<a href="https://colab.research.google.com/github/brendanpshea/A-Little-More-Logical/blob/main/Network_03_PortsProtocols.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

# The General Prologue

*When April's packets flood through router fair,<br>
And switches send their frames with greater care,<br>
When OSI has shown us every layer,<br>
From Physical to Application's prayer;<br>
Then do our protocols begin their dance,<br>
Through port and socket, each one takes their chance,<br>
To move our data through the digital air,<br>
And make our networks run without a care!*

In the grand realm of networking, where packets flow like travelers on ancient roads, there dwell many protocols, each with their own peculiar ways and designated ports. Some are ancient and perhaps too trusting, others modern and wrapped in layers of security, but each has their tale to tell.

Before we meet our protocols, dear reader, let us understand the realm in which they dwell. Picture, if you will, a great tower of seven layers - the OSI model - where each protocol finds its home:

- 7: **Application Layer**: Where our protocol friends dwell
- 6: **Presentation Layer**: Making data pretty and sometimes secret
- 5: **Session Layer**: Keeping conversations organized
- 4: **Transport Layer**: Where TCP and UDP rule
- 3: **Network Layer**: IP's domain of addresses
- 2: **Data Link Layer**: Where switches play
- 1: **Physical Layer**: The realm of cables and radio waves

But 'tis the Transport Layer that most concerns our tales, for there dwell two great nobles who carry all our protocols' messages:

**Lord TCP** (Transmission Control Protocol), a most careful and reliable sort:
- Insists on acknowledgment for every message
- Ensures everything arrives in proper order
- Retransmits anything that gets lost
- Perfect for protocols who can't bear to lose a single byte!

**Duke UDP** (User Datagram Protocol), a more carefree and swift character:
- Sends messages without waiting for replies
- Cares not if things get lost along the way
- Never retransmits anything
- Perfect for protocols who value speed over certainty!

And what of **Ports**, those numbered gateways through which our protocols must pass? Think of them as doors in a great castle:
- Well-known ports (0-1023): The grand entrances, reserved for official protocol business
- Registered ports (1024-49151): The common thoroughfares
- Dynamic ports (49152-65535): The back alleys where temporary connections are made

Now, let us meet our protocol company, each with their own special door and manner:

The Command Controllers:
- **SSH** (22): The careful guard captain
- **Telnet** (23): The retiring old knight (best not to trust him with secrets)

The Data Keepers:
- **DNS** (53): The wise namer of things
- **DHCP** (67,68): The generous innkeeper
- **LDAP** (389): The meticulous record keeper

The File Movers:
- **FTP** (20,21): The old-fashioned courier
- **SFTP** (22): The security-conscious delivery master
- **TFTP** (69): The hasty messenger

The Web Weavers:
- **HTTP** (80): The cheerful page bearer
- **HTTPS** (443): The encrypted information guardian

The Mail Carriers:
- **SMTP** (25): The dedicated postman
- **POP3** (110): The simple mail collector
- **IMAP** (143): The organized mailbox keeper

The Network Minders:
- **SNMP** (161,162): The nosy network inspector
- **Syslog** (514): The dutiful record keeper

The Resource Sharers:
- **SMB** (445): The neighborhood file sharer
- **RDP** (3389): The remote control wizard
- **Database Protocols** (various): The data librarians

Each protocol uses either TCP or UDP (and sometimes both) to carry their messages, choosing reliability or speed as their needs demand. Some wrap their messages in encryption, while others send them in the clear (though fewer do this in these suspicious modern times).

In the tales that follow, we shall meet each protocol in turn, learn their quirks and habits, their ports and packets, their strengths and weaknesses. Some are ancient, some are new, but each plays their part in keeping our digital realm running smoothly.

So let us begin our tales, and may each protocol teach us something of the art of network communication, be it through TCP's careful handling or UDP's swift delivery, through encrypted channels or open ports, through well-known standards or clever new innovations!

