Network

Protocols
By Cyber Force
HTTP / HTTPS
• Hypertext Transfer Protocol / Hypertext Transfer Protocol Secure.
• HTTP is the foundation of the worldwide web and is used to load web
pages, images, videos and other media using hypertext links.
• HTTP works by doing the following:
1) A client sends a request to the server
2) The server responds with the requested data
3) Information is exchanged as hypertext documents
• The primary concern related to HTTP is that data is transmitted in plain
text, allowing anyone with access to the network traffic the ability to read
it.
• HTTPS is a secure version of HTTP. In HTTPS data is encrypted, which
protects its privacy and integrity at the expense of certification costs and
potentially slower websites due to higher processing power requirements.
FTP
• File Transfer Protocol
• Used for transmitting files between computers over TCP/IP
connections, an application level protocol.
• Use cases include, backups and large data transfer
• Security concerns Include, data being sent in clear text, no encryption
of traffic, anonymous entry to FTP servers, vulnerable to brute force
attacks, port stealing
• Secure versions include FTPS,FTPES and SFPT (which technically isn't a
protocol but a subset of the SSH protocol), these protocol add
encryption of data in transit and authentication the standard FTP
protocol.
DHCP (Dynamic host configuration
protocol)
DHCP is simply a network management protocol that assigns an IP address to a new device.
There are some benefits of using DHCP protocol such as :
- Dedicated IP address : DHCP minimizes errors , as it will automatically assign different IP addresses to all the devices
preventing conflict between devices over IP address
- Automatic IP address management and change management: For an Admin to manually assign and withdraw IP
addresses can be hard when there are multiple devices on the network and DHCP is helpful as it automates all this.
In case the business wanted to change IP addressing scheme from one range to another, Admin will just need to
configure the DHCP protocol with the new requirements.

DHCP components:
- DHCP Server : Here all the IP addresses and configuration information are stored
- DHCP Client : device that is requesting the IP
- IP address pool : all the IP addresses available to assign
- Subnet : IP addresses partitioned into small segments
DNS – Domain Name
System
• Protocol that allows us to use human readable
names instead of memorizing IP addresses.
• e.g. street address is used to find a particular home
• DNS maps out the domain names for searched IP
addresses and if that IP address doesn't exist then
it is presented as an error in the web browser

DNS Recursor – receives queries from users
machines through applications. Then make
additional requests if required.
Root Nameserver – first step in translating
human readable names into IP addresses.
TLD Nameserver – stores information
on all domain names that share a common
extension (e.g. '.com')
Authoritative Nameserver – Returns the IP
address for the requested record.
SMTP – Simple Mail Transfer Protocol
• Is a standard communication protocol used to send or relay messages over the
internet. It is part of the application layer of the TCP/IP Suite and serves as the
backbone of email delivery.
• What does SMTP do
• Sending Emails
• Relaying Emails
• Error Handling
• Security Concerns/Shortcomings related to SMTP includes Lack of encryption, No
sender authentication , Relay Abuse , Lack of integrity verification and Man-in-the-
middle Attacks.
• Man-in-the-middle Attacks (MITM) - Without encryption, attackers can intercept and
alter emails during transmission, injecting malicious links and content.
• SMTP Secure version or alternative protocol is the End-to-End Encryption Protocols
designed to secure the content of emails from sender to recipent , even if intercepted
during transit.
 SSL
• Secure Sockets Layer (SSL) is a protocol that encrypts information and
authenticates members of a network:
• Encryption: SSL encrypts information so that anyone who tries to gain it will only
see a jumble of characters that's almost impossible to decrypt.
• Authentication: SSL uses a handshake process to check that both devices are
who they claim to be.
• Data integrity: SSL digitally signs information to ensure that it hasn't been
changed.
• SSL was developed by Netscape in 1995, but it's been largely replaced by the
updated Transport Layer Security (TLS) protocol. However, "SSL" is still a common
term for this technology.
• SSL vs TLS:
• SSL 3.0 was not popular due to security weaknesses, and TLS 1.0 and TLS 1.1 are
also considered weak. TLS 1.2 is widely used and offers strong security, while TLS
1.3 is the latest version and is considered more secure and efficient.
• Cyberattack around SSL protocol:
• An SSL stripping attack is done via a man-in-the-middle (MitM) attack. By
inserting themself into the middle of the connection between a client and a
webserver, an attacker can control the information that reaches the user or other
way around. Once there, the attacker can filter the packets sent between the
client and the server.

ThePhoto by PhotoAuthor is licensed under CCYYSA.