2 cissp ® Official Study Guide Eighth Edition

Transport Layer Protocols

Download 19,3 Mb.

Pdf ko'rish

bet	426/881
Sana	08.04.2023
Hajmi	19,3 Mb.
	#925879

1 ... 422 423 424 425 426 427 428 429 ... 881

Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Transport Layer Protocols
The two primary Transport layer protocols of TCP/IP are TCP and UDP.
Transmission
Control Protocol (TCP)
is a full-duplex connection-oriented protocol, whereas
User
Datagram Protocol (UDP)
is a simplex connectionless protocol. When a communication
connection is established between two systems, it is done using ports. TCP and UDP each
have 65,536 ports. Since port numbers are 16-digit binary numbers, the total number of
ports is 2^16, or 65,536, numbered from 0 through 65,535. A port is little more than an
address number that both ends of the communication link agree to use when transferring
data within the Transport layer. Ports allow a single IP address to be able to support mul-
tiple simultaneous communications, each using a different port number. The combination
of an IP address and a port number is known as a
socket
.
The first 1,024 of these ports (0–1,023) are called the
well-known ports
or the
service
ports
. This is because they have standardized assignments as to the services they support.
For example, port 80 is the standard port for web (HTTP) traffic, port 23 is the standard
port for Telnet, and port 25 is the standard port for SMTP. These ports are reserved for
use exclusively by servers (in other words, they cannot be used as the source port by a

454
Chapter 11
■
Secure Network Architecture and Securing Network Components
requesting client). You can find a list of ports worth knowing for the exam in the section
“Common Application Layer Protocols” later in this chapter.
Ports 1,024 to 49151 are known as the
registered software ports
. These are ports
that have one or more networking software products specifically registered with the
International Assigned Numbers Authority (IANA,
www.iana.org
) in order to provide a
standardized port-numbering system for clients attempting to connect to their products.
Ports 49152 to 65535 are known as the
random, dynamic, or ephemeral ports
because they
are often used randomly and temporarily by clients as a source port. These random ports are
also used by several networking services when negotiating a data transfer pipeline between cli-
ent and server outside the initial service or registered ports, such as performed by common FTP.
Port Numbers
The IANA recommends that ports 49152 to 65535 be used as dynamic and/or private
ports. However, not all OSs abide by this. A site that has a list of examples of the vari-
ous ranges used by OSs for random source ports is
https://www.cymru.com/jtk/misc/
ephemeralports.html
. The key is that other than the lower 0-1,023 ports being reserved
for server use only, any other port can be used as a client source port as long as it is not
already in use on that local system.
Transmission Control Protocol (TCP) operates at layer 4 (the Transport layer) of the OSI
model. It supports full-duplex communications, is connection oriented, and employs reli-
able sessions. TCP is connection oriented because it employs a handshake process between
two systems to establish a communication session. Upon completion of this handshake pro-
cess, a communication session that can support data transmission between the client and
server is established. The three-way handshake process (Figure 11.7) is as follows:

Download 19,3 Mb.

Do'stlaringiz bilan baham:

1 ... 422 423 424 425 426 427 428 429 ... 881