FIT projectCommon protocols

used in day-to-day life in communication..

By,N. Ajay Raghavender,

Sree Harsha Bandlamudi,Arunan…

WHAT IS A PROTOCOL?A protocol defines a common set of rules used by network computers to share data

and communicate.Two computers must use a common

protocol to be able to communicate with each other.

In the same way, two or more computers must use a set of rules for communicating

effectively with each other.

TYPES OF PROTOCOL.• HTTP(Hyper Text

Transfer Protocol)• HTTPS(Hyper Text

Transfer Protocol Secure)

• FTP(File Transfer Protocol)

• SMTP(Simple Mail Transfer Protocol)

• TELNET

THERE ARE MANY

TYPES OF PROTOCOL

BUT THE COMMONLY USED ONE

ARE:

Basic requirements for protocols.

• Data formats for data exchange.• Address formats for data

exchange.• Address mapping.

• Routing.• Detection of transmission errors.• Direction of information flow .• Sequence control,etc… .

Hyper Text Transfer Protocol.(HTTP)

The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information

systems.HTTP is the foundation of data

communication for the World Wide Web.Hypertext is structured text that uses

logical links (hyperlinks) between nodes containing text.

HTTP is the protocol to exchange or transfer hypertext.

HISTORY OF HTTP. The term hypertext was coined

by Ted Nelson in 1965 in the Xanadu Project, which was in turn inspired

by Vanneva Bush's vision (1930s) of the microfilm-based information

retrieval and management "memex" system described in his essay As We

May Think (1945).The first documented version of

HTTP was HTTP V0.9 (1991). RFC 1945 officially introduced

and recognized HTTP V1.0 in 1996.

How an HTTP Works?An HTTP session is a sequence of

network request-response transactions.

An HTTP client initiates a request by establishing a Transmission Control

Protocol (TCP) connection to a particular port on a server (typically

port 80, occasionally port 8080).An HTTP server listening on that port waits for a client's request message.

Access to HTTP or HTTP Authentication.

HTTP provides multiple authentication schemes such as Basic access authentication and Digest

access authentication which operate via a challenge-response mechanism whereby the

server identifies and issues a challenge before serving the requested content.

HTTP provides a general framework for access control and authentication, via an

extensible set of challenge-response authentication schemes, which can be used by a server to challenge a client request and

by a client to provide authentication information

Request Methods in HTTP.

Some of the common request methods in HTTP are:

GET HEAD POST PUT

DELETE TRACE

CONNECT PATCH, ETC…

Hypertext Transfer Protocol Secure. (HTTPS).

HTTPS  is a protocol for secure communication over a computer network which is widely used on

the Internet.

 HTTPS consists of communication over Hypertext Transfer Protocol (HTTP) within a connection encrypted by Transport Layer Security or its

predecessor, Secure Sockets Layer.

The main motivation for HTTPS is authentication of the visited website and protection of

the privacy and integrity of the exchanged data.

History of HTTPS. Netscape

Communications created HTTPS in 1994 for

its Netscape Navigator web browser.

Originally,HTTPS was used with the SSL protocol. As SSL evolved into Transport Layer Security (TLS), the current version of HTTPS was formally specified by RFC 2818 in May 2000.

What is the Difference between HTTP & HTTPS.

HTTP is not encrypted and is vulnerable to man-in-the-middle and

eavesdropping attacks, which can let attackers gain access to website accounts and sensitive information,

and modify webpages to inject malware or advertisements.

HTTPS is designed to withstand such attacks and is considered secure against them (with the exception of older, deprecated

versions of SSL).

Limitations of HTTPS.SSL/TLS comes in two options, simple and mutual. The mutual

version is more secure, but requires the user to install a personal client certificate into their web browser in order to authenticate themselves.

Whatever strategy is used (simple or mutual), the level of protection

strongly depends on the correctness of the implementation of the web browser and the server software

and the actual cryptographic algorithms supported.

