Internet protocol analysis/Application layer

From Wikiversity
Jump to: navigation, search
Internet Protocol Analysis - Application Layer.png

This lesson introduces the Application layer and looks at a variety of application-layer protocols. Activities include using Wireshark to examine Hyper Text Transfer Protocol (HTTP), HTTP Secure (HTTPS), and Simple Mail Transfer Protocol (SMTP) network traffic.

Nuvola apps bookcase.svg Readings[edit]

  1. Read Wikipedia: Application layer.
  2. Read Wikipedia: Hypertext Transfer Protocol.
  3. Read Wikipedia: HTTP Secure.
  4. Read Wikipedia: Transport Layer Security.
  5. Read Wikipedia: Simple Mail Transfer Protocol.

Nuvola apps multimedia.png Multimedia[edit]

  1. Watch YouTube: Common TCP and UDP Ports - CompTIA Network+ N10-005: 1.5.
  2. Watch YouTube: Application Protocols - CompTIA Network+ N10-005: 1.6.
  3. Watch YouTube: Telnet Client and Server Demonstration in Windows Vista and XP.

Nuvola apps korganizer.svg Activities[edit]

  1. Review Wireshark: Hyper Text Transfer Protocol (HTTP).
  2. Use Wireshark to capture and analyze Hypertext Transfer Protocol (HTTP) traffic.
  3. Review Wireshark: SSL.
  4. Use Wireshark to capture and analyze HTTP Secure (HTTPS) traffic.
  5. Review Wireshark: Simple Mail Transfer Protocol (SMTP).
  6. Use Wireshark to capture and analyze Simple Mail Transfer Protocol (SMTP) traffic.
  7. Consider situations in which a packet analyzer might be used to troubleshoot application layer traffic.
  8. Use the Discuss page to post comments and questions regarding this lesson.
  9. Review the lesson summary, key terms, review questions and flashcards below.

Stock post message.svg Lesson Summary[edit]

  • The application layer is an abstraction layer reserved for communications protocols and methods designed for process-to-process communications across an Internet Protocol (IP) computer network.[1]
  • Application layer protocols use the underlying transport layer protocols to establish host-to-host connections.[2]
  • The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information systems.[3]
  • HTTP functions as a request-response protocol in the client-server computing model.[4]
  • HTTP uses TCP as its transport protocol and servers listen on port 80 by default.[5]
  • HTTP defines methods that may be performed on the desired resource. Methods include GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, CONNECT, and PATCH.[6]
  • HTTP requests include a request line, headers, an empty line, and an optional message body.[7]
  • HTTP responses include a status line, header, an empty line, and an optional message body.[8]
  • Hypertext Transfer Protocol Secure (HTTPS) is a widely used communications protocol for secure communication over a computer network, with especially wide deployment on the Internet. Technically, it is not a protocol in itself; rather, it is the result of simply layering the Hypertext Transfer Protocol (HTTP) on top of the Secure Sockets Layer / Transport Layer Security (SSL/TLS) protocol, thus adding the security capabilities of SSL/TLS to standard HTTP communications.[9]
  • HTTPS uses TCP as its transport protocol and servers listen on port 443 by default.[10]
  • Web servers supporting HTTPS connections must have a public key certificate signed by a certificate authority the web browser trusts in order to connect without a client warning.[11]
  • TLS and SSL encrypt the segments of network connections at the Application Layer for the Transport Layer, using asymmetric cryptography for key exchange, symmetric encryption for confidentiality, and message authentication codes for message integrity.[12]
  • TLS handshaking includes the exchange of settings, server authentication, optional client authentication, and public key encryption of a symmetric session key.[13]
  • Simple Mail Transfer Protocol (SMTP) is an Internet standard for electronic mail (e-mail) transmission across Internet Protocol (IP) networks.[14]
  • Client applications use SMTP for sending messages to a mail server, but usually use either the Post Office Protocol (POP) or the Internet Message Access Protocol (IMAP) or a proprietary system to access their mail box accounts on a mail server.[15]
  • Client applications should use TCP port 587 to submit SMTP messages to a server. Servers use TCP port 25 to transfer SMTP messages to destination servers.[16]
  • SMTP transactions include commands for MAIL, RCPT, and DATA.[17]

Nuvola apps kdict.png Key Terms[edit]

