1.5 - Common Ports (conƟnued)
SIP - Session IniƟaƟon Protocol
• Voice over IP (VoIP) signaling
– tcp/5060 and tcp/5061
• Setup and manage VoIP sessions
– Call, ring, hang up
• Extend voice communicaƟon
– Video conferencing, instant messaging,
Įle transfer, etc.
SMB - Server Message Block
• Protocol used by MicrosoŌ Windows
– File sharing, printer sharing
– Also called CIFS (Common Internet File System)
• Direct over tcp/445 (NetBIOS-less)
• Direct SMB communicaƟon over TCP
LDAP/LDAPS
• LDAP (Lightweight Directory Access Protocol) - tcp/389
– Store and retrieve informaƟon in a network directory
• LDAPS (LDAP Secure) - tcp/636
– A non-standard implementaƟon of LDAP over SSL
– SƟll in use today
Databases
• MicrosoŌ SQL Server
– MS-SQL (MicrosoŌ Structured Query Language)
– tcp/1433
• Oracle SQL *Net
– Also called Oracle Net or Net8 - tcp/1521
• MySQL free and open-source database
– UlƟmately acquired by Oracle - tcp/3306
ARP
-
AddressResolu5onProtocol
ResolveIPaddresstoMAC
TCP
-
TransmissionControlProtocol
Connec5on-orientednetworkcommunica5on
UDP
-
UserDatagramProtocol
Connec5onlessnetworkcommunica5on
Telnet
tcp/23
Telecommunica5onNetwork
Remoteconsolelogintonetworkdevices
SSH
tcp/22
SecureShell
Encryptedconsolelogin
DNS
udp/3,tcp/3
DomainNameServices
ConvertdomainnamestoIPaddresses
SMTP
tcp/2
SimpleMailTransferProtocol
Transferemailbetweenmailservers
POP3
tcp/110
PostOfficeProtocolversion3
Receivemailintoamailclient
IMAP4
tcp/143
InternetMessageAccessProtocolv4
Anewermailclientprotocol
SFTP
tcp/22
SecureFileTransferProtocol
FTP
tcp/20,tcp/21
FileTransferProtocol
TFTP
udp/69
TrivialFileTransferProtocol
Averysimplefiletransferapplica5on
DHCP
udp/67,udp/68
DynamicHostConfigura5onProtocol
UpdatetoBOOTP
HTTP
tcp/80
HypertextTransferProtocol
Webservercommunica5on
HTTPS
tcp/443
HypertextTransferProtocolSecure
Webservercommunica5onwithencryp5on
SNMP
udp/161
SimpleNetworkManagementProtocol
Gathersta5s5csandmanagenetworkdevices
Syslog
udp/14
SystemLogging
Astandardformessagelogging
RDP
tcp/3389
RemoteDesktopProtocol
Graphicaldisplayofremotedevice
NTP
udp/123
NetworkTimeProtocol
Automa5callysynchronizeclocks
SIP
tcp/060-061
SessionIni5a5onProtocol
VoiceoverIPsignalingprotocol
SMB
tcp/44
ServerMessageBlock
FileandprintersharingforWindows
LDAP
tcp/389
LightweightDirectoryAccessProtocol
Directoryservices
LDAPS
tcp/636
LightweightDirectoryAccessProtocolSecure
DirectoryservicesoverSSL/TLS
MS-SQL
tcp/1433
Microso_SQLServer
Microso_’sstructuredquerylanguagedatabase
SQL*Net
tcp/121
OracleSQL*Net
OracleSQLservices
MySQL
tcp/3306
MySQLServer
© 2021 Messer Studios, LLC
EncryptedfiletransfersusingSSH
Sendsandreceivesfilesbetweensystems
Professor Messer’s CompTIA N10-008 Network+ Course Notes - Page 21
Oracle’sopen-sourceSQLservices
Ʃpwww.ProfeorMeer.com
1.5 - Other Useful Protocols
ICMP
• Internet Control Message Protocol
– “Text messaging” for your network devices
• Another protocol carried by IP
– Not used for data transfer
• Devices can request and reply
to administraƟve requests
– Hey, are you there? / Yes, I’m right here.
