DOCSLIB.ORG

TCP/IP Explained

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
TCP/IP Explained TCP/IP Explained PHILIP MILLER DIGITAL PRESS Boston Oxford Johannesburg Melbourne New Delhi Singapore Table of Contents Preface xvii Chapter 1 - Introduction 1 1.1 What is TCP/IP? 1 1.1.1 A Brief History of TCP/IP 2 1.1.2 The Internet Protocol Suite 3 1.2 The Internet 5 1.2.1 The Growth of the Internet 6 1.3 Summary 9 Chapter 2 - Standardization 11 2.1 The Internet Architecture Board 11 2.1.1 The Internet Engineering Task Force 12 2.1.2 The Internet Research Task Force 13 2.2 Internet Protocol Standards 13 2.2.1 Protocol States 14 2.2.2 Protocol Status 16 2.2.3 The Request For Comments (RFC) 16 2.3 Internet Protocol Architecture 17 2.3.1 The Open Systems Interconnection (OSI) Model 18 2.3.2 The OSI Model and LANs 20 2.3.3 The Internet Protocol Suite Model 23 2.4 A Comparison of Major Architectures 25 2.5 Summary 26 Chapter 3 - An Overview of Network Technologies and Relay Systems 27 3.1 Ethernet and IEEE 802.3 27 3.1.1 802.3 Specifications 27 3.1.2 Ethernet/802.3 Frame Structure 30 3.1.3 Ethernet/802.3 Operation 32 3.2 Token Ring 33 3.2.1 802.5 Specifications 34 3.2.2 802.5 Frame Structure 36 3.2.3 802.5 Operation 38 3.3 Fibre Distributed Data Interface (FDDI) 39 3.3.1 FDDI Specifications 41 3.3.2 FDDI Frame Structure 42 3.3.3 FDDI Operation 43 3.4 Relay Systems 43 3.4.1 Repeaters 44 3.4.2 Bridges 45 3.5 WAN Links 50 3.6 Summary 51 Chapter 4 - Internet Addressing 53 4.1 The Need for an Addressing Scheme 53 4.2 Internet Addressing 54 4.2.1 Dotted Decimal Notation 55 4.2.2 Identifying IP Addresses and Rules 56 4.2.3 Choosing the Right Addressing Scheme 57 4.2.4 Free Addresses 58 4.3 Routing Fundamentals 59 4.4 The Resolution of MAC Addresses 60 4.4.1 The Address Resolution Protocol (ARP) 61 4.4.2 The ARP Protocol Format 62 4.4.3 Problems with Address Resolution 65 4.4.4 Address Resolution for Non-Broadcast Networks 65 4.5 The Reverse Address Resolution Protocol (RARP) 65 4.6 Subnetting 68 4.6.1 Natural Subnet Masks 69 4.6.2 Obtaining Subnet Masks 70 4.6.3 Guidelines for Implementing Subnet Masks 70 4.7 Multi-Homing 71 4.8 Assigning Multiple IP Addresses to a Single Physical Connection 71 4.9 The Future of The Internet Addressing Scheme 72 4.10 Summary 73 Chapter 5 - The Internet Protocol (IP) 75 5.1 The IP Datagram 76 5.2 IP Datagram Options 81 5.2.1 End of Option List 82 5.2.2 No Operation 83 5.2.3 Security 83 5.2.4 Loose and Strict Source Routing 83 5.2.5 Record Route 84 5.2.6 Internet Timestamp 84 5.3 Datagram Fragmentation 86 5.4 Summary 89 Chapter 6 - The Internet Control Message Protocol (ICMP) 91 6.1 ICMP Message Types 92 6.1.1 Destination Unreachable 93 6.1.2 Time Exceeded 95 6.1.3 Parameter Problem 95 6.1.4 Source Quench 96 6.1.5 Redirect 97 6.1.6 Echo Request/Reply 98 6.1.7 Timestamp Request/Reply 100 6.1.8 Information Request/Reply 101 6.1.9 Address Mask Request/Reply 102 6.2 ICMP Extentsions 102 6.2.1 Router Discovery 103 6.3 Summary 104 Chapter 7 - The Transmission Control Protocol (TCP) ....107 7.1 TCP Operation 108 7.1.1 Basic Data Transfer 108 7.1.2 Reliability 108 7.1.3 Flow Control Ill 7.1.4 Multiplexing 113 7.1.5 Connections 113 7.2 TCP Segment Header 114 7.3 TCP