Documente Academic
Documente Profesional
Documente Cultură
Lecture 1
1. HTTP 1.0 vs. 1.1
2. HTTP Parameters/ Methods
3. NetCat
4. SSL/TLS
5. TCP-UDI/OSI
6. Modem(DSL) - Router – Switch
7. DHCP
8. DNS
9. PORTS
10. IP Address
11. PING Command / ICMP
1. HTTP 1.0 vs. HTTP 1.1
This header is useful because it allows you to route a message through proxy servers, and also because your web
server can distinguish between different sites on the same server.
So this means if you have blahblahlbah.com and helohelohelo.com both pointing to the same IP. Your web server
can use the Host field to distinguish which site the client machine wants.
Persistent connections:
HTTP 1.1 also allows you to have persistent connections which means that you can have more than one
request/response on the same HTTP connection.
In HTTP 1.0 you had to open a new connection for each request/response pair. And after each response the
connection would be closed. This lead to some big efficiency problems because of TCP Slow Start.
OPTIONS method:
HTTP/1.1 introduces the OPTIONS method. An HTTP client can use this method to determine the abilities of the
HTTP server. It's mostly used for Cross Origin Resource Sharing in web applications.
Caching:
HTTP 1.0 had support for caching via the header: If-Modified-Since.
HTTP 1.1 expands on the caching support a lot by using something called 'entity tag'. If 2 resources are the same,
then they will have the same entity tags.
HTTP 1.1 also adds the If-Unmodified-Since, If-Match, If-None-Match conditional headers.
There are also further additions relating to caching like the Cache-Control header.
HTTP 1.1 is an enhancement of HTTP 1.0. The following lists the four major improvements:
1. Efficient use of IP addresses, by allowing multiple domains to be served from a single IP address.
2. Faster response, by allowing a web browser to send multiple requests over a single persistent connection.
3. Faster response for dynamically-generated pages, by support for chunked encoding, which allows a response
to be sent before its total length is known.
4. Faster response and great bandwidth savings, by adding cache support.
5. HTTP 1.0 can define 16status codes
6. HTTP 1.1 can define 24 status codes
7. HTTP 1.1 has a warning header capable of producing many secondary status alerts
8. HTTP 1.0 authentication unsafe as it is not encrypted
9. HTTP 1.1 safe as it uses a checksum of username, password and one time value.
9. PORTS
Many fundamental things to know as a network engineer is the function and port number used by a number of
common services as well as many that are typically implemented during the course of a network engineer’s career.
Below, we take a look at these protocols, provides a basic description of their function, and lists the port numbers
that they are commonly associated with.
Table 1
Common TCP/IP Protocols and Ports
File Transfer TCP 20/21 FTP is one of the most commonly used file transfer protocols on the
Protocol (FTP) Internet and within private networks. An FTP server can easily be
(RFC 959) set up with little networking knowledge and provides the ability to
easily relocate files from one system to another. FTP control is
handled on TCP port 21 and its data transfer can use TCP port 20 as
well as dynamic ports depending on the specific configuration.
Secure Shell (SSH) TCP 22 SSH is the primary method used to manage network devices
(RFC 4250-4256) securely at the command level. It is typically used as a secure
alternative to Telnet which does not support secure connections.
Telnet TCP 23 Telnet is the primary method used to manage network devices at
(RFC 854) the command level. Unlike SSH which provides a secure connection,
Telnet does not, it simply provides a basic unsecured connection.
Many lower level network devices support Telnet and not SSH as it
required some additional processing. Caution should be used when
connecting to a device using Telnet over a public network as the
login credentials will be transmitted in the clear.
Simple Mail Transfer TCP 25 SMTP is used for two primary functions, it is used to transfer mail
Protocol (SMTP) (email) from source to destination between mail servers and it is
(RFC 5321) used by end users to send email to a mail system.
