Guide to TCP/IP and other protocols
Results 1 to 4 of 4

Thread: Guide to TCP/IP and other protocols

  1. #1
    Junior Member
    Join Date
    Sep 2003
    Posts
    11

    Guide to TCP/IP and other protocols

    Guide to TCP-IP and other protocols
    ------------------
    by OkIDaN


    As I promised, here is the tcp-ip tutorial, explaining most important protocols. Generally for newbies.

    =======

    So, you are new to the virtual world, or perhaps your not. You still amazed how large texts, video material, music, and such are being trasferred through a tiny line? This processes are handled with protocols, as all of you have got implemented TCP/IP stacks on your computers. Transmisson control protocol and internet protocol are responsible for all these trasmissions. The shortest explanation of what TCP/IP does, is that it does everything you can't see when you browse the net or send files. It is very integrated with The Internet. These protocols were developed in the late 60s and after years they became the stadard, which we still use now. Beacuse it is very well structured, and I bet this standard will not change for many decades... In early 80s, RFCs (request for comments; TCP is RFC:793) started to be published. This comments explained all the aspects of protocols, covered by the pioneers of this field. And these coments are still being issued these days, as new protocols are being designed. You can find those RFCs on the internet, but my opinion is that its not for newbies in computer world, but VERY useful for advanced users, which follow the architecture of protocols in the RFCs to design clients, tools, etc. Like the famous mIRC is client to handle the IRC protocol (RFC:1459 and 2810). Ok enough said about it.

    --The TCP (transmission control protocol):
    Do you know what happens when you press the "send" button after writing a message on your email client? TCP packs and checks all your data which is passed from your applicaton to it, creates data chunk of your message/data, puts a header(also containing information) in front of the data chunk and sends it to the IP (internet protocol) which then...

    --The IP (internet protocol):
    This protocol is responsible for transfering the data chunks that came from the TCP all over the network/internet to your destination.

    --UDP (user datagram protocol):
    This is much like the TCP, but never creates a full connection to the server (client). This is connectionless service.

    FTP, SMTP, Telnet are connection based protocols, which work with TCP. Protocols like TFTP, RPC are connectionless so they work with UDP. Ok, dont worry, i will explain all these protocols later.
    So, you already know what differs TCP from IP. I will repeat, TCP is responsible for correction (denial, approval) and transmission of data chunks that it makes from ordinary data strings, transmission between applications (ie clients) and the IP. IP is reponsible for finding out the destination address (ARP - address resolution protocol; RARP - reverse ARP), and delivering the data chunks generated earlier from TCP to the destination. If its still not clear, assume a restaurant, a cook, that prepares the meal and gives it to waiter is the TCP, and the waiter that finds you and delivers the meal to you is IP.
    Now when you have some understanding of tcp/ip, i will pass on to the protocols that use tcp and udp for remote(or lan) connections.

    --FTP (file transfer protocol):
    This is the one that transfers files or gets files from the remote computer. It functions on port 21. FTP is not like telnet, it doesnt make you remote login, you cant execute files on the remote machine, just transfer files. You can connect to a computer that uses the ftp service (daemon). How you can communicate using FTP? oh, there are lots of tutorials on ftp, covering every aspect of it. I will just show some commands you can use while connected or trying to get connected to the server. Server - that is the host, runs the ftp service. When you connect it usually displays information(banner) about the ftp service running, just like this - WuFTPd ver 1.0. These commands are handled by the server:
    >USER {your username} - this is the username part of authentication. Yes most of the ftp services on the net now are not for public use, they are for a limited group.
    >PASS {your password} - yeah, you guessed, this is the password part of authentication has to be entered after the username(if the username is accepted).
    >RETR {file} - to get a copy of some file from the server.
    >CWD - change the directory (like cd in unix and windows)
    >PWD - print out the current directory name(path)
    >STOR - upload and store a file
    >CDUP - go to parent directory
    >HELP - the most useful command
    There are other comands like SYST which gives the system information, RMD and DELE which are for deleting a directory and a file, respectively.
    If the FTP supports annonymous login, you can enter with limited privileges. Just type "anonymous" or "guest" or what the daemon wants for the username and then an email address for the password. With anonymous login you cant give most of the commands. These are commands that are (firstly) handled byt the user's ftp:
    >ascii - set the transfer to ascii mode, to trasfer texts and everything except binary files (ie executables; computer's own code).
    >binary - set transfer to binary mode.
    >lcd - change directory on the users comp
    >get - download a file from the server
    >put - upload a file to the server
    >mget - download several files
    >mput - upload several files
    >open - make a connection to the following server
    >close - close connection
    >del - delete a file on the server
    >quit - end ftp session
    FTP is RFC:0959