Options 117 7.4 Connection Management 118 7.4.1 Connection Establishment 118 7.4.2 Connection Maintenance 123 7.4.3 Connection Termination 124 7.4.4 The TCP Finite State Machine 126 7.5 Summary 130 Chapter 8 - The User Datagram Protocol (UDP) 133 8.1 UDP Multiplexing 134 8.2 UDP Datagram Header 134 8.2.1 UDP and ICMP 138 8.3 Summary 138 Chapter 9 - Routing Principles 139 9.1 Direct and Indirect Routing 139 9.1.1 Routing Protocols 140 9.1.2 Static and Default Routes 141 9.2 Routing and Subnet Masks 142 9.2.1 Variable Length Subnet Masks 143 9.3 ARP and Subnetted Environments 145 9.3.1 Proxy ARP 145 9.4 Summary 147 Chapter 10 - The Routing Information Protocol (RIP) ....149 10.1 Gauging Route Quality 149 10.2 Protocol Operation 151 10.2.1 Handling Topology Changes 153 10.2.2 Split Horizon 156 10.2.3 Poison Reverse 156 10.2.4 Triggered Updates 158 10.2.5 Route States and Timers 158 10.3 RIP Protocol Format and Operation 159 10.3.1 RIP Datagram Processing 161 10.3.2 Router Operation at Start-up 166 10.4 The Arguments Surrounding RIP 166 10.4.1 RIP Limitations 166 10.4.2 RIP Strengths 168 10.5 RIP II 168 10.5.1 RIP II Protocol Format 168 10.5.2 RIP II Authentication 170 10.5.3 RIP II and Multicasting 171 10.5.4 Compatibility with RIP I 171 10.6 Summary 172 Chapter 11 - The Open Shortest Path First Protocol (OSPF) 173 11.1 Metrics 174 11.1.1 Type of Service Routing 175 11.1.2 Equal Cost Paths 176 11.2 An Overview of OSPF 176 11.2.1 OSPF Terminology 177 11.2.2 Network and Area Types 179 11.2.3 Designated and Backup Designated Routers 180 11.2.4 Router Adjacency and Network Types 182 11.3 Protocol Operation 182 11.3.1 The Hello Protocol 185 11.3.2 Exchanging Database Information and Creating Adjacencies 190 11.3.3 Exchanging Database Description Packets 191 11.3.4 Requesting Additional Information Through Link State Requests (LSRs) 194 11.3.5 Link State Updates 196 11.3.6 Link State Advertisements 196 11.4 Creating the Shortest Path Tree 205 11.4.1 The Routing Table 206 11.5 Using Areas 207 11.5.1 The Backbone Area 208 11.5.2 Virtual Links 208 11.5.3 Intra-Area and Inter-Area Routing 210 11.6 Joining Autonomous Systems Together 215 11.7 Summary 216 Chapter 12 - The Exterior Gateway Protocol (EGP) 217 12.1 The EGP Protocol Format and Operation 219 12.1.1 EGP Message Header 220 12.1.2 Neighbor Acquisition/Cease 221 12.1.3 Neighbor Reachability 224 12.1.4 Poll Command 225 12.1.5 Update Response/Indication Messages 226 12.1.6 Error Response/Indication 228 12.2 EGP Metrics 230 12.3 The EGP Finite State Machine 230 12.4 EGP, an Example 231 12.5 Summary 235 Chapter 13 - The Border Gateway Protocol (BGP) 237 13.1 BGP Operation 238 13.2 BGP Message Formats 239 13.2.1 The BGP Message Header 239 13.2.2 Open Messages 240 13.2.3 Update Messages 243 13.2.4 KeepAlive Messages 247 13.2.5 Notification Messages 247 13.3 A Simple BGP Example 250 13.4 Summary 254 Chapter 14 - Broadcasting and Multicasting with IP 255 14.1 Broadcasting 255 14.1.1 Broadcasting in the Presence of Subnets 258 14.2 Multicasting 259 14.2.1 Host Group Addresses 260 14.2.2 Mapping IP Multicasts to Local Network Multicasts 260 14.3 The Internet Group Management Protocol (IGMP) 262 14.3.1 IGMP Operation 262 14.3.2 The Allocation of Transient