# The Tale of HTTP and HTTPS

*Through Eight-Zero the Web Weaver spins its tale,<br>
While Four-Four-Three keeps secrets without fail.<br>
Through TCP each request must flow,<br>
GET and POST and more to show.<br>
"Send me cat pics!" the clients cry with glee,<br>
While HTTPS makes sure no spy can see!*

In the network realm dwell the HyperText Transfer Protocol siblings. The elder **HTTP** is a cheerful soul at **Port 80 (TCP)**, who never met a web page it wouldn't happily share with anyone who asks - or anyone listening in, for that matter. Its more cautious sibling **HTTPS** dwells at **Port 443 (TCP)**, wrapping every conversation in layers of TLS encryption while muttering "You can never be too careful these days."

HTTP loves nothing more than a good request-response chat:

Client: "GET /cats.html HTTP/1.1"
HTTP: "Oh, you want the cat page? Here you go!"
Client: "POST /upload-cat.php"
HTTP: "New cat picture? I'll add it to the collection!"

Our Web Weaver knows many methods:
- **GET**: "Here's what you asked for!"
- **POST**: "I'll take that new content, thank you!"
- **PUT**: "Replace this with that!"
- **DELETE**: "Gone, just like that!"
- **HEAD**: "Let me tell you about it (without actually sending it)"
- **OPTIONS**: "Here's what I can do!"
- **PATCH**: "Just changing this one bit..."

Status codes are HTTP's way of expressing itself:
- **200**: "OK! Here's your stuff!" (Happy)
- **301**: "They moved! Let me redirect you!" (Helpful)
- **404**: "I looked everywhere, it's just not here!" (Sad)
- **403**: "You can't see that!" (Stern)
- **418**: "I'm a teapot!" (Silly)
- **500**: "Something's wrong and it's my fault!" (Embarrassed)

HTTPS, meanwhile, takes security Very Seriously:
1. First, a TLS handshake:
   - "Let's agree on encryption..."
   - "Here's my certificate..."
   - "These will be our secret keys..."
2. Then, and ONLY then, the regular HTTP chat can begin
3. Everything gets encrypted along the way
4. No one can peek or tamper with the contents

Modern features our Web Weavers love:
- **HTTP/2**: "Multiple requests at once!"
- **HTTP/3**: "QUIC instead of TCP! Living dangerously!"
- **Cookies**: "I remember you!"
- **Compression**: "Why send what we can squeeze?"
- **Caching**: "Why send what you already have?"

Headers tell the full story:
```
GET /index.html HTTP/1.1
Host: www.example.com
User-Agent: "Definitely not a robot"
Accept: text/html
Cookie: "Been here before!"
```

The wise administrator knows to:
- Redirect HTTP to HTTPS ("It's for your own good!")
- Configure security headers
- Set up proper certificates
- Enable HTTP/2 where possible
- Configure caching correctly
- Monitor for attacks

Security considerations (or why HTTPS is so paranoid):
- HTTP sends everything in the clear
- Anyone can intercept HTTP traffic
- Anyone can modify HTTP traffic
- HTTPS prevents snooping
- HTTPS prevents tampering
- HTTPS prevents impersonation

Common attacks our protocols face:
- Man-in-the-Middle: "Don't talk to strangers!"
- Session Hijacking: "Those cookies aren't yours!"
- Cross-Site Scripting: "Don't run strange scripts!"
- Injection: "That input looks suspicious..."

And so HTTP and HTTPS continue their work, fetching and carrying web content across the Internet. HTTP bounces along sharing everything with everyone, while HTTPS follows behind wrapping everything in encryption and muttering about security certificates. "The S stands for Secure!" HTTPS often proclaims, to which HTTP replies "And the H stands for Happy!"