    --SMTP (simple mail transfer protocol):
    This protocol is responsible for electronic mail management and uses tcp port number 25. If a computer has enabled SMTP service you can connect to it via port 25, and send email to almost anyone. That is exactly what your email client does (with the help of tcp and ip). These are most common commands:
    >HELP
    >HELO {your hostname} - you have to send this info before you start writing email, you can also send fake hostname.
    >MAIL from: {your email address} - often just mail, without from. Its obviuos. Again you can fake the address usually.
    >RCPT TO: {dest email address} - often just RCPT. This is your recipient.
    >DATA - afte these command you start to type text you want to send and finish it with a dot (.) in a line.
    >QUIT - end the connection
    SMTP is RFC:2821

    --HTTP (HyperText transfer protocol):
    This protocol is responsible for transfering files, especially "hypertext", the HTML files. HTTP usually uses port 80 for communication. You can retrieve and sometimes upload files from the server using the http service. This protocol is used to deliver the webpages and other stuff to you when you browse the net. You can manually connect to port 80 on any computer running the http service and use these commands that your browser actually uses, when you just press the links:
    >GET {URL} {HTTP version} - this is exactly what your browser does when you click on a link. It requests the URL hidden under that link. Similar to ftp get command. For example, "GET index.html HTTP/1.1". Two newlines (newline - "\n" - enter(return) button) must follow this command, press enter 2 times.
    >HEAD {URL} - well, this is identical to get command, except in response server doesn't send you the body of your request. Server sends back only headers, and these headers are identical to the headers that come after the get command. This one is for checking the validity of links and files, and sometimes checking for updates.
    >POST - this command is used to post a message to a bulletin board, newsgroup, mailing list etc. With post you can also send data to the cgi scripts, exactly what forms on websites do; and append a record to a database.
    >PUT - it is identical to ftp put command. You have to show the filename on your comp and the URL where you want it to be stored. This commands overwrites if the URL already exists. This is how the upload service on sme sites work. Retricted almost everywhere.
    >CONNECT - this one is to use a proxy as a tunnel for your http transfers.
    >DELETE - obvious; restricted at almost every website.
    HTTP is RFC:2616

    --Telnet:
    This is very similar to remote login (rlogin on unix). You log in to the computer and can use all their stuff, as if it is your own. Telnet is used on TCP port 23. What differs it from rlogin is that majority of telnet service providers dont give any access to important areas of the computers, and most of them have special programs installed to control port 23, and are for informational purposes. For ex, you can login to port 23 on a machine that uses it for listing and finding of library books. You login and just browse the "shelves". In these days there are few computers which provide full remote access, and those are strictly password protected. Most of the telnet servers are now related to library, chess and MUD games.

    There are many protocols that use TCP for their purposes, these were only some of the most used ones. As I said UDP differs from TCP with its connectionless communications. Here is an example of a protocol that uses UDP:
    --TFTP (trivial file transfer protocol):
    It is a very simple protocol for transferring files across the network and internet. TFTP uses TCP (TCP is not used though) port 69 for its communication, and never logs into the server. It is very small in size. TFTP communication fails if any error occurs, as it can't handle the errors, and mostly without error messages. TFTP commands: connect, get, put, binary, verbose (display every info).
    TFTP is RFC:783

    There are clients for all the above protocols. These clients know how to use the services. For example when you press upload button on your FTP client, it sends STOR {the file you have chosen} to the server. I strongly advice to connect to remote ports and practice giving commands and other stuff yourself, manually. Especially the help command. And study the outputs. Learn programming and start using sockets. If you find any difficulties communicating, refer to RFCs.

    Remeber, TCP/UDP/IP are protocols, the way things work, not software. If a new protocol like some OkIP is released you dont need to install it, you will just use it. Only once the TCP layer is installed on your comp, that is when the comp is produced. But of course if the TCP/IP loses its certification as a standard (what i doubt) and some OkIP/DaNP becomes the approved standard you'll have to renew your computer.