Host Group Addresses 264 14.4 The Propagation of Multicast Routing Information 265 14.5 The Distance Vector Multicast Routing Protocol (DVMRP) 265 14.5.1 DVMRP in Operation 268 14.6 Multicast OSPF 269 14.6.1 MOSPF Operation 271 14.6.2 Pruned Shortest Path Trees 274 14.7 Summary 275 Chapter 15 - The Domain Name System (DNS) 277 15.1 The Domain Name Space 278 15.1.1 Aliases 279 15.1.2 The Internet Mail System and DNS 280 15.2 Resource Records 280 15.2.1 The A (Address) Type Resource Record 282 15.2.2 The CName (Canonical Name) Type Resource Record 282 15.2.3 The HInfo (Host Information) Type Resource Record 282 15.2.4 The MB, MD, MF, MG, MInfo, MR, and MX (Mail) Type Resource Records 283 15.2.5 The NS (Name Server) Type Resource Record 284 15.2.6 The PTR (Pointer) Type Resource Record 284 15.2.7 The SOA (Start of Authority) Type Resource Record 284 15.2.8 The TXT (Text) Type Resource Record 285 15.2.9 The WKS (Well Known Service) Type Resource Record 285 15.2.10 The NULL Type Resource Record 286 15.3 DNS Operation 286 15.3.1 Name Server Operation 287 15.4 DNS Protocol Format 289 15.4.1 The Header Section 290 15.4.2 The Question Section 291 15.4.3 The Answer, Authority, and Additional Information Sections 292 15.4.4 Message Compression 292 15.5 Inverse Queries 293 15.6 Looking up DNS Information 294 15.7 A DNS Example 295 15.8 Summary 297 Chapter 16 - Telnet and Rlogin 299 16.1 The Telnet Protocol 299 16.1.1 Option Command/Responses 300 16.1.2 Telnet Control Functions 301 16.1.3 Standard NVT Characters 303 16.1.4 Telnet Commands and Options 303 16.1.5 RFCs Related to Telnet Options 304 16.1.6 A Sample Telnet Session 307 16.2 Rlogin 310 16.2.1 Rlogin Commands 311 16.2.2 Rlogin Security Considerations 311 16.3 Summary 312 Chapter 17 - The File Transfer Protocol (FTP) 313 17.1 FTP Basic Operation 313 17.2 Data Transfer Functions 314 17.2.1 Data Types 315 17.2.2 Data Structures 316 17.3 FTP Transmission Modes 317 17.3.1 Stream Mode 317 17.3.2 Block Mode 317 17.3.3 Compressed Mode 318 17.4 File Transfer Functions 319 17.4.1 Access Control Commands 319 17.4.2 Transfer Parameters 320 17.4.3 FTP Service Commands 321 17.5 FTP Responses 322 17.6 A Complete FTP Example 324 17.7 Summary 333 Chapter 18 - The Simple Mail Transfer Protocol (SMTP) ..335 18.1 Defining Senders and Recipients 336 18.2 Sending Mail Messages 336 18.2.1 Verifying and Expanding 338 18.3 SMTP Commands and Responses 338 18.3.1 SMTP Commands 338 18.3.2 SMTP Replies 340 18.3.3 Returning Mail to the Sender 340 18.4 Message Header Format 341 18.5 Summary 341 Chapter 19 - Booting Internet Hosts with BootP andTFTP 343 19.1 The Bootstrap Protocol (BootP) 344 19.1.1 BootP Basic Operation 344 19.1.2 BootP Protocol Format 345 19.1.3 Constructing the BootP Request 348 19.1.4 Using BootP with Routers 348 19.1.5 BootP Configuration 349 19.1.6 Re-Transmitting BootP Requests 349 19.2 TFTP 350 19.2.1 TFTP Operation 351 19.2.2 TFTP Protocol Format 351 19.2.3 The Determination of UDP Port Numbers 354 19.2.4 Security and TFTP 354 19.2.5 Sample TFTP Traces 355 19.2.6 Directed TFTP 359 19.3 Summary 359 Chapter 20 - The Simple Network Management Protocol (SNMP) 361 20.1 The Management Task and SNMP 361 20.2 SNMP Architecture
Load more

Recommended publications