Domain Name TCP/UDP 53 The DNS is used widely on the public internet and on private
System (DNS) networks to translate domain names into IP addresses, typically for
(RFC 1034-1035) network routing. DNS is hieratical with main root servers that
contain databases that list the managers of high level Top Level
Domains (TLD) (such as .com). These different TLD managers then
contain information for the second level domains that are typically
used by individual users (for example, cisco.com). A DNS server can
also be set up within a private network to private naming services
between the hosts of the internal network without being part of the
global system.
Dynamic Host UDP 67/68 DHCP is used on networks that do not use static IP address
Configuration assignment (almost all of them). A DHCP server can be set up by an
Protocol (DHCP) administrator or engineer with a poll of addresses that are available
(RFC 2131) for assignment. When a client device is turned on it can request an
IP address from the local DHCP server, if there is an available
address in the pool it can be assigned to the device. This assignment
is not permanent and expires at a configurable interval; if an
address renewal is not requested and the lease expires the address
will be put back into the poll for assignment.
Trivial File Transfer UDP 69 TFTP offers a method of file transfer without the session
Protocol (TFTP) establishment requirements that FTP uses. Because TFTP uses UDP
(RFC 1350) instead of TCP it has no way of ensuring the file has been properly
transferred, the end device must be able to check the file to ensure
proper transfer. TFTP is typically used by devices to upgrade
software and firmware; this includes Cisco and other network
vendors’ equipment.
Hypertext Transfer TCP 80 HTTP is one of the most commonly used protocols on most
Protocol (HTTP) networks. HTTP is the main protocol that is used by web browsers
(RFC 2616) and is thus used by any client that uses files located on these
servers.
Post Office Protocol TCP 110 POP version 3 is one of the two main protocols used to retrieve mail
(POP) version 3 from a server. POP was designed to be very simple by allowing a
(RFC 1939) client to retrieve the complete contents of a server mailbox and
then deleting the contents from the server.
Network Time UDP 123 One of the most overlooked protocols is NTP. NTP is used to
Protocol (NTP) synchronize the devices on the Internet. Even most modern
(RFC 5905) operating systems support NTP as a basis for keeping an accurate
clock. The use of NTP is vital on networking systems as it provides
an ability to easily interrelate troubles from one device to another
as the clocks are precisely accurate.
NetBIOS TCP/UDP 137/138/139 NetBIOS itself is not a protocol but is typically used in combination
(RFC 1001-1002) with IP with the NetBIOS over TCP/IP (NBT) protocol. NBT has long
been the central protocol used to interconnect Microsoft Windows
machines.
Internet Message TCP 143 IMAP version3 is the second of the main protocols used to retrieve
Access Protocol mail from a server. While POP has wider support, IMAP supports a
(IMAP) wider array of remote mailbox operations which can be helpful to
(RFC 3501) users.
Simple Network TCP/UDP 161/162 SNMP is used by network administrators as a method of network
Management management. SNMP has a number of different abilities including
Protocol (SNMP) the ability to monitor, configure and control network devices.
(RFC 1901-1908, SNMP traps can also be configured on network devices to notify a
3411-3418) central server when specific actions are occurring. Typically, these
are configured to be used when an alerting condition is happening.
In this situation, the device will send a trap to network
management stating that an event has occurred and that the device
should be looked at further for a source to the event.
Border Gateway TCP 179 BGP version 4 is widely used on the public internet and by Internet
Protocol (BGP) Service Providers (ISP) to maintain very large routing tables and
(RFC 4271) traffic processing. BGP is one of the few protocols that have been
designed to deal with the astronomically large routing tables that
must exist on the public Internet.
Hypertext Transfer TCP 443 HTTPS is used in conjunction with HTTP to provide the same
Protocol over services but doing it using a secure connection which is provided by
SSL/TLS (HTTPS) either SSL or TLS.
(RFC 2818)
Lightweight TCP/UDP 636 Just like HTTPS, LDAPS provides the same function as LDAP but over
Directory Access a secure connection which is provided by either SSL or TLS.
Protocol over
TLS/SSL (LDAPS)
(RFC 4513)
FTP over TLS/SSL TCP 989/990 Again, just like the previous two entries, FTP over TLS/SSL uses the
(RFC 4217) FTP protocol which is then secured using either SSL or TLS.
10. IP Address