TCP/IP Explained
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
List of TCP and UDP Port Numbers - Wikipedia, the Free Encyclopedia 6/12/11 3:20 PM
List of TCP and UDP port numbers - Wikipedia, the free encyclopedia 6/12/11 3:20 PM List of TCP and UDP port numbers From Wikipedia, the free encyclopedia (Redirected from TCP and UDP port numbers) This is a list of Internet socket port numbers used by protocols of the Transport Layer of the Internet Protocol Suite for the establishment of host-to-host communications. Originally, these port numbers were used by the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP), but are used also for the Stream Control Transmission Protocol (SCTP), and the Datagram Congestion Control Protocol (DCCP). SCTP and DCCP services usually use a port number that matches the service of the corresponding TCP or UDP implementation if they exist. The Internet Assigned Numbers Authority (IANA) is responsible for maintaining the official assignments of port numbers for specific uses.[1] However, many unofficial uses of both well-known and registered port numbers occur in practice. Contents 1 Table legend 2 Well-known ports: 0–1023 3 Registered ports: 1024–49151 4 Dynamic, private or ephemeral ports: 49152–65535 5 See also 6 References 7 External links Table legend Color coding of table entries Official Port/application combination is registered with IANA Unofficial Port/application combination is not registered with IANA Conflict Port is in use for multiple applications (may be official or unofficial) Well-known ports: 0–1023 The port numbers in the range from 0 to 1023 are the well-known ports. They are used by system processes that provide widely-used types of network services. -
Automotive Ethernet: the Definitive Guide
Automotive Ethernet: The Definitive Guide Charles M. Kozierok Colt Correa Robert B. Boatright Jeffrey Quesnelle Illustrated by Charles M. Kozierok, Betsy Timmer, Matt Holden, Colt Correa & Kyle Irving Cover by Betsy Timmer Designed by Matt Holden Automotive Ethernet: The Definitive Guide. Copyright © 2014 Intrepid Control Systems. All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage or retrieval system, without the prior written permission of the copyright owner and publisher. Printed in the USA. ISBN-10: 0-9905388-0-X ISBN-13: 978-0-9905388-0-6 For information on distribution or bulk sales, contact Intrepid Control Systems at (586) 731-7950. You can purchase the paperback or electronic version of this book at www.intrepidcs.com or on Amazon. We’d love to hear your feedback about this book—email us at [email protected]. Product and company names mentioned in this book may be the trademarks of their respective owners. Rather than use a trademark symbol with every occurence of a trademarked name, we are using the names only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark. The information in this book is distributed on an “As Is” basis, without warranty. While every precaution has been taken in the preparation of this book, neither the authors nor Intrepid Control Systems shall have any liability to any person or entity with respect to any loss or damage caused or alleged to be caused directly or indirectly by the information contained in this book. -
Edition with Romkey, April 16, 1986 (PDF)
PC/IP User's Guide MASSACHUSETTS INSTITUTE OF TECHNOLOGY Laboratory For Computer Science Network programs based on the DoD Internet Protocol for the mM Personal Computer PC/~ release or March, 1986; document updated Aprill4, 1986 by: Jerome H. Saltzer John L. Romkey .• Copyright 1984, 1985, 1986 by the Massachusetts Institute or Technology Permission to use, copy, modlt'y, and distribute these programs and their documentation ror any purpose and without ree ls hereby granted, provided that this copyright and permission notice appear on all copies and supporting documentation, the name or M.I.T. not be used in advertising or publlclty pertalnlng to dlstrlbutlon or the programs without written prior permission, and notice be glven in supporting documentation that copying and distribution ls by permlsslon or M.I.T. M.I.T. makes no representations about the suitablllty or this software for any purpose. It is provided "as ls" without express or Implied warranty. - ii - CREDITS The PC/IP packages are bullt on the work of many people in the TCP/IP community, both at M.I.T. and elsewhere. Following are some of the people who directly helped in the creation of the packages. Network environment-John L. Romkey Terminal emulator and customizer-David A. Bridgham Inltlal TFTP-Kari D. Wright Inltlal telnet-Louls J. Konopelskl Teinet model-David D. Clark Tasking package-Larry W. Allen Development system-Christopher J. Terman Development environment-Wayne C. Gramlich Administrative Assistant-Muriel Webber October 3, 1985. This document is in cover .mss - iii- - iv Table of Contents 1. Overview of PC/IP network programs 1 1.1. -
List of TCP and UDP Port Numbers from Wikipedia, the Free Encyclopedia