  • List of TCP and UDP Port Numbers - Wikipedia, the Free Encyclopedia 6/12/11 3:20 PM
    List of TCP and UDP port numbers - Wikipedia, the free encyclopedia 6/12/11 3:20 PM List of TCP and UDP port numbers From Wikipedia, the free encyclopedia (Redirected from TCP and UDP port numbers) This is a list of Internet socket port numbers used by protocols of the Transport Layer of the Internet Protocol Suite for the establishment of host-to-host communications. Originally, these port numbers were used by the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP), but are used also for the Stream Control Transmission Protocol (SCTP), and the Datagram Congestion Control Protocol (DCCP). SCTP and DCCP services usually use a port number that matches the service of the corresponding TCP or UDP implementation if they exist. The Internet Assigned Numbers Authority (IANA) is responsible for maintaining the official assignments of port numbers for specific uses.[1] However, many unofficial uses of both well-known and registered port numbers occur in practice. Contents 1 Table legend 2 Well-known ports: 0–1023 3 Registered ports: 1024–49151 4 Dynamic, private or ephemeral ports: 49152–65535 5 See also 6 References 7 External links Table legend Color coding of table entries Official Port/application combination is registered with IANA Unofficial Port/application combination is not registered with IANA Conflict Port is in use for multiple applications (may be official or unofficial) Well-known ports: 0–1023 The port numbers in the range from 0 to 1023 are the well-known ports. They are used by system processes that provide widely-used types of network services.
    [Show full text]
  • Automotive Ethernet: the Definitive Guide
    Automotive Ethernet: The Definitive Guide Charles M. Kozierok Colt Correa Robert B. Boatright Jeffrey Quesnelle Illustrated by Charles M. Kozierok, Betsy Timmer, Matt Holden, Colt Correa & Kyle Irving Cover by Betsy Timmer Designed by Matt Holden Automotive Ethernet: The Definitive Guide. Copyright © 2014 Intrepid Control Systems. All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage or retrieval system, without the prior written permission of the copyright owner and publisher. Printed in the USA. ISBN-10: 0-9905388-0-X ISBN-13: 978-0-9905388-0-6 For information on distribution or bulk sales, contact Intrepid Control Systems at (586) 731-7950. You can purchase the paperback or electronic version of this book at www.intrepidcs.com or on Amazon. We’d love to hear your feedback about this book—email us at [email protected]. Product and company names mentioned in this book may be the trademarks of their respective owners. Rather than use a trademark symbol with every occurence of a trademarked name, we are using the names only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark. The information in this book is distributed on an “As Is” basis, without warranty. While every precaution has been taken in the preparation of this book, neither the authors nor Intrepid Control Systems shall have any liability to any person or entity with respect to any loss or damage caused or alleged to be caused directly or indirectly by the information contained in this book.