### Graphic: HTTP

In [2]:
# @title
import base64
from IPython.display import Image, display
import matplotlib.pyplot as plt

def mm(graph, width=800, height=600):  # Add default dimensions
    graphbytes = graph.encode("utf8")
    base64_bytes = base64.urlsafe_b64encode(graphbytes)
    base64_string = base64_bytes.decode("ascii")
    # Add width and height parameters to the URL
    url = f"https://mermaid.ink/img/{base64_string}?width={width}&height={height}"
    display(Image(url=url))


mm("""
sequenceDiagram
    participant C as Web Client<br/>(Browser)
    participant S as Web Server<br/>(Apache/Nginx)

    note over C,S: HTTP/1.1 Request/Response Cycle

    C->>+S: HTTP GET Request<br/>GET /index.html HTTP/1.1<br/>Host: www.example.com<br/>User-Agent: Mozilla/5.0<br/>Accept: text/html

    alt Successful Response
        S-->>-C: HTTP 200 OK<br/>Content-Type: text/html<br/>Content-Length: 1234<br/><br/>[HTML Content]
    else Resource Not Found
        S-->>C: HTTP 404 Not Found<br/>Content-Type: text/html<br/><br/>[Error Page]
    else Server Error
        S-->>C: HTTP 500 Internal Server Error
    end
    """)

# The Tale of TLS

*Through handshakes firm and ciphers strong,<br>
TLS keeps secrets where they belong.<br>
With certificates to prove what's true,<br>
It guards our data passing through!*

In our network realm dwells the Transport Layer Security protocol, a sophisticated guardian who has largely replaced its elder sibling SSL. While not tied to any single port, TLS is most often found helping HTTPS secure the web at **Port 443 (TCP)**. Think of TLS as a master of ceremonies who ensures that two parties can meet, verify each other's identity, and establish a secure way to communicate.

When two computers wish to establish a TLS connection, they perform an intricate handshake dance:

1. The Greeting:
   - Client: "Hello! Here are the cipher suites I can use."
   - Server: "Hello back! I choose this cipher suite. Here's my certificate."

2. The Verification:
   - Client checks the server's certificate
   - Like examining a royal seal to verify authenticity

3. The Key Exchange:
   - They agree on encryption keys
   - These keys will protect all future messages

Once the handshake is complete, TLS provides three essential protections:
- Privacy (through encryption)
- Integrity (ensuring messages aren't changed)
- Authentication (knowing who you're talking to)

But TLS is not just for web browsing! Many of the protocol friends we'll be meeting (especially the more modern ones) rely on TLS for security:
- HTTPS for secure web browsing
- SMTPS for secure email sending
- FTPS for secure file transfers
- LDAPS for secure directory services

And so TLS continues its vigilant guard over our network communications, ensuring that sensitive data remains protected as it travels through the digital realm. "Trust," it proclaims, "must be earned and verified!"

### Graphic: HTTPS with TLS

In [3]:
# @title
mm("""
sequenceDiagram
    participant C as Client<br/>(Browser)
    participant S as Server<br/>(HTTPS enabled)

    note over C,S: TLS 1.3 Handshake & HTTPS Communication

    C->>+S: Client Hello<br/>TLS Version, Cipher Suites,<br/>Client Random

    S-->>-C: Server Hello<br/>Selected Cipher Suite,<br/>Server Random
    S->>C: Certificate<br/>(Server's Public Key + Identity)
    note right of S: Digital Certificate<br/>signed by CA

    C->>S: Client Key Exchange<br/>(Pre-master Secret encrypted<br/>with server's public key)
    note left of C: Generates session keys<br/>using key material

    C->>S: Finished<br/>(Encrypted with session key)
    S->>C: Finished<br/>(Encrypted with session key)

    note over C,S: Secure Connection Established

    rect rgb(200, 255, 200)
        C->>S: HTTPS Request<br/>(Encrypted with session key)<br/>GET /secure-page.html
        S->>C: HTTPS Response<br/>(Encrypted with session key)<br/>200 OK + Content
    end
""", width=1000)

# The Tale of Mail Protocols

*Through Two-Five the Postman treads his way,<br>
While One-Four-Three brings POP's letters to stay,<br>
IMAP at One-Four-Three shows more grace,<br>
Keeping messages in their proper place.<br>
Through TCP they move with stubborn pride,<br>
As SMTP makes sure each mail does ride!*

In the network realm dwells the Simple Mail Transfer Protocol, a determined postman known as **SMTP** who makes his home at **Port 25 (TCP)**. Though in modern times, he prefers his more secure residence at **Port 587 (TCP)** for submission of new mail. "Everything must be delivered!" is his motto, and by TCP he sends each message, for what postman would risk losing mail along the way?