List of TCP and UDP port numbers From Wikipedia, the free encyclopedia This is a list of Internet socket port numbers used by protocols of the transport layer of the Internet Protocol Suite for the establishment of host-to-host connectivity. Originally, port numbers were used by the Network Control Program (NCP) in the ARPANET for which two ports were required for half- duplex transmission. Later, the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP) needed only one port for full- duplex, bidirectional traffic. The even-numbered ports were not used, and this resulted in some even numbers in the well-known port number /etc/services, a service name range being unassigned. The Stream Control Transmission Protocol database file on Unix-like operating (SCTP) and the Datagram Congestion Control Protocol (DCCP) also systems.[1][2][3][4] use port numbers. They usually use port numbers that match the services of the corresponding TCP or UDP implementation, if they exist. The Internet Assigned Numbers Authority (IANA) is responsible for maintaining the official assignments of port numbers for specific uses.[5] However, many unofficial uses of both well-known and registered port numbers occur in practice. Contents 1 Table legend 2 Well-known ports 3 Registered ports 4 Dynamic, private or ephemeral ports 5 See also 6 References 7 External links Table legend Official: Port is registered with IANA for the application.[5] Unofficial: Port is not registered with IANA for the application. Multiple use: Multiple applications are known to use this port. Well-known ports The port numbers in the range from 0 to 1023 are the well-known ports or system ports.[6] They are used by system processes that provide widely used types of network services. -
Implementing TCP/IP
4620-1 ch03.f.qc 10/28/99 11:56 AM Page 59 Chapter 3 Implementing TCP/IP In This Chapter ᮣ Defining TCP/IP ᮣ Microsoft’s implementation of TCP/IP ᮣ A detailed analysis of TCP ᮣ A detailed analysis of IP ᮣ Windows Sockets: a definition and the application ᮣ Three parts of Internet addressing: the IP address, subnet mask, and default gateway ᮣ Windows 2000 Server basic routing ave you ever wondered what the payoff was from years of US military Hexpenditures? Was it $200 wrenches and other doodads publicly highlighted by former Senator William Proxmire and his “Golden Fleece” awards? No, two of the great payoffs from the huge military buildup that have spanned generations are Transmission Control Protocol/Internet Protocol (TCP/IP) and the Internet itself. Not only has TCP/IP become a de facto standard for internetworking, it is also the default protocol for Windows 2000 Server. As I prepared this chapter, I promised myself that I wouldn’t drone on about the history of the Internet, Request for Comments (RFCs), and other historical hooey that has been covered in far too many books. In fact, I make two assumptions: First, that you are not a newbie — you know the definition of TCP/IP and have other thicker and more technical resources dedicated specifically to TCP/IP. And second, that perhaps like me, you have trouble sitting still when the going gets boring; if the presentation of TCP/IP (which can be very dry) isn’t exciting, you will drift away and miss the finer points about TCP/IP that are important to catch. -
Network Time Protocol (Version 2) Specification and Implementation
Network Working Group David L. Mills Request for Comments: 1119 University of Delaware Obsoletes: RFC-1059, RFC-958 September 1989 Network Time Protocol (Version 2) Specification and Implementation Status of this Memo This document describes the Network Time Protocol (NTP), specifies its formal structure and summarizes information useful for its implementation. NTP provides the mechanisms to synchronize time and coordinate time distribution in a large, diverse internet operating at rates from mundane to lightwave. It uses a returnable-time design in which a distributed subnet of time servers operating in a self-organizing, hierarchical-master-slave configuration synchronizes local clocks within the subnet and to national time standards via wire or radio. The servers can also redistribute reference time via local routing algorithms and time daemons. This is an Internet Standard Recommended Protocol. Distribution of this memo is unlimited. Keywords: network clock synchronization, standard time distribution, fault-tolerant architecture, maximum-likelihood estimation, disciplined oscillator, internet protocol, formal specification. Mills Page i RFC-1119 Network Time Protocol September 1989 Table of Contents 1. Introduction . 1 1.1. Related Technology . 2 2. System Architecture . 3 2.1. Implementation Model . 4 2.2. Network Configurations . 5 2.3. The NTP Timescale . 7 2.4. The NTP Calendar . 8 2.5. Time and Frequency Dissemination . 10 3. Network Time Protocol . 11 3.1. Data Formats . 11 3.2. State Variables and Parameters . 12 3.2.1. Common Variables . 12 3.2.2. System Variables . 14 3.2.3. Peer Variables . 16 3.2.4. Packet Variables . 17 3.2.5. Clock Filter Variables . 17 3.2.6. -
List of TCP and UDP Port Numbers - Wikipedia, the Free Encyclopedia 08/31/2007 04:24 PM