File Transfer Protocol (FTP).

The File Transfer Protocol (FTP) is a standard network

protocol used to transfer computer

files between a client and server on a computer network.

FTP is built on a client-server model architecture and uses

separate control and data connections between the client

and the server.  FTP is

often secured with SSL/TLS (FTPS).

History of FTP.The original specification for the

File Transfer Protocol was written by Abhay Bhushan and

published as RFC 114 on 16 April 1971. Until 1980, FTP ran

on NCP, the predecessor of TCP/IP.

The protocol was later replaced by a TCP/IP version, RFC 765 (June 1980) and RFC

959 (October 1985), the current specification.

Security in FTP.FTP was not designed to be a secure protocol,

and has many security weaknesses.In May 1999, the authors of RFC 2577 listed a

vulnerability to the following problems:• Brute force attack• FTP bounce attack• Packet capture• Port stealing

• Spoofing attack• Username protection

Commands in FTP(some).

Command RFC Description

ABOR Abort an active file transfer.

ACCT Account information.

ADAT RFC 2228 Authentication/Security Data

ALLO Allocate sufficient disk space to receive a file.

APPE Append.

AUTH RFC 2228 Authentication/Security Mechanism

CCC RFC 2228 Clear Command Channel

CDUP Change to Parent Directory.

CONF RFC 2228 Confidentiality Protection Command

Simple Mail Transfer Protocol(SMTP).Simple Mail Transfer

Protocol (SMTP) is an Internet standard for electronic

mail (email) transmission.

First defined by RFC 821 in 1982, it was last updated in

2008 with the Extended SMTP additions by RFC 5321 —

which is the protocol in widespread use today.

History of SMTP. Various forms of one-to-

one electronic messaging were used in the 1960s. People communicated

with one another using systems developed for

specific mainframe computers. As more computers were

interconnected, especially in the US Government's ARPANET, standards were developed to allow users of

different systems to email one another.

SMTP grew out of these standards developed during the 1970s.

How is the mail processed in SMTP? (model).

Email is submitted by a mail client (MUA, mail user agent) to

a mail server (MSA, mail submission agent) using SMTP

on TCP port 587.Most mailbox providers still allow submission on traditional port 25. From there, the MSA delivers the mail to its mail transfer agent (MTA, mail

transfer agent).Each process is an MTA in its

own right; that is, an SMTP server.

Commands in SMTP. MAIL command, to establish the return

address

RCPT command, to establish a recipient of this message

DATA to signal the beginning of the message text; the content of the message, as opposed to its envelope

TELNET• Telnet is an application layer protocol

used on the Internet or local area networks to provide a bidirectional

interactive text-oriented communication facility using a

virtual terminal connection.• The term telnet is also used to refer to

the software that implements the client part of the protocol.

• Telnet client applications are available for virtually all computer platforms.

History of TELNET.Telnet is a client-server protocol, based on a reliable connection-oriented transport.

Typically, this protocol is used to establish a connection to Transmission Control

Protocol(TCP) port number 23, where a Telnet server application is listening.

Telnet is best understood in the context of a user with a simple terminal using the local

Telnet program (known as the client program) to run a logon session on a remote computer where the user's communications needs are

handled by a Telnet server program.

Security in TELNET.Telnet, by default, does

not encrypt any data sent over the connection (including

passwords). So it is often feasible to

eavesdrop on the communications and use the password later for malicious purposes; anybody who has

access to a router, switch, hub or gateway

 located on the network between the two hosts.

Several vulnerabilities have been discovered over the years

in commonly used Telnet daemons.

List of various Protocols.WIFI/WIMAX Protocols

Bluetooth protocol

Fibre Channel network protocolsYahoo! Messenger, underlying protocol used by the Yahoo messengerRTPS protocol, an interoperability protocolSSH Secure Shell

HOPE THIS SESSION WAS INFORMATIVE

AND USEFUL….