• Choose a category
• All
• Classic-Fiction

One of the key things to know when securing any network is that you are only running the protocols needed for operations. Make certain that antiquated protocols—those once needed but now no longer used are removed. If you do not, you are leaving an opening for an attacker to access your system through weaknesses in that protocol.

The Host-to-Host or Transport Layer

The Host-to-Host layer, also called the Transport layer, provides the Application layer with session and datagram communications services. The TCP and User Datagram Protocol (UDP) operate at this layer. These two protocols provide a huge part of the functionality of the TCP/IP network:

TCP TCP is responsible for providing a reliable one-to-one, connection-oriented session. TCP establishes a connection and ensures that the other end receives any packets. Two hosts communicate packet results to each other. TCP also makes sure that packets are decoded and sequenced properly. This connection is persistent during the session. When the session ends, the connection is broken.

UDP UDP provides an unreliable connectionless communication method between hosts. UDP protocol is considered a best-effort protocol, but it’s considerably faster than TCP. The sessions don’t establish a synchronized session like the kind used in TCP, and UDP doesn’t guarantee error-free communications. The primary purpose of UDP is to send small packets of information. The application is responsible for acknowledging the correct reception of the data.

The Internet Layer

The Internet layer is responsible for routing, IP addressing, and packaging. The Internet layer protocols accomplish most of the behind-the-scenes work in establishing the ability to exchange information between hosts. Here are the four standard protocols of the Internet layer:

Internet Protocol Internet Protocol (IP) is a routable protocol, and it’s responsible for IP addressing. IP also fragments and reassembles message packets. IP only routes information; it doesn’t verify it for accuracy. Accuracy checking is the responsibility of TCP. IP determines if a destination is known and, if so, routes the information to that destination. If the destination is unknown, IP sends the packet to the router, which sends it on.

Address Resolution Protocol Address Resolution Protocol (ARP) is responsible for resolving IP addresses to Network Interface layer addresses, including hardware addresses. ARP can resolve an IP address to a Media Access Control (MAC) address. MAC addresses are used to identify hardware network devices such as a network interface card (NIC).

You’ll notice the acronym MAC used a lot. It’s also used to identify Mandatory Access Control, which defines how access control operates in an authentication model. You’ll also see MAC used in cryptography, where it stands for Message Authentication Code. This MAC verifies that an algorithm is accurate.

Internet Control Message Protocol Internet Control Message Protocol (ICMP) provides maintenance and reporting functions. It’s used by the Ping program. When a user wants to test connectivity to another host, they can enter the PING command with the IP address, and the user’s system will test connectivity to the other host’s system. If connectivity is good, ICMP will return data to the originating host. ICMP will also report if a destination is unreachable. Routers and other network devices report path information between hosts with ICMP.

Internet Group Management Protocol Internet Group Management Protocol (IGMP) is responsible primarily for managing IP multicast groups. IP multicasts can send messages or packets to a specified group of hosts. This is different from a broadcast, which all users in a network receive.

The Network Interface Layer

The lowest level of the TCP/IP suite is the Network Interface layer. This layer is responsible for placing and removing packets on the physical network through communications with the network adapters in the host. This process allows TCP/IP to work with virtually any type of network