SMTP takes his job very seriously - perhaps too seriously. Every conversation must follow his precise protocol:
```
SMTP: "220 Hello! I'm ready for mail duty!"
Client: "HELO! I have mail to send!"
SMTP: "250 Hello there! Who's it for?"
Client: "MAIL FROM: sender@example.com"
SMTP: "250 OK, sender noted. Who's the lucky recipient?"
Client: "RCPT TO: recipient@example.com"
SMTP: "250 OK, I know them! What's the message?"
Client: "DATA"
SMTP: "354 Start writing, end with <CRLF>.<CRLF>"
```

Our postman has two good friends who help manage mail delivery:
- **POP3** (Post Office Protocol) at **Port 110 (TCP)**: A simple soul who just downloads mail and (usually) deletes it from the server
- **IMAP** (Internet Message Access Protocol) at **Port 143 (TCP)**: A more sophisticated sort who keeps everything organized on the server

SMTP's security-conscious modern habits:
- **STARTTLS** on port 587: "No more sending secrets in the clear!"
- **Authentication**: "I need to know who's sending this!"
- **SPF Records**: "Let me check if you're allowed to send from that domain!"
- **DKIM**: "These messages need proper signatures!"
- **DMARC**: "Let's make sure everyone follows the rules!"

The process of sending mail:
1. User's mail client connects to SMTP server (port 587)
2. Authentication and encryption established
3. SMTP server accepts the message
4. Server looks up recipient's mail server (using MX records)
5. Connects to recipient's SMTP server (port 25)
6. Delivers the message
7. Recipient later downloads via POP3 or IMAP

Common SMTP Commands (our postman's vocabulary):
- **HELO/EHLO**: "Good day, let me introduce myself!"
- **MAIL FROM**: "I have a letter from..."
- **RCPT TO**: "It's for..."
- **DATA**: "Here's the message..."
- **QUIT**: "Good day, I'm off to deliver more!"

Modern Security Features:
- **TLS Encryption**: Because postcards are too public
- **SMTP AUTH**: No more anonymous mail sending
- **Anti-Spam Measures**:
  - SPF: "Are you allowed to send from there?"
  - DKIM: "Is this signature genuine?"
  - DMARC: "What should I do with suspicious mail?"

The wise administrator knows to:
- Disable old, insecure SMTP on port 25 for clients
- Require authentication for sending
- Implement SPF, DKIM, and DMARC
- Monitor for spam and relay attempts
- Keep mail servers updated
- Use TLS for all connections

Common Problems (our postman's headaches):
- Open Relays: "I'm not a public postal service!"
- Spam: "These aren't real letters!"
- Phishing: "Stop pretending to be the bank!"
- Spoofing: "That's not your return address!"

And so SMTP continues its dedicated service, ensuring each email finds its way through the vast network of servers, while POP3 and IMAP help manage the final delivery. "Neither rain, nor snow, nor misconfigured DNS shall stay these packets from their appointed route!" our postman proclaims, though he really wishes people would stop sending spam.

# The Tale of DNS

*Through Five-Three the Name Sage speaks with pride,<br>
While TCP asks when answers do reside.<br>
"Who speaks for google.com?" comes the call,<br>
As UDP's quick queries dance through all.<br>
From root to TLD, then down we go,<br>
Till IP addresses our queries show!*

In the network realm dwells the Domain Name System, a scholarly sage known as **DNS**. Making its home primarily at **Port 53** (both UDP and TCP), this wise protocol translates names into numbers, turning human-friendly domain names into IP addresses that computers can understand. "UDP for quick questions!" it proclaims, "But TCP for longer answers or when accuracy is paramount!"

