Ylönen.
The shell (command line) provides full access to the file system and all functions of the computer
Secure Shell features include login to remote machines, interactive and non-interactive command execution, and copying files between different machines on a network. SSH offers cryptographically secured communication over the insecure network, reliable mutual authentication, encryption of all traffic based on a password or public / private key login methods.
In most cases, Secure Shell will be able to replace Telnet, FTP, and r utilities protocols and applications.

Network Time Protocol
Port: 123

Transport protocol: UDP
In networks and in computers with time-critical tasks, a precise time is essential. For this reason, very early mechanisms were developed as networked computers can exchange time with each other. NTP is a hierarchical protocol over which time servers can determine among themselves a common time.
On port 13, a server can use “daytime” to provide its time as ASCII plaintext. Another possibility is the port 37 over “time”. This returns the elapsed seconds since 1.1.1900 0 clock as a 32-bit binary value. This value is only accurate to the second.
However, these two simple methods have another major disadvantage. They do not take into account the data packet runtime to the destination. Until the indication of the time “arrives” at the receiver, it is outdated. Outside of LANs, these methods are therefore unsuitable.
The shortcomings of “time” and “daytime” led to the development of NTP, which measures and offsets packet delivery times in the network. The NTP service works in parallel with the system clock as a stand-alone clock.

Session Initiation Protocol
Ports: 5060–5061 ( 5061 is encrypted — TLS )
Transport protocol: UDP / TCP

SIP is responsible for establishing, operating and reducing voice and video connections. Both point-to-point and point-to-multipoint connections can be controlled with it.
The strong relation to other Internet protocols is unmistakable with SIP. Thus, SIP is strongly based on HTTP (Hypertext Transfer Protocol). This makes it easy to integrate SIP telephony into browser environments, web services, applications and devices. Because all information is transmitted in plain text, it is recommended to use the encrypted variant SIPS.
The switching of the data packets follows the logic of IP networks, which is why we also speak of Voice over IP when using SIP.

Internet Relay Chat
Port: 194
Transport protocol: UDP

It is an application layer protocol that facilitate communication in the form of text.
The chat process works on a client/server networking model. IRC clients are computer programs that users can install on their system or web based applications running either locally in the browser or on a 3rd party server. These clients communicate with chat servers to transfer messages to other clients.
IRC is mainly designed for group communication in discussion forums, called channels but also allows one-on-one communication via private messages as well as chat and data transfer, including file sharing

Real-Time Transport Streaming Protocol
Port: 554
Transport protocol: UDP

(RTSP) is an application level protocol that provides for the on-demand control over the delivery of real-time data.
The RTSP protocol is intended for the control of channels and mechanisms used for multiple synchronized data delivery sessions from stored and live sources such as audio and video streams between media servers and clients

Port: 23
Transport protocol: TCP

A not secure command-line based way to connect to routers and switch
Telnet is a protocol to gain access to another remote computer or network component. The access takes place on the command line, via the Telnet client, which establishes a connection to the Telnet server.
Telnet is the oldest service on the Internet and comes from the origins of ARPANET. Telnet is an artificial word and is formed from the first three letters of Telecommunication Network.

Simple Mail Transfer Protocol
Ports: 25 / tls/ssl : 465
Transport protocol: TCP

SMTP is a communication protocol for the transmission of e-mails. Communication takes place between an e-mail client and an SMTP server (outgoing mail server) or between two SMTP servers.
The exchange of emails is handled by the Mail Transfer Agents (MTAs). The MTAs communicate with each other using the SMTP protocol.
In addition to SMTP, POP and IMAP are two more protocols for e-mail exchange.

Post Office Protocol
Ports: 110 / tls/ssl : 995
Transport protocol: TCP

POP is a communication protocol for collecting emails from an inbox server (POP server).
Communication takes place between an e-mail client and an e-mail server (inbox server). The protocol that governs this access is called POP (from 1984),
which is in the current version 3, and is therefore sometimes referred to as POP3

Internet Message Access Protocol
Ports: 143 / tls/ssl : 993
Transport protocol: TCP / UDP

IMAP allows access to a mailbox similar to POP. The key difference between these two protocols is the online mode of IMAP, which keeps the email client in constant communication with the email server.
During an IMAP session, individual emails can be accessed that remain on the server until they are deleted. This can be accessed from anywhere on the server. Also with a terminal that is only connected to the network with low bandwidth. The emails are only downloaded if the user wants to read them. Emails with a large attachment will no longer clog your network.

Remote Desktop Protocol
Port: 3389
Transport protocol: TCP / UDP

Remote Desktop Protocol (RDP) is a Microsoft protocol designed to facilitate application data transfer security and encryption between client users, devices and a virtual network server. It enables a remote user to add a graphical interface to the desktop of another computer
RDP allows network administrators to remotely diagnose and resolve problems individual subscribers encounter

Hyper Text Transfer Protocol
Port: 80
Transport protocol: TCP

HTTP is the communication protocol in the World Wide Web (WWW).
The most important functions are to request files from the web server and load them into the browser. The browser then takes over the display of texts and images and takes care of the playback of audio and video data.

Hyper Text Transfer Protocol Secure
Port: 443
Transport protocol: TCP

HTTPS or HTTP Secure is the use of HTTP in conjunction with encryption and authentication. As a rule, only the requested web server has to authenticate itself with a certificate.

An encrypted connection with a browser is signaled with a “https: //” (TCP port 443) instead of “http: //” (TCP port 80). In this case, the web server must authenticate to the client whether it is actually the web server that is located below the entered address. In addition, the connection or session is encrypted end-to-end. This means that the stations between client and server can not decrypt the communication.

SSL / TLS is responsible for authentication and encryption. It shifts between HTTP and the transport protocol TCP. This makes SSL / TLS available for other application protocols as well. For example SMTPS, IMAPS and FTPS. SSL works almost invisibly for the user.

Lightweight Directory Access Protocol
Port: 389
Transport protocol: TCP / UDP

LDAP provides a mechanism of accessing and maintaining distributed directory information. It is a protocol intended for communication between a client and an X.500 directory service. X.500 is a standard for DAP databases or directory services. Unfortunately, the implementation across different systems is very complicated. Therefore, LDAP was developed in 1993 to facilitate access to DAP databases or X.500 directory services over TCP / IP.
Originally, it was just a protocol that acted as a proxy for accessing a DAP database to mediate between X.500 and the various systems. Only later did LDAP become a standalone directory service. LDAP got its own database backend to work independently of a DAP server. Thus one can operate a directory service with an LDAP server.

Domain Name System
Port: 53
Transport protocol: TCP / UDP

The Domain Name System, DNS for short, is also referred to as the “Telephone Book of the Internet”. Much like looking for a name in a phone book to get the phone number out, look in the DNS for a computer name to get the associated IP address. The IP address is needed to connect to a server that knows only the computer name.
DNS is a system for resolving computer names into IP addresses and vice versa. DNS has no central database. The information is distributed on many thousands of name servers (DNS servers).

web security specialist since 2015, tech stuff & cryptocurrency trader & I love writing about information security and technology.