The Secret Language of the Internet: Common Protocols Explained

As I continue to learn about cybersecurity, I must know how to interact with various protocols that are the languages that computers use to communicate. Sending an email or securing a server, protocols define how data is transmitted, authenticated, and interpreted across networks. Understanding these protocols is not just academic knowledge; it's crucial for building robust, secure, and efficient applications and systems. So here are some of the common protocols.

Hypertext Transfer Protocol (HTTP)

HTTP is the foundation of data communication for the World Wide Web. It defines how clients (like web browsers) request and receive resources (like HTML pages, images, videos) from servers. The

• Use: Fetching web pages and other resources from web servers.
• port: By default, HTTP uses port 80
• purpose: communication between web browsers and servers.

Hypertext Transfer Protocol Secure (HTTPS)

HTTPS is the secure version of HTTP. It encrypts the communication between the client and the server using protocols like TLS/SSL, protecting data from eavesdropping and tampering.

• Use: Securely transmitting sensitive information like login credentials, financial data, and personal details over the web.
• port: By default, HTTP uses port 443
• purpose: Delivering web pages, APIs, and online services securely.

Dynamic Host Configuration Protocol (DHCP)

The Dynamic Host Configuration Protocol (DHCP) is a fundamental network protocol that automates the process of assigning IP addresses and other network configuration parameters to devices on a network. Without DHCP, a network administrator would have to manually assign a static IP address, subnet mask, default gateway, and DNS server to every single device—a task that is impractical and prone to errors, especially on large or frequently changing networks.

Internet Protocol (IP)

At the heart of the Internet lies the Internet Protocol (IP). It's responsible for addressing and routing packets of data across networks. Think of IP addresses as postal addresses for computers on a network, allowing data to find its destination.

• Use: Fundamental for internet communication, enabling data transfer between devices across different networks.

Transmission Control Protocol (TCP)

Built on top of IP, TCP provides reliable, ordered, and error-checked delivery of a stream of bytes between applications running on hosts communicating via an IP network. It establishes a connection before data transfer and ensures that all data arrives correctly and in the correct order.

• Use: Web browsing (HTTP/HTTPS), email (SMTP, POP3, IMAP), file transfer (FTP, SFTP), and many other applications requiring reliable data transmission.
• port: Multiple (layer-dependent).
• purpose: defines how data is packetized, addressed, transmitted, and routed.

User Datagram Protocol (UDP)

UDP is another core protocol that also sits on top of IP. Unlike TCP, UDP is connectionless and provides unreliable data transmission. It doesn't guarantee delivery, order, or error checking. This makes it faster but less reliable than TCP.

• Use: Applications where speed is critical and occasional data loss is acceptable, such as streaming video and audio, online gaming, and DNS lookups.

Domain Name System (DNS)

DNS translates human-readable domain names (like example.com) into IP addresses that computers understand. It acts as the internet's phonebook.

• Use: Resolving website names to their corresponding IP addresses, enabling users to access websites using memorable names.
• port: port 53
• purpose: Converts human-readable domains into IP addresses.

Simple Mail Transfer Protocol (SMTP)

SMTP is the standard protocol for sending emails between mail servers.

• Use: Sending email messages.
• port: port 25

Post Office Protocol version 3 (POP3)

POP3 is used by email clients to retrieve emails from a mail server. Typically, after downloading the emails, they are removed from the server.

• Use: Downloading emails from a mail server to a local email client.
• port: port 110 and 995

Internet Message Access Protocol (IMAP)

IMAP is another protocol used by email clients to access emails on a mail server. Unlike POP3, IMAP typically leaves the emails on the server, allowing users to access their emails from multiple devices.

• Use: Accessing and managing emails on a mail server, keeping emails synchronized across multiple devices.
• port: port 143 and 993

File Transfer Protocol (FTP)

FTP is a standard network protocol used for transferring files between a client and a server on a computer network.

• Use: Uploading and downloading files between computers.
• port: port 20 and 21

Secure File Transfer Protocol (SFTP)

SFTP is a secure version of FTP. It uses SSH (Secure Shell) to encrypt the data transfer, providing a more secure way to transfer files.

• Use: Securely transferring files between computers.
• port: port 22

Secure Shell (SSH)

SSH is a cryptographic network protocol for operating network services securely over an unsecured network. It provides a secure channel over an insecure network by using strong encryption.

• Use: Secure remote access to servers and other network devices, executing commands remotely, and secure file transfer (SFTP).
• port: port 22

The key to understanding why they share the same port is that SFTP (SSH File Transfer Protocol) is not a standalone protocol. It is a subsystem of the SSH (Secure Shell) protocol.

Telnet

Telnet is designed for remote connectivity. It establishes connections between a remote endpoint and a host machine to enable a remote session. Telnet prompts the user at the remote endpoint to log on. Once the user is authenticated, Telnet gives the endpoint access to network resources and data at the host computer.

Address Resolution Protocol (ARP)

Its primary job is to translate a logical address (an IP address) to a physical address (a MAC address) on a local network segment. When data is sent over a local network (like your home Wi-Fi or a corporate LAN), devices need to know the destination's physical address to deliver the data directly to the correct network interface card (NIC). While a packet is routed across the Internet using IP addresses, the final delivery within the local network requires the MAC address.

VPN Protocols (e.g., OpenVPN, IPsec, WireGuard)

Virtual Private Network (VPN) protocols create secure tunnels across a network, allowing users to send and receive data as if their computing devices were directly connected to a private network.

• Use: Creating secure and private connections over public networks, encrypting internet traffic, and accessing resources on private networks remotely.

Network Time Protocol (NTP)

NTP is used to synchronize the clocks of computer systems over packet-switched, variable-latency data networks. Accurate time synchronization is crucial for many security and logging mechanisms.

• Use: Synchronizing system clocks across a network.

Conclusion

This is just a glimpse into the vast world of network protocols. As my journey to be a cyber developer, a deep understanding of these protocols, their functionalities, and their potential vulnerabilities is needed. I am doing this blog to deepen my understanding of this subject and become a better developer. thanks for reading this. Hope to see you soon.