DNS is both librarian and detective, maintaining a vast hierarchical system of name records. Each DNS server is like a different library in an enormous system, each specializing in its own domain of knowledge:

The Great DNS Hierarchy:
- **Root Servers** (marked by a simple "."): The grandest librarians of all
  - Know where to find all the top-level domains
  - There are 13 root server clusters (A through M)
  - They don't know everything, but they know who knows!

- **TLD Servers**: The keepers of top-level domains
  - Guard knowledge of .com, .org, .net, and country codes
  - Know which nameservers are authoritative for each domain
  - "Need google.com? Ask these nameservers!"

- **Authoritative Servers**: The specialists
  - Know everything about their specific domains
  - "Here's google.com's IP address!"
  - Maintain different types of records

Our sage keeps various types of records:
- **A Records**: "Here's the IPv4 address!" (Name → IPv4)
- **AAAA Records**: "Here's the IPv6 address!" (Name → IPv6)
- **CNAME Records**: "That's an alias, here's the real name!"
- **MX Records**: "Here's where to send email!"
- **NS Records**: "These servers are in charge of that domain!"
- **PTR Records**: "You have an IP? Here's its name!" (Reverse DNS)
- **TXT Records**: "Here's some extra text info about this domain!"
- **SOA Records**: "Here's the administrative info!"

The DNS Resolution Dance:
1. Client asks local resolver: "Where's google.com?"
2. If not cached, resolver asks root: "Who knows about .com?"
3. Root says: "Ask these TLD servers about .com"
4. Resolver asks TLD: "Who knows about google.com?"
5. TLD says: "Ask Google's nameservers"
6. Resolver asks Google's nameservers: "What's google.com's address?"
7. Finally, the answer arrives!

DNS uses both protocols:
- **UDP Port 53**: For standard queries (quick and simple!)
  - Most queries fit in a single packet
  - No need for connection overhead
  - But packets might get lost...

- **TCP Port 53**: For special occasions
  - When answers are too big for UDP
  - For zone transfers between servers
  - When reliability matters most

Modern Security Features:
- **DNSSEC**: "Let me sign that response so you know it's genuine!"
  - Adds digital signatures to DNS data
  - Prevents DNS spoofing
  - Creates a chain of trust from root down

- **DNS over HTTPS (DoH)**: "Port 443 is much more private!"
  - Hides DNS queries in HTTPS traffic
  - Prevents snooping and manipulation
  - But controversial among network admins

- **DNS over TLS (DoT)**: "Port 853 is my secure home!"
  - Encrypted DNS queries
  - More transparent than DoH
  - Still maintains network visibility

The wise administrator knows to:
- Set up proper caching
- Configure forwarding carefully
- Monitor for DNS attacks
- Keep records updated
- Plan for redundancy
- Consider DNSSEC
- Watch for tunneling abuse

Common Attacks (which our sage must guard against):
- Cache Poisoning: Corrupting the resolver's memory
- DNS Tunneling: Hiding traffic in DNS queries
- DDoS Attacks: Overwhelming name servers
- DNS Hijacking: Redirecting queries to bad servers

And so DNS continues its endless task of translation, turning names into numbers and back again, maintaining order in an ever-growing Internet. "Without me," it proudly proclaims, "you'd all be memorizing IP addresses!" And no one can argue with that!