• Devices can send messages when things don’t go well
– That network you’re trying to reach
is not reachable from here
– Your Ɵme-to-live expired, just leƫng you know
GRE
• Generic RouƟng EncapsulaƟon
– The “tunnel” between two endpoints
• Encapsulate traĸc inside of IP
– Two endpoints appear to be directly
connected to each other
– No built-in encrypƟon
AH (AuthenƟcaƟon Header)
• Data integrity
• Origin authenƟcaƟon
• Replay aƩack protecƟon
• Keyed-hash mechanism
• No conĮdenƟality/encrypƟon
VPNs
• Virtual Private Networks
– Encrypted (private) data traversing a public network
• Concentrator
– EncrypƟon/decrypƟon access device
– OŌen integrated into a Įrewall
• Many deployment opƟons
– Specialized cryptographic hardware
– SoŌware-based opƟons available
• Used with client soŌware
– SomeƟmes built into the OS
IPSec (Internet Protocol Security)
• Security for OSI Layer 3
– AuthenƟcaƟon and encrypƟon for every packet
• ConĮdenƟality and integrity/anƟ-replay
– EncrypƟon and packet signing
• Very standardized
– Common to use mulƟ-vendor implementaƟons
• Two core IPSec protocols
– AuthenƟcaƟon Header (AH)
– EncapsulaƟon Security Payload (ESP)
IPPacketwithAuthen/ca/on(tunnelmode)
AH
Header
NewIPHeader
ESP (EncapsulaƟng Security Payload)
• Data conĮdenƟality (encrypƟon)
• Limited traĸc Ňow conĮdenƟality
• Data integrity
• AnƟ-replay protecƟon
Data
Authen/cated
IPsecDatagramwithESP(tunnelmode)
NewIPHeader
ESP
Header
IPHeader
ESP
Trailer
Data
Integrity
CheckValue
Encrypted
Authen;cated
IPsec Transport mode and Tunnel mode
AH and ESP
• Combine the data integrity of AH
with the conĮdenƟality of ESP
IPHeader
OriginalPacket
IPHeader
Data
IPsecDatagramwithAHandESP(transportmode)
IPHeader
AH
Header
ESP
Header
Data
ESP
Trailer
Integrity
CheckValue
Encrypted
Authen;cated
IPsecDatagramwithAHandESP(tunnelmode)
NewIPHeader
AH
Header
ESP
Header
IPHeader
Data
ESP
Trailer
Integrity
CheckValue
Encrypted
Authen;cated
© 2021 Messer Studios, LLC
Professor Messer’s CompTIA N10-008 Network+ Course Notes - Page 22
Ʃpwww.ProfeorMeer.com
1.6 - DHCP Overview
DHCP
The DHCP Process
• IPv4 address conĮguraƟon used to be manual
• Step 1: Discover - Client to DHCP Server
– IP address, subnet mask, gateway,
• Find all of the available DHCP Servers
DNS servers, NTP servers, etc.