List of TCP and UDP port numbers - Wikipedia, the free encyclopedia 08/31/2007 04:24 PM List of TCP and UDP port numbers From Wikipedia, the free encyclopedia (Redirected from TCP and UDP port numbers) TCP and UDP are transport protocols used for communication between computers. The IANA is responsible for assigning port numbers to specific uses. Contents 1 Ranges 2 Port lists 2.1 Ports 0 to 1023 2.2 Ports 1024 to 49151 2.3 Ports 49152 to 65535 2.4 Multi cast Adresses 3 References 4 External links Ranges The port numbers are divided into three ranges. The Well Known Ports are those in the range 0–1023. On Unix-like operating systems, opening a port in this range to receive incoming connections requires administrative privileges or possessing of CAP_NET_BIND_SERVICE capability. The Registered Ports are those in the range 1024–49151. The Dynamic and/or Private Ports are those in the range 49152–65535. These ports are not used by any defined application. IANA does not enforce this; it is simply a set of recommended uses. Sometimes ports may be used for different applications or protocols than their official IANA designation. This misuse may, for example, be by a Trojan horse, or alternatively be by a commonly used program that didn't get an IANA registered port or port range. Port lists The tables below indicate a status with the following colors and tags: Official if the application and port combination is in the IANA list of port assignments (http://www.iana.org/assignments/port-numbers) ; Unofficial if the application and port combination is not in the IANA list of port assignments; and Conflict if the port is being used commonly for two applications or protocols. -
Network Working Group J. Postel Request for Comments: 840 ISI April 1983
Network Working Group J. Postel Request for Comments: 840 ISI April 1983 Official Protocols This RFC identifies the documents specifying the official protocols used in the Internet. Annotations identify any revisions or changes planned. To first order, the official protocols are those in the Internet Protocol Transition Workbook (IPTW) dated March 1982. There are several protocols in use that are not in the IPTW. A few of the protocols in the IPTW have been revised these are noted here. In particular, the mail protocols have been revised and issued as a volume titled "Internet Mail Protocols" dated November 1982. There is a volume of protocol related information called the Internet Protocol Implementers Guide (IPIG) dated August 1982. A few of the protocols (in particular the Telnet Options) have not been revised for many years, these are found in the old ARPANET Protocol Handbook (APH) dated January 1978. This document is organized as a sketchy outline. The entries are protocols (e.g., Transmission Control Protocol). In each entry there are notes on status, specification, comments, other references, dependencies, and contact. The status is one of: required, recommended, elective, or experimental. The specification identifies the protocol defining documents. The comments describe any differences from the specification or problems with the protocol. The other references identify documents that comment on or expand on the protocol. The dependencies indicate what other protocols are called upon by this protocol. The contact indicates a person -
The Network Time Protocol David L
1482 IEEE TRANSACTIONS ON COMMUNICATIONS, VOL. 39, NO. 10, OCTOBER 1991 Internet Time Synchronization: The Network Time Protocol David L. Mills, Member, IEEE Abstruct- This paper describes the network time protocol a similar number of gateways. In this paper the capitalized (NTP),which is designed to distribute time information in a large, Internet refers to this particular system, while the uncapitalized diverse internet system operating at speeds from mundane to internet refers to any generic system of multiple networks lightwave. It uses a symmetric architecture in which a distributed subnet of time servers operating in a self-organizing, hierarchical interconnected by gateways. While the Internet backbone configuration synchronizes local clocks within the subnet and networks and gateways are carefully engineered for good to national time standards via wire, radio, or calibrated atomic service, operating speeds, and service reliability vary consid- clock. The servers can also redistribute time information within erably throughout the system. This places severe demands a network via local routing algorithms and time daemons. on NTP, which must deliver accurate and reliable time in This paper also discusses the architecture, protocol and algo- rithms, which were developed over several years of implementa- spite of component failures, service disruptions and possibly tion refinement and resulted in the designation of NTP as an mis-engineered implementations. Internet Standard protocol. The NTP synchronization system, In the remainder of this introductory Section I, issues in which has been in regular operation in the Internet for the the requirements, approaches, and comparisons with previ- last several years, is described along with performance data ous work are discussed. -
ECHO Through EXEC