    [Show full text]
  • Edition with Romkey, April 16, 1986 (PDF)
    PC/IP User's Guide MASSACHUSETTS INSTITUTE OF TECHNOLOGY Laboratory For Computer Science Network programs based on the DoD Internet Protocol for the mM Personal Computer PC/~ release or March, 1986; document updated Aprill4, 1986 by: Jerome H. Saltzer John L. Romkey .• Copyright 1984, 1985, 1986 by the Massachusetts Institute or Technology Permission to use, copy, modlt'y, and distribute these programs and their documentation ror any purpose and without ree ls hereby granted, provided that this copyright and permission notice appear on all copies and supporting documentation, the name or M.I.T. not be used in advertising or publlclty pertalnlng to dlstrlbutlon or the programs without written prior permission, and notice be glven in supporting documentation that copying and distribution ls by permlsslon or M.I.T. M.I.T. makes no representations about the suitablllty or this software for any purpose. It is provided "as ls" without express or Implied warranty. - ii - CREDITS The PC/IP packages are bullt on the work of many people in the TCP/IP community, both at M.I.T. and elsewhere. Following are some of the people who directly helped in the creation of the packages. Network environment-John L. Romkey Terminal emulator and customizer-David A. Bridgham Inltlal TFTP-Kari D. Wright Inltlal telnet-Louls J. Konopelskl Teinet model-David D. Clark Tasking package-Larry W. Allen Development system-Christopher J. Terman Development environment-Wayne C. Gramlich Administrative Assistant-Muriel Webber October 3, 1985. This document is in cover .mss - iii- - iv Table of Contents 1. Overview of PC/IP network programs 1 1.1.
    [Show full text]
  • List of TCP and UDP Port Numbers from Wikipedia, the Free Encyclopedia
    List of TCP and UDP port numbers From Wikipedia, the free encyclopedia This is a list of Internet socket port numbers used by protocols of the transport layer of the Internet Protocol Suite for the establishment of host-to-host connectivity. Originally, port numbers were used by the Network Control Program (NCP) in the ARPANET for which two ports were required for half- duplex transmission. Later, the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP) needed only one port for full- duplex, bidirectional traffic. The even-numbered ports were not used, and this resulted in some even numbers in the well-known port number /etc/services, a service name range being unassigned. The Stream Control Transmission Protocol database file on Unix-like operating (SCTP) and the Datagram Congestion Control Protocol (DCCP) also systems.[1][2][3][4] use port numbers. They usually use port numbers that match the services of the corresponding TCP or UDP implementation, if they exist. The Internet Assigned Numbers Authority (IANA) is responsible for maintaining the official assignments of port numbers for specific uses.[5] However, many unofficial uses of both well-known and registered port numbers occur in practice. Contents 1 Table legend 2 Well-known ports 3 Registered ports 4 Dynamic, private or ephemeral ports 5 See also 6 References 7 External links Table legend Official: Port is registered with IANA for the application.[5] Unofficial: Port is not registered with IANA for the application. Multiple use: Multiple applications are known to use this port. Well-known ports The port numbers in the range from 0 to 1023 are the well-known ports or system ports.[6] They are used by system processes that provide widely used types of network services.
    [Show full text]
  • Implementing TCP/IP
    4620-1 ch03.f.qc 10/28/99 11:56 AM Page 59 Chapter 3 Implementing TCP/IP In This Chapter ᮣ Defining TCP/IP ᮣ Microsoft’s implementation of TCP/IP ᮣ A detailed analysis of TCP ᮣ A detailed analysis of IP ᮣ Windows Sockets: a definition and the application ᮣ Three parts of Internet addressing: the IP address, subnet mask, and default gateway ᮣ Windows 2000 Server basic routing ave you ever wondered what the payoff was from years of US military Hexpenditures? Was it $200 wrenches and other doodads publicly highlighted by former Senator William Proxmire and his “Golden Fleece” awards? No, two of the great payoffs from the huge military buildup that have spanned generations are Transmission Control Protocol/Internet Protocol (TCP/IP) and the Internet itself. Not only has TCP/IP become a de facto standard for internetworking, it is also the default protocol for Windows 2000 Server. As I prepared this chapter, I promised myself that I wouldn’t drone on about the history of the Internet, Request for Comments (RFCs), and other historical hooey that has been covered in far too many books. In fact, I make two assumptions: First, that you are not a newbie — you know the definition of TCP/IP and have other thicker and more technical resources dedicated specifically to TCP/IP. And second, that perhaps like me, you have trouble sitting still when the going gets boring; if the presentation of TCP/IP (which can be very dry) isn’t exciting, you will drift away and miss the finer points about TCP/IP that are important to catch.
