A protocol is a set of standards for communication between network hosts. Protocols often provide services, such as e-mail or file transfer. Most protocols are not intended to be used alone, but instead rely on and interact with other dependent or complimentary protocols. A group of protocols that is intended to be used together is called a protocol suite.
The following table lists several major protocols.
|Transmission Control Protocol (TCP)||TCP provides services that ensure accurate and timely delivery of network communications between two hosts. TCP is a layer 4 (Transport layer) protocol. TCP is connection-orientedwhich means that it provides a guaranteed delivery of data between hosts through the following services:
The TCP three-way handshake is the process used to establish a TCP session. The steps to a TCP three-way handshake process are:
|User Datagram Protocol (UDP)||UDP is a host-to-host protocol like TCP. However, UDP is connectionless, which means that it does not include mechanisms for ensuring timely and accurate delivery, but uses a best effort delivery. Because it has less overhead, it offers fast communications, but at the expense of possible errors or data loss.|
|Internet Protocol (IP)||IP is a layer 3 protocol that is connectionless and relies on upper layer protocols like TCP to ensure delivery and connection orientation.|
|Internetwork Packet Exchange (IPX)||IPX is an older protocol used with older Novell networks. IPX has been replaced with TCP/IP in newer versions of NetWare. Unless you are running a version of NetWare that does not support TCP/IP, or are using applications that rely on IPX, you should disable IPX to eliminate attacks against IPX on your network.|
|Network Basic Input/Output System (NetBIOS)||NetBIOS is the term used to describe the combination of two protocols: NetBEUI and NetBIOS. Because NetBIOS is a non-routable protocol, it was often combined with TCP/IP or IPX/SPX to enable internetwork communications.
|Internet Control Message Protocol (ICMP)||ICMP is commonly used for troubleshooting and information gathering. ICMP works closely with IP in providing error and control information, and by allowing hosts to exchange packet status information which helps move the packets through the internetwork. Two common management utilities use ICMP messages to check network connectivity.
ICMP also works with IP to send notices when destinations are unreachable and when devices' buffers overflow. ICMP messages are used to determine the route and hops packets take through the network and whether devices can communicate across the network.
|Address Resolution Protocol (ARP)||ARP provides IP address-to-MAC address name address resolution. Using ARP, a host that knows the IP address of a host can discover the corresponding MAC address.|
|Domain Name System (DNS)||DNS is a hierarchical, distributed database that maps logical host names to IP addresses. For example, the name www.mydomain.com would be identified with a specific IP address. When you use the host name of a computer (for example if you type a URL such as www.mydomain.com), your computer uses the following process to find the IP address.
|SNMP||SNMP is a protocol designed for managing complex networks. SNMP lets network hosts exchange configuration and status information. This information can be gathered by management software and used to monitor and manage the network. SNMP uses the following components:
Note: Running an antiquated protocol, such as NetBIOS or IPX/SPX, on a system opens the system to attack. Unless there is a critical reason, disable any unnecessary protocols on network devices.