    Before communicating with IP, the TCP creates PDUs (protocol data units). Consider PDU as a chunk of data, where segments of the data are bind to each other in some way; there is a beginning sign in front of the chunk, and an ending sign at the back. The same thing about IP. To form the IP datagram it sorts the data and other info in some manner. I wont explain all the segments of IP or TCP datagrams. Firstly because its a little bit complex and definitely not newbie material. And the other reason is that Im just too lazy for it. I can just say that all the info, the size of packet, the TTL (time to live), type of packet, the destination address are bind to each other to form a data chunk. If you want to know everything about the datagrams and the headers I refer you to "Teach Yourself TCP-IP in 14 days" (by Tim Parker i guess). In my opinion this is the best book ever written on the topic. I referred to it at some points to remind some forgotten things, while writing this tutorial.

    While the IP datagram passes to ethernet (or lan) the ethernet adds its own header to the beginning of data block. This process is called encapsulation. The added header contains the physical address of the destination computer, whereas the IP header following it contains the ip address. So thiswise, after passing the datagram through internet to the lan's main gateway computer (which has access to the internet and provides it to other machines on the lan) the gateway determines the physical address of the destination machine from the IP address in the data block. Ok, each device on the lan has its own physical addres represented with "48 bits". And the solution of determining is done by the ARP (address resolution protocol). Yet another protocol. For the sake of simplicity ill tell that ARP has a list(table) of physical addresses of all computers on its network and the ip addresses of them in front of it. So, when the gateway gets a data packet from outside, and is not the destination itself, it sends the data block to its ARP which finds the physical address corresponding to ip address that it extracted from the data block. And after that the computer sends it to the destination.

    ---

    Well, as you have noticed I havent covered all the topics here. These are just the basics of comp-to-comp communicating (the TCP/IP). I hope this tutorial helped you improve your knowledge in this field. Comments go to: okidan@yandex.ru or MSN: okidan_nadiko@yahoo.com.
    If one day cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl.

  2. #2
    Senior Member
    Join Date
    Nov 2001
    Posts
    1,255

    Re: Guide to TCP/IP and other protocols

    Some corrections/criticism:
    Originally posted here by OkIDaN
    Guide to TCP-IP and other protocols
    Considering you discuss UDP, which is an alternate protocol to TCP, a rewording of the title and the introduction paragraph might be in order. Something like say, "IP Protocols: TCP and UDP and various application protocols explored".

    Do you know what happens when you press the "send" button after writing a message on your email client? TCP packs and checks all your data which is passed from your applicaton to it, creates data chunk of your message/data, puts a header(also containing information) in front of the data chunk and sends it to the IP (internet protocol) which then.
    This is really mostly done by the network stack of the operating system. TCP is just a protocol, it doesn't actively do anything but is rather a blueprint for intercommunication.

    IP is reponsible for finding out the destination address (ARP - address resolution protocol; RARP - reverse ARP), and delivering the data chunks generated earlier from TCP to the destination. If its still not clear, assume a restaurant, a cook, that prepares the meal and gives it to waiter is the TCP, and the waiter that finds you and delivers the meal to you is IP.
    The example isn't quite correct. TCP is the way the information is arranged on the dish (think of a ritzy restaurant), and IP is the information on which table the dish should be going to. In your example, the cook would be the sending application, the waiter would be the intervening network.

    This protocol is responsible for electronic mail management and uses tcp port number 25. If a computer has enabled SMTP service you can connect to it via port 25, and send email to almost anyone.
    This is only accurate in circumstances where the SMTP server is poorly configured or intentionally misconfigured.

    This protocol is responsible for transfering files, especially "hypertext", the HTML files.
    In its original implementation yes, although now by and large it serves up all kinda of files.

    You log in to the computer and can use all their stuff, as if it is your own. Telnet is used on TCP port 25.
    This is incorrect. Telnet is traditionally (and by default) run off TCP port 23.

    I did like that you included the RFC codes at the end of each protocol section, a nice touch, and a lot of it is well written and accurate (with the exceptions I mention above). I also think it could have used a bit of formatting.
    Chris Shepherd
    The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
    \"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
    Is your whole family retarded, or did they just catch it from you?

  3. #3
    Junior Member
    Join Date
    Sep 2003
    Posts
    11
    thanks for your comments chsh!
    BTW im not writing this tut for some kind of network standards book, so the things you touched are not really necessary, since it is a guide. But anyway, your post is better than no comments. And telnet port is just a typo i corrected it.
    If one day cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl.

  4. #4
    Junior Member
    Join Date
    May 2004
    Posts
    9
    hi okidan
    i read ur tutorial and cant leave with out appreciating the effort u have put in.

    love
    zid

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides