Domain 4 CISSP – Application Layer TCP/IP Protocols and Concepts
Domain 4 CISSP – The application layer sits at the top of the OSI model. It is the layer that allows users to interact with applications and where these applications can ac cess network services. Here we will cover the most common application layer protocols. These protocols mechanize a way for users to communicate and interact over a network and the world wide web.
Telnet
Telnet stands for the TELetype NETwork and uses port 23. Telnet is a protocol that was widely used in the past for accessing remote computer systems over the internet. It allows a user to log in to a remote system and access its command line interface as if they were sitting at the remote system’s keyboard. It is considered weak as it provides no confidentiality and integrity. SSH is the recommended replacement.
SSH
SSH (Secure Shell) is a secure network protocol used to remotely log into and execute commands on a computer. It’s commonly used to remotely access servers for management and maintenance purposes, but it can also be used for secure file transfers and tunneling network connections. SSH includes SFTP and SCP and can tunnel other protocols. It listens on port 22. SSHv1 was vulernabile to MiTM attacks so SSHv2 is now the recommended version.
FTP
FTP, or File Transfer Protocol, is a standard network protocol used for the transfer of files from one host to another over a TCP-based network, such as the Internet over port 21. It has no confidentiality or integrity.
TFTP
Trival file transfer protocol utilizes UDP on port 69 used for transfer of router configs or boostrapping via network by diskless workstations. It does not utilize authentication, confidentiality or integrity.
SMTP, POP, and IMAP
- SMTP – SMTP (Simple Mail Transfer Protocol) is a standard protocol for transmitting electronic mail (email) messages from one server to another. Listens on port 25
- POPv3 – Post Office Protocol (POP) is a computer networking protocol that is used for accessing and retrieves email from a remote mail server for access by the host machine. POP Uses TCP port 110
- IMAP – Internet message access protocol used for client server email access using TCP port 143
DNS
DNS stands for “Domain Name System,” and it is an essential component of the internet that translates domain names into IP addresses. Think of DNS as basically the phone book of the internet. A domain name is a human-readable string of characters, such as “google.com,” that can be easily remembered, while an IP address is a set of numbers and dots that computers use to communicate with each other over the internet. It listens on both TCP and UDP port 53, UDP for smaller lookups and TCP for larger answers such as zone transfer.
SNMP
Simple Network Management Protocol, as the name suggests, is primarily used to magage and monitor network devices. Utilizes UDP/161 to monitor bandwidth utilization, CPU temperature etc. SNMPv1 and v2 use read and write community does not provide authentication, integrity and confidentiality. SNMPv3 addresses all those issues and is encouraged.
Common Management Information Protocol (CMIP)
This protocol is used for getting management over the network system
HTTP and HTTPS
Hypertext Transfer Protocol (HTTP) uses TCP/80 for unencrypted web based data. HTTPS uses SSL/TLS and uses TCP/443
BOOTP
BOOTP is the bootstrap protocol used for bootstrapping via a network by diskless systems. BOOTP is used to determine the IP address and OS image name and then uses TFTP to download the OS.
DHCP
Dynamic Host Configuration Protocol was designed to replaced and improve BOOTP by adding additional features that allows more options such DNS servers, default gateways as well as assigns temporary leases to systems. Both protcols use UDP port 67 for serves and UDP port 68 for clients.
NFS
NFS protocol was developed by Sun Microsystems, in 1984, and it is distributed file system protocol that provides the access to user on client system for retrieving all files over the network system in the similar way.
XMPP
XMPP stands for “Extensible Messaging and Presence Protocol”, and it is an XML based messaging protocol. Main objective of XMPP is to allow the real time and scalable networking in between multiple devices and other things
RIP
RIP (Routing Information Protocol) is a distance-vector routing protocol that is used to distribute routing information within a network. It’s one of the earliest routing protocols developed for use in IP (Internet Protocol) networks, and it’s still widely used in small to medium-sized networks.