    [Show full text]
  • Network Time Protocol (Version 2) Specification and Implementation
    Network Working Group David L. Mills Request for Comments: 1119 University of Delaware Obsoletes: RFC-1059, RFC-958 September 1989 Network Time Protocol (Version 2) Specification and Implementation Status of this Memo This document describes the Network Time Protocol (NTP), specifies its formal structure and summarizes information useful for its implementation. NTP provides the mechanisms to synchronize time and coordinate time distribution in a large, diverse internet operating at rates from mundane to lightwave. It uses a returnable-time design in which a distributed subnet of time servers operating in a self-organizing, hierarchical-master-slave configuration synchronizes local clocks within the subnet and to national time standards via wire or radio. The servers can also redistribute reference time via local routing algorithms and time daemons. This is an Internet Standard Recommended Protocol. Distribution of this memo is unlimited. Keywords: network clock synchronization, standard time distribution, fault-tolerant architecture, maximum-likelihood estimation, disciplined oscillator, internet protocol, formal specification. Mills Page i RFC-1119 Network Time Protocol September 1989 Table of Contents 1. Introduction . 1 1.1. Related Technology . 2 2. System Architecture . 3 2.1. Implementation Model . 4 2.2. Network Configurations . 5 2.3. The NTP Timescale . 7 2.4. The NTP Calendar . 8 2.5. Time and Frequency Dissemination . 10 3. Network Time Protocol . 11 3.1. Data Formats . 11 3.2. State Variables and Parameters . 12 3.2.1. Common Variables . 12 3.2.2. System Variables . 14 3.2.3. Peer Variables . 16 3.2.4. Packet Variables . 17 3.2.5. Clock Filter Variables . 17 3.2.6.
    [Show full text]
  • List of TCP and UDP Port Numbers - Wikipedia, the Free Encyclopedia 08/31/2007 04:24 PM
    List of TCP and UDP port numbers - Wikipedia, the free encyclopedia 08/31/2007 04:24 PM List of TCP and UDP port numbers From Wikipedia, the free encyclopedia (Redirected from TCP and UDP port numbers) TCP and UDP are transport protocols used for communication between computers. The IANA is responsible for assigning port numbers to specific uses. Contents 1 Ranges 2 Port lists 2.1 Ports 0 to 1023 2.2 Ports 1024 to 49151 2.3 Ports 49152 to 65535 2.4 Multi cast Adresses 3 References 4 External links Ranges The port numbers are divided into three ranges. The Well Known Ports are those in the range 0–1023. On Unix-like operating systems, opening a port in this range to receive incoming connections requires administrative privileges or possessing of CAP_NET_BIND_SERVICE capability. The Registered Ports are those in the range 1024–49151. The Dynamic and/or Private Ports are those in the range 49152–65535. These ports are not used by any defined application. IANA does not enforce this; it is simply a set of recommended uses. Sometimes ports may be used for different applications or protocols than their official IANA designation. This misuse may, for example, be by a Trojan horse, or alternatively be by a commonly used program that didn't get an IANA registered port or port range. Port lists The tables below indicate a status with the following colors and tags: Official if the application and port combination is in the IANA list of port assignments (http://www.iana.org/assignments/port-numbers) ; Unofficial if the application and port combination is not in the IANA list of port assignments; and Conflict if the port is being used commonly for two applications or protocols.
