Ch6 : Ch6
TCP/IP Layer 4 Protocols: TCP and UDP : TCP/IP Layer 4 Protocols: TCP and UDP
TCP and UDP : TCP and UDP The 2 most common Transport layer protocols:
User Datagram Protocol (UDP)
UDP is a connectionless protocol, described in RFC 768.
It providing for low overhead data delivery.
The pieces of communication in UDP are called datagrams.
each UDP segment only has 8 bytes of overhead.
These datagrams are sent as "best effort".
Applications that use UDP include:
Domain Name System (DNS)
Video Streaming
Voice over IP (VoIP)
Transmission Control Protocol (TCP)
TCP is a connection-oriented protocol, described in RFC 793.
TCP incurs additional overhead to gain functions.
Additional functions specified by TCP are the same order delivery, reliable delivery, and flow control.
Each TCP segment has 20 bytes of overhead in the header encapsulating the Application layer data,
Applications that use TCP are:
Web Browsers
E-mail
File Transfers http://www.uic.rsu.ru/doc/inet/tcp_stevens/tcp_tran.htm
Transmission Control Protocol : Transmission Control Protocol
Multiplexing Using TCP Port Numbers : Multiplexing Using TCP Port Numbers Multiplexing relies on a concept called a socket:
An IP address
A transport protocol
A port number
Slide 6 :
Slide 7 :
Popular TCP/IP Applications : Popular TCP/IP Applications World Wide Web (WWW)
Domain Name System (DNS)
Simple Network Management Protocol (SNMP)
Trivial File Transfer Protocol (TFTP).
Slide 9 :
Error Recovery (Reliability) : Error Recovery (Reliability)
Slide 11 :
Flow Control Using Windowing : Flow Control Using Windowing
Connection Establishment and Termination : Connection Establishment and Termination
TCP Connection Termination : TCP Connection Termination
Data Segmentation and Ordered Data Transfer : Data Segmentation and Ordered Data Transfer maximum transmission unit (MTU) that can be sent inside a data link layer frame
MTU is 1500 bytes
because IP and TCP headers are 20 bytes each, TCP typically segments large data into 1460-byte chunks
User Datagram Protocol : User Datagram Protocol
TCP/IP Applications : TCP/IP Applications QoS Needs and the Impact of TCP/IP Applications
Slide 18 : Low delay: VoIP requires a very low delay between the sending phone and the receiving phone
Low jitter: Jitter is the variation in delay - VoIP requires very low jitter as well
Loss:there is no need to try to recover the lost packet
Slide 19 :
The World Wide Web, HTTP, and SSL : The World Wide Web, HTTP, and SSL Web servers
Web browsers
Universal Resource Locators
The protocol is listed before the //.
-The hostname is listed between the // and the /.
¦ The name of the web page is listed after the /.
For example:
http://www.cisco.com/go/prepcenter
Finding the Web Server Using DNS : Finding the Web Server Using DNS
Transferring Files with HTTP : Transferring Files with HTTP
Network Security : Network Security Perspectives on the Sources and Types of Threats
kinds of attacks that might occur : kinds of attacks that might occur Denial of service (DoS) attacks:
An attack whose purpose is to break things
Destroyers / crashers / flooders,.
Reconnaissance attacks
goal is gathering information to perform an access attack
learning IP addresses and then trying to discover servers
Slide 25 : Access attacks
attempt to steal data, typically data for some financial advantage
viruses are just one tool that can be used to carry out any of these attacks
Access from the wireless LAN:
Infected mobile laptops
Disgruntled employees
Slide 26 :
attacker’s toolkit : attacker’s toolkit Scanner:
Spyware:
Worm:
Keystroke logger:virus that logs all keystrokes
Phishing:sets up a website that outwardly looks like a legitimate website
Malware:
Firewalls and the Cisco Adaptive Security Appliance (ASA) : Firewalls and the Cisco Adaptive Security Appliance (ASA)
Anti-x : Anti-x
Virtual Private Networks (VPN) : Virtual Private Networks (VPN)