ECHO through EXEC • ECHO, page 3 • EDONKEY-STATIC, page 4 • EDONKEY, page 5 • EGP, page 6 • EIGRP, page 7 • ELCSD, page 8 • EMBL-NDT, page 9 • EMCON, page 10 • EMFIS-CNTL, page 11 • EMFIS-DATA, page 12 • ENCAP, page 13 • ENCRYPTED-BITTORRENT, page 14 • ENCRYPTED-EMULE, page 15 • ENTOMB, page 16 • ENTRUST-AAAS, page 17 • ENTRUST-AAMS, page 18 • ENTRUST-ASH, page 19 • ENTRUST-KMSH, page 20 • ENTRUST-SPS, page 21 • EPMAP, page 22 • ERPC, page 23 • ESCP-IP, page 24 • ESIGNAL, page 25 • ESPN-BROWSING, page 26 NBAR2 Protocol Pack 7.0.0 1 ECHO through EXEC • ESPN-VIDEO, page 27 • ESRO-EMSDP, page 28 • ESRO-GEN, page 29 • ETHERIP, page 30 • EUDORA-SET, page 31 • EXCHANGE, page 32 • EXEC, page 33 NBAR2 Protocol Pack 7.0.0 2 ECHO through EXEC ECHO ECHO Name/CLI Keyword echo Full Name Echo Protocol Description Echo is a protocol that is used for debugging and measurement. It works by sending back all the data that was received from the source. The protocol works on TCP and UDP, typically on port 7. Reference http://www.faqs.org/rfcs/rfc862.html Global ID L4:7 ID 101 Known Mappings UDP Port 7 TCP Port 7 IP Protocol - IP Version IPv4 Support Yes IPv6 Support Yes Application Group other Category net-admin Sub Category network-management P2P Technology No Encrypted No Tunnel No Underlying Protocols - NBAR2 Protocol Pack 7.0.0 3 ECHO through EXEC EDONKEY-STATIC EDONKEY-STATIC Name/CLI Keyword edonkey-static Full Name eDonkey Description eDonkey is peer-to-peer file sharing adopted to share large files. -
Port Ranges Traffic Analysis
Simon Owens Port Ranges • Ports 0 to 1023 are Well-Known Ports. • Ports 1024 to 49151 are Registered Ports (often registered by a software developer to designate a particular port for their application) • Ports 49152 to 65535 are Public Ports. Traffic Analysis - Wireshark Configure Name Resolution 1. Make a new profile 2. Make a “hosts” file with format “ip hostname” 3. Place that “hosts” file in the ~/.config/wireshark/configprofilename/ folder 4. open pcap file, select your configuration profile, and ensure “view>>name resolution>>resolve network/transport address names” is checked Configure Ports 1. Go to “Edit>>preferences>>columns” and add src and dst ports to the display Figuring out what multi-cast goes too 1. Fill out “hosts” and “services” file if you can 2. Click on various multi-cast products – generally the parameters will identify what the application is with a version or the company that made it. Query for Common Ports • tcp.dstport >= 0 and tcp.dstport <= 10000 || tftp || dns Saving off filters to make capture smaller 1. Apply a filter 2. Click “File>> Export Specified Packets” then save them to a file Search for Strings • Edit >> find packet Extracting files • file >> export objects Find Hashes • net-creds.py file.pcap Changing Parameters in the Packets Simon Owens • Port Scan Netdiscover -r <ip-range> make sure you know everything on network IP=insert mkdir $IP Masscan: • masscan -p0-65535 $IP --banners -oG $IP/masscan_$IP.grep Nmap: • Nmap -sV -T4 $IP -oN $IP/normalNmap.txt • nmap -v -sS -T4 -A --script=vuln --host-timeout 336h -p 0-65535 $IP -oA $IP/TCPscan_$IP • nmap -v -sU -T4 -A --script=vuln --host-timeout 336h -p 0-65535 $IP -oA $IP/UDPscan_$IP General Services: • 9/tcp - Discard o Discard Protocol - https://www.exploit-db.com/exploits/19555 The Discard Protocol is a service in the Internet Protocol Suite defined in RFC 863. -
SWMME-3000 Series Modular Industrial Ethernet Switch (EN)
SWMME-3000 Series Modular Industrial Ethernet Switch Performance Features ● Modular industrial switches with 3 slot modules of flexible configuration and high performance, and all modules support on-line upgrade ● Supporting Ethernet ring and multiple self-healing rings with the fail-over time in every node less than 5ms and the network self-healing time less than 50ms (typical value) ● Supporting IEC62439-2 based MRP ● Supporting IEC62439-3 based PRP, and HSR ● Any two ports can establish a self-healing ring and support multiple independent self-healing rings CXR SWMME series - the modular ● With function of data packet dropout protection and quick recover from network failure. industrial Ethernet switches provide multi-slots and ● Multi-Protocol L3 routing meets the requirement of many integrated forms including gigabit network, private network. content switching, PRP/HSR module. And all the ● Support various multicast protocols and strong safety protection mechanism modules support on-line upgrade. All modules in ● Provide bandwidth service with different levels in SWMME series are equipped with unified optical Ethernet service by speed limiting and traffic modules and software, forming a system that can shaping in QoS of layer 2 ● adapt to future develop-ment. With the unified Support function of the static and dynamic allocation as well as limitation of CPU and real-time monitor operation, the equipment can make better use of the key operating parameters, including CPU themselves. series adopt ardware-based utilization rate, RAM, supply voltage and mainboard SWMME h voltage. algorithm that ensures the fail-over time in every ● SWMME series have a full set of professional net- node less than 5ms and the network self-healing work management and monitoring and alarm system.