    [Show full text]
  • Network Working Group J. Postel Request for Comments: 840 ISI April 1983
    Network Working Group J. Postel Request for Comments: 840 ISI April 1983 Official Protocols This RFC identifies the documents specifying the official protocols used in the Internet. Annotations identify any revisions or changes planned. To first order, the official protocols are those in the Internet Protocol Transition Workbook (IPTW) dated March 1982. There are several protocols in use that are not in the IPTW. A few of the protocols in the IPTW have been revised these are noted here. In particular, the mail protocols have been revised and issued as a volume titled "Internet Mail Protocols" dated November 1982. There is a volume of protocol related information called the Internet Protocol Implementers Guide (IPIG) dated August 1982. A few of the protocols (in particular the Telnet Options) have not been revised for many years, these are found in the old ARPANET Protocol Handbook (APH) dated January 1978. This document is organized as a sketchy outline. The entries are protocols (e.g., Transmission Control Protocol). In each entry there are notes on status, specification, comments, other references, dependencies, and contact. The status is one of: required, recommended, elective, or experimental. The specification identifies the protocol defining documents. The comments describe any differences from the specification or problems with the protocol. The other references identify documents that comment on or expand on the protocol. The dependencies indicate what other protocols are called upon by this protocol. The contact indicates a person
    [Show full text]
  • The Network Time Protocol David L
    1482 IEEE TRANSACTIONS ON COMMUNICATIONS, VOL. 39, NO. 10, OCTOBER 1991 Internet Time Synchronization: The Network Time Protocol David L. Mills, Member, IEEE Abstruct- This paper describes the network time protocol a similar number of gateways. In this paper the capitalized (NTP),which is designed to distribute time information in a large, Internet refers to this particular system, while the uncapitalized diverse internet system operating at speeds from mundane to internet refers to any generic system of multiple networks lightwave. It uses a symmetric architecture in which a distributed subnet of time servers operating in a self-organizing, hierarchical interconnected by gateways. While the Internet backbone configuration synchronizes local clocks within the subnet and networks and gateways are carefully engineered for good to national time standards via wire, radio, or calibrated atomic service, operating speeds, and service reliability vary consid- clock. The servers can also redistribute time information within erably throughout the system. This places severe demands a network via local routing algorithms and time daemons. on NTP, which must deliver accurate and reliable time in This paper also discusses the architecture, protocol and algo- rithms, which were developed over several years of implementa- spite of component failures, service disruptions and possibly tion refinement and resulted in the designation of NTP as an mis-engineered implementations. Internet Standard protocol. The NTP synchronization system, In the remainder of this introductory Section I, issues in which has been in regular operation in the Internet for the the requirements, approaches, and comparisons with previ- last several years, is described along with performance data ous work are discussed.
    [Show full text]
  • ECHO Through EXEC
    ECHO through EXEC • ECHO, page 3 • EDONKEY-STATIC, page 4 • EDONKEY, page 5 • EGP, page 6 • EIGRP, page 7 • ELCSD, page 8 • EMBL-NDT, page 9 • EMCON, page 10 • EMFIS-CNTL, page 11 • EMFIS-DATA, page 12 • ENCAP, page 13 • ENCRYPTED-BITTORRENT, page 14 • ENCRYPTED-EMULE, page 15 • ENTOMB, page 16 • ENTRUST-AAAS, page 17 • ENTRUST-AAMS, page 18 • ENTRUST-ASH, page 19 • ENTRUST-KMSH, page 20 • ENTRUST-SPS, page 21 • EPMAP, page 22 • ERPC, page 23 • ESCP-IP, page 24 • ESIGNAL, page 25 • ESPN-BROWSING, page 26 NBAR2 Protocol Pack 7.0.0 1 ECHO through EXEC • ESPN-VIDEO, page 27 • ESRO-EMSDP, page 28 • ESRO-GEN, page 29 • ETHERIP, page 30 • EUDORA-SET, page 31 • EXCHANGE, page 32 • EXEC, page 33 NBAR2 Protocol Pack 7.0.0 2 ECHO through EXEC ECHO ECHO Name/CLI Keyword echo Full Name Echo Protocol Description Echo is a protocol that is used for debugging and measurement. It works by sending back all the data that was received from the source. The protocol works on TCP and UDP, typically on port 7. Reference http://www.faqs.org/rfcs/rfc862.html Global ID L4:7 ID 101 Known Mappings UDP Port 7 TCP Port 7 IP Protocol - IP Version IPv4 Support Yes IPv6 Support Yes Application Group other Category net-admin Sub Category network-management P2P Technology No Encrypted No Tunnel No Underlying Protocols - NBAR2 Protocol Pack 7.0.0 3 ECHO through EXEC EDONKEY-STATIC EDONKEY-STATIC Name/CLI Keyword edonkey-static Full Name eDonkey Description eDonkey is peer-to-peer file sharing adopted to share large files.