### Graphic: The DNS Heirarchy

In [9]:
# @title
mm("""
graph TD
    Client[Client Computer]
    LocalCache[Local DNS Cache]
    Resolver[Local DNS Resolver]
    ISP[ISP DNS Server]
    Root[Root DNS Servers<br/>.]
    TLD[TLD Name Servers<br/>.com, .org, .net]
    Auth[Authoritative Name Servers<br/>example.com]

    subgraph DNS Resolution Process
        Client -->|1 - Query| LocalCache
        LocalCache -->|2 - Cache Miss| Resolver
        Resolver -->|3 - Query| ISP
        ISP -->|4 - Query| Root
        Root -->|5 - TLD Referral| ISP
        ISP -->|6 - Query| TLD
        TLD -->|7 - Auth Referral| ISP
        ISP -->|8 - Query| Auth
        Auth -->|9 - IP Address| ISP
    end

    ISP -->|10 - IP| Resolver
    Resolver -->|11 - Cache Update| LocalCache
    LocalCache -->|12 - Response| Client

    classDef default fill:#f9f9f9,stroke:#333,stroke-width:2px;
    classDef cached fill:#e1f5fe,stroke:#333,stroke-width:2px;
    class LocalCache cached;
""")

# The Tale of File Transfer Protocols

*Through Twenty-One old FTP still peers,<br>
While Twenty-Two holds SFTP's safer gears.<br>
TFTP at Sixty-Nine plays quick and light,<br>
And FTPS wraps old ways in armor bright.<br>
Through TCP (save TFTP's UDP calls),<br>
These movers shift files great and small!*

In the network realm dwells a quarrelsome family of file-moving protocols, each convinced their way is best. There's elderly **FTP** at **Port 21 (TCP)**, who insists on using two connections for everything ("One for talking, one for transferring, that's proper protocol!"). It also demands **Port 20 (TCP)** for actual data transfers, in what it calls "active mode" - though network administrators just call it "troublesome."

Its security-conscious child **SFTP** lives with SSH at **Port 22 (TCP)**, wrapping everything in encryption and refusing to send so much as a single byte in the clear. "Have you SEEN what people do with packet sniffers these days?" it frequently lectures its parent.

Then there's young cousin **TFTP** at **Port 69 (UDP)**, a minimalist who believes in keeping things simple. "TCP? Multiple connections? Authentication? Bah! Just throw the packets over and hope they land!" While the others are moving entire file systems, TFTP is happily moving config files and firmware images for network devices.

The family also includes **FTPS** (not to be confused with SFTP!), who tried to teach old FTP about security by wrapping it in TLS encryption. "It's just like FTP, but with encryption!" it proudly proclaims, though SFTP mutters about "putting fancy armor on a rusty horse."

How they move files:

**FTP's** complicated way:
1. Control channel on port 21:
   - "Hello! I'd like to send a file!"
   - "Splendid! Let me open port 20..."
2. Data channel on port 20:
   - "Here comes the data!"
   - "Got it! ...wait, where did my firewall go?"

**SFTP's** secure approach:
1. Single encrypted channel through SSH:
   - "Everything's encrypted!"
   - "Every. Single. Byte."
   - "Yes, we get it, SFTP..."

**TFTP's** simple philosophy:
1. "Here's a packet!" (UDP)
2. "Got it!" (Maybe)
3. "Here's the next one!" (Hopefully)
4. Repeat until done (or timeout)

The wise administrator knows to:
- Avoid regular FTP ("But tradition!" it protests)
- Use SFTP for secure transfers
- Keep TFTP inside trusted networks
- Disable anonymous FTP access
- Monitor for unusual transfer patterns

Security considerations:
- FTP sends passwords in cleartext
- SFTP encrypts everything
- TFTP trusts everyone (bless its heart)
- FTPS tries its best but inherits FTP's quirks

And so the file transfer family continues its work, each member convinced their way is best. FTP reminisces about "the good old days," SFTP triple-checks its encryption, TFTP cheerfully throws packets into the void, and FTPS tries to bridge the old and new. Together they keep the network's files moving, each in their own special way!