• Step 2: Oīer - DHCP Server to client
• October 1993 - The bootstrap protocol - BOOTP
• Send some IP address opƟons to the client
• BOOTP didn’t automaƟcally deĮne everything
• Step 3: Request - Client to DHCP Server
– Some manual conĮguraƟons were sƟll required
• Client chooses an oīer and makes a formal request
– BOOTP also didn’t know when
• Step 4: Acknowledgement - DHCP Server to client
an IP address might be available again
• DHCP server sends an acknowledgement to the client
• Dynamic Host ConĮguraƟon Protocol
– IniƟally released in 1997, updated through the years
– Provides automaƟc address / IP conĮguraƟon for almost all devices
Managing DHCP in the enterprise
• Limited CommunicaƟon range
– Uses the IPv4 broadcast domain
– Stops at a router
• MulƟple servers needed for redundancy
– Across diīerent locaƟons
• Scalability is always an issue
– May not want (or need) to manage
– DHCP servers at every remote locaƟon
• You’re going to need a liƩle help(er)
– Send DHCP request across broadcast domains
1.6 - ConĮguring DHCP
Scope properƟes
• IP address range (and excluded addresses)
• Subnet mask
• Lease duraƟons
• Other scope opƟons
– DNS server, default gateway, WINS server
DHCP pools
• Grouping of IP addresses
– Each subnet has its own scope
– 192.168.1.0/24, 192.168.2.0/24, 192.168.3.0/24, etc.
• A scope is generally a single conƟguous pool of IP addresses
– DHCP excepƟons can be made inside of the scope
DHCP address assignment
• Dynamic assignment
– DHCP server has a big pool of addresses to give out
– Addresses are reclaimed aŌer a lease period
• AutomaƟc allocaƟon
– Similar to dynamic allocaƟon
– DHCP server keeps a list of past assignments
– You’ll always get the same IP address
• StaƟc assignment
– AdministraƟvely conĮgured table of MAC addresses
– Each MAC address has a matching IP address
– Other names - StaƟc DHCP Assignment, StaƟc DHCP,
Address ReservaƟon, IP ReservaƟon
© 2021 Messer Studios, LLC
DHCP leases
• Leasing your address
– It’s only temporary
– But it can seem permanent
• AllocaƟon
– Assigned a lease Ɵme by the DHCP server
– AdministraƟvely conĮgured
• ReallocaƟon
– Reboot your computer
– ConĮrms the lease
• WorkstaƟon can also manually release the IP address
– Moving to another subnet
DHCP renewal
• T1 Ɵmer
– Check in with the lending DHCP server
to renew the IP address
– 50% of the lease Ɵme (by default)
• T2 Ɵmer
– If the original DHCP server is down,
try rebinding with any DHCP server
– 87.5% of the lease Ɵme (7/8ths)
Professor Messer’s CompTIA N10-008 Network+ Course Notes - Page 23
Ʃpwww.ProfeorMeer.com
1.6 - ConĮguring DHCP (conƟnued)
DHCP Timers
Normal
Opera*on
Renewal
Period
Rebinding
Period
Normal
Opera*on
LeaseTime:8days
RenewalTimer(T1):4days(50%)
RebindingTimer(T2):7days(87.5%)
Renewal
Period
Rebinding
Period
Normal
Opera*on
Renewal
Period
Rebinding
Period
1.6 - An Overview of DNS
Domain Name System
• Translates human-readable names
into computer-readable IP addresses
– You only need to remember
www.ProfessorMesser.com
• Hierarchical
– Follow the path
• Distributed database
– Many DNS servers
– 13 root server clusters (over 1,000 actual servers)
– Hundreds of generic top-level domains (gTLDs) .com, .org, .net, etc.
– Over 275 country code top-level domains (ccTLDs) .us, .ca, .uk, etc.
The DNS hierarchy
.
.com
.net
.edu
Internal vs. External DNS
• Internal DNS - managed on internal servers
– ConĮgured and maintained by the local team
– Contains DNS informaƟon about internal devices
– DNS service on Windows Server
• External DNS
– OŌen Managed by a third-party
– Does not have internal device informaƟon
– Google DNS, Quad9
Lookups
• Forward lookup
– Provide the DNS server with an FQDN
– DNS server provides an IP address
• Reverse DNS
– Provide the DNS server with an IP address
– The DNS server provides an FQDN
.org
.professormesser
www
live
mail
trey
© 2021 Messer Studios, LLC
east
ka5e
west
ethan
Professor Messer’s CompTIA N10-008 Network+ Course Notes - Page 24
judy
Ʃpwww.ProfeorMeer.com