    [Show full text]
  • Port Ranges Traffic Analysis
    Simon Owens Port Ranges • Ports 0 to 1023 are Well-Known Ports. • Ports 1024 to 49151 are Registered Ports (often registered by a software developer to designate a particular port for their application) • Ports 49152 to 65535 are Public Ports. Traffic Analysis - Wireshark Configure Name Resolution 1. Make a new profile 2. Make a “hosts” file with format “ip hostname” 3. Place that “hosts” file in the ~/.config/wireshark/configprofilename/ folder 4. open pcap file, select your configuration profile, and ensure “view>>name resolution>>resolve network/transport address names” is checked Configure Ports 1. Go to “Edit>>preferences>>columns” and add src and dst ports to the display Figuring out what multi-cast goes too 1. Fill out “hosts” and “services” file if you can 2. Click on various multi-cast products – generally the parameters will identify what the application is with a version or the company that made it. Query for Common Ports • tcp.dstport >= 0 and tcp.dstport <= 10000 || tftp || dns Saving off filters to make capture smaller 1. Apply a filter 2. Click “File>> Export Specified Packets” then save them to a file Search for Strings • Edit >> find packet Extracting files • file >> export objects Find Hashes • net-creds.py file.pcap Changing Parameters in the Packets Simon Owens • Port Scan Netdiscover -r <ip-range> make sure you know everything on network IP=insert mkdir $IP Masscan: • masscan -p0-65535 $IP --banners -oG $IP/masscan_$IP.grep Nmap: • Nmap -sV -T4 $IP -oN $IP/normalNmap.txt • nmap -v -sS -T4 -A --script=vuln --host-timeout 336h -p 0-65535 $IP -oA $IP/TCPscan_$IP • nmap -v -sU -T4 -A --script=vuln --host-timeout 336h -p 0-65535 $IP -oA $IP/UDPscan_$IP General Services: • 9/tcp - Discard o Discard Protocol - https://www.exploit-db.com/exploits/19555 The Discard Protocol is a service in the Internet Protocol Suite defined in RFC 863.
    [Show full text]
  • SWMME-3000 Series Modular Industrial Ethernet Switch (EN)
    SWMME-3000 Series Modular Industrial Ethernet Switch Performance Features ● Modular industrial switches with 3 slot modules of flexible configuration and high performance, and all modules support on-line upgrade ● Supporting Ethernet ring and multiple self-healing rings with the fail-over time in every node less than 5ms and the network self-healing time less than 50ms (typical value) ● Supporting IEC62439-2 based MRP ● Supporting IEC62439-3 based PRP, and HSR ● Any two ports can establish a self-healing ring and support multiple independent self-healing rings CXR SWMME series - the modular ● With function of data packet dropout protection and quick recover from network failure. industrial Ethernet switches provide multi-slots and ● Multi-Protocol L3 routing meets the requirement of many integrated forms including gigabit network, private network. content switching, PRP/HSR module. And all the ● Support various multicast protocols and strong safety protection mechanism modules support on-line upgrade. All modules in ● Provide bandwidth service with different levels in SWMME series are equipped with unified optical Ethernet service by speed limiting and traffic modules and software, forming a system that can shaping in QoS of layer 2 ● adapt to future develop-ment. With the unified Support function of the static and dynamic allocation as well as limitation of CPU and real-time monitor operation, the equipment can make better use of the key operating parameters, including CPU themselves. series adopt ardware-based utilization rate, RAM, supply voltage and mainboard SWMME h voltage. algorithm that ensures the fail-over time in every ● SWMME series have a full set of professional net- node less than 5ms and the network self-healing work management and monitoring and alarm system.
    [Show full text]