abstraction layer
A way of hiding the implementation details of a particular set of functionality.[18]
authentication
The act of confirming the identity of a person, software program, or computer system.[19]
eavesdropping
The act of secretly listening to the private conversation of others without their consent.[20]
hypermedia
A logical extension of the term hypertext in which graphics, audio, video, plain text and hyperlinks intertwine to create a generally non-linear medium of information.[21]
HyperText Markup Language (HTML)
The main markup language for displaying web pages and other information that can be displayed in a web browser.[22]
Internet Message Access Protocol (IMAP)
An Application Layer Internet protocol that allows an e-mail client to access e-mail on a remote mail server.[23]
man-in-the-middle attack
A form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection.[24]
Post Office Protocol (POP)
An application-layer Internet standard protocol used by local e-mail clients to retrieve e-mail from a remote server over a TCP/IP connection.[25]
public-key cryptography
A cryptographic system requiring two separate keys, one of which is secret and one of which is public.[26]
stateless protocol
A communications protocol that treats each request as an independent transaction that is unrelated to any previous request so that the communication consists of independent pairs of requests and responses.[27]
symmetric-key algorithms
A class of algorithms for cryptography that use the same cryptographic keys for both encryption of plaintext and decryption of ciphertext.[28]
tampering
The deliberate altering or adulteration of information, a product, a package, or system.[29]
web cache
A mechanism for the temporary storage (caching) of web documents, such as HTML pages and images, to reduce bandwidth usage, server load, and perceived lag.[30]
web crawler
A computer program that browses the World Wide Web in a methodical, automated manner or in an orderly fashion.[31]
World Wide Web Consortium (W3C)
The main international standards organization for the World Wide Web.[32]

Nuvola apps package editors.png Review Questions[edit]

Enable JavaScript to hide answers.

Click on a question to see the answer.

1. The application layer is an abstraction layer reserved for communications protocols and methods designed for _____ communications across an Internet Protocol (IP) computer network.
The application layer is an abstraction layer reserved for communications protocols and methods designed for process-to-process communications across an Internet Protocol (IP) computer network.
2. Application layer protocols use the underlying transport layer protocols to establish _____ connections.
Application layer protocols use the underlying transport layer protocols to establish host-to-host connections.
3. The Hypertext Transfer Protocol (HTTP) is an application protocol for _____.
The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information systems.
4. HTTP functions as a _____ protocol in the _____ computing model.
HTTP functions as a request-response protocol in the client-server computing model.
5. HTTP uses _____ as its transport protocol and servers listen on port _____ by default.
HTTP uses TCP as its transport protocol and servers listen on port 80 by default.
6. HTTP defines methods that may be performed on the desired resource. Methods include _____.
HTTP defines methods that may be performed on the desired resource. Methods include GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, CONNECT, and PATCH.
7. HTTP requests include _____.
HTTP requests include a request line, headers, an empty line, and an optional message body.
8. HTTP responses include _____.
HTTP responses include a status line, header, an empty line, and an optional message body.
9. Hypertext Transfer Protocol Secure (HTTPS) is a widely used communications protocol for secure communication over a computer network, with especially wide deployment on the Internet. Technically, it is not a protocol in itself; rather, it is _____.
Hypertext Transfer Protocol Secure (HTTPS) is a widely used communications protocol for secure communication over a computer network, with especially wide deployment on the Internet. Technically, it is not a protocol in itself; rather, it is the result of simply layering the Hypertext Transfer Protocol (HTTP) on top of the Secure Sockets Layer / Transport Layer Security (SSL/TLS) protocol, thus adding the security capabilities of SSL/TLS to standard HTTP communications.
10. HTTPS uses _____ as its transport protocol and servers listen on port _____ by default.
HTTPS uses TCP as its transport protocol and servers listen on port 443 by default.
11. Web servers supporting HTTPS connections must have a public key certificate _____.
Web servers supporting HTTPS connections must have a public key certificate signed by a certificate authority the web browser trusts in order to connect without a client warning.
12. TLS and SSL encrypt the segments of network connections at the Application Layer for the Transport Layer, using _____.
TLS and SSL encrypt the segments of network connections at the Application Layer for the Transport Layer, using asymmetric cryptography for key exchange, symmetric encryption for confidentiality, and message authentication codes for message integrity.
13. TLS handshaking includes _____.
TLS handshaking includes the exchange of settings, server authentication, optional client authentication, and public key encryption of a symmetric session key.
14. Simple Mail Transfer Protocol (SMTP) is an Internet standard for _____.
Simple Mail Transfer Protocol (SMTP) is an Internet standard for electronic mail (e-mail) transmission across Internet Protocol (IP) networks.
15. Client applications use _____ for sending messages to a mail server, but usually use either _____ or _____ or a proprietary system to access their mail box accounts on a mail server.
Client applications use SMTP for sending messages to a mail server, but usually use either the Post Office Protocol (POP) or the Internet Message Access Protocol (IMAP) or a proprietary system to access their mail box accounts on a mail server.
16. Client applications should use TCP port _____ to submit SMTP messages to a server. Servers use TCP port _____ to transfer SMTP messages to destination servers.
Client applications should use TCP port 587 to submit SMTP messages to a server. Servers use TCP port 25 to transfer SMTP messages to destination servers.
17. SMTP transactions include commands for _____.
SMTP transactions include commands for MAIL, RCPT, and DATA.

Nuvola apps cache.png Flashcards[edit]

Nuvola-ddipisa Icona occchiali.png See Also[edit]

Nuvola filesystems folder orange.png References[edit]

Nuvola apps edu miscellaneous.svg Resource type: this resource is a lesson.
Progress-1000.svg Completion status: this resource is considered to be complete.