# The Tale of SSH and Telnet

*Through Two-Three old Telnet spins tales so bare,<br>
While Two-Two SSH guards with greater care.<br>
Both through TCP their commands flow true,<br>
But one sends secrets for all to view!<br>
"Encrypt!" cries SSH, "Or face dire cost!"<br>
While Telnet dreams of glory long since lost.*

In the network realm dwell two distant cousins who specialize in remote command: the elderly **Telnet** at **Port 23 (TCP)** and the more security-conscious **SSH** at **Port 22 (TCP)**. Poor old Telnet, once the king of remote access, now sits in retirement spinning tales of the good old days when "everyone trusted everyone" and "encryption was for paranoid people."

SSH (Secure Shell) just rolls its eyes at its elderly cousin. "Sending passwords in plaintext?" it scoffs. "Were you TRYING to help the hackers?" Both protocols use TCP - after all, you can't have commands getting lost or arriving out of order - but SSH wraps everything in layers of encryption, while Telnet blithely sends everything in the clear.

SSH's security features include:
- Public key authentication ("Passwords? How quaint!")
- Strong encryption ("No peeking!")
- Data integrity checks ("Nothing gets changed on my watch!")
- Port forwarding ("I can make secure tunnels too!")

Poor old Telnet's features are... well:
- Send text commands ("Hello, everyone can read this!")
- Receive text responses ("Everyone can read this too!")
- That's... pretty much it ("We kept things simple back then!")

When logging in remotely:
- **SSH** first establishes a secure channel:
  1. Exchange encryption keys
  2. Verify server identity
  3. Authenticate user
  4. Create encrypted session

- **Telnet** just... connects:
  1. "Hi! Here's my username!"
  2. "And here's my password for everyone to see!"
  3. "Why are all these hackers in my system?"

The wise administrator knows to:
- Disable Telnet entirely ("But my arthritis!" protests Telnet)
- Use SSH key authentication when possible
- Keep SSH software updated
- Configure SSH securely
- Monitor for unusual access patterns

Security considerations (or why Telnet lives in a retirement home):
- Telnet sends everything as plaintext
- Telnet has no encryption
- Telnet has no authentication verification
- Telnet is just... no. Just no.

SSH's helpful features:
- SFTP for secure file transfers
- Port forwarding for secure tunnels
- X11 forwarding for remote GUI apps
- Agent forwarding for key management

And so SSH continues its vigilant guard over remote access, while Telnet sits in its rocking chair muttering about "the good old days" when everyone left their digital doors unlocked. "You young protocols today," Telnet grumbles, "with your fancy encryption and your key pairs..." SSH just sighs and gets back to work keeping connections secure.

In [13]:
# @title
mm("""
graph LR
    Client["💻 Innocent User<br/>Using Telnet to<br/>manage their server"]
    Router["📡 Network Router<br/>Compromised using<br/>ARP poisoning to redirect traffic"]
    Attacker["😈 Malicious Attacker<br/>Intercepts all traffic between<br/>client and server using<br/>packet sniffing tools"]
    Server["🖥️ Target Server<br/>Running Telnet service<br/>on default port 23"]

    subgraph "Why Telnet is Unsecure"
        Client -->|"1 - User types innocent command:<br/>ls /home<br/>(wants to list files in home directory)<br/>[SENT AS PLAINTEXT!]"| Router
        Router -->|"2 - Router sends traffic to attacker<br/>instead of server because of<br/>poisoned routing tables"| Attacker
        Attacker -->|"3 - Attacker reads command and changes it to:<br/>rm -rf /home/*<br/>(malicious command to delete all files)<br/>[STILL PLAINTEXT!]"| Server
        Server -->|"4 - Server executes dangerous command<br/>and sends success message<br/>(server can't tell command was changed)"| Attacker
        Attacker -->|"5 - Attacker hides the damage by sending<br/>fake directory listing back to user:<br/>home/user1<br/>home/user2<br/>(user thinks everything is normal)"| Client
    end

    classDef default fill:#f9f9f9,stroke:#333,stroke-width:2px
    classDef compromised fill:#ffebee,stroke:#333,stroke-width:2px
    classDef victim fill:#e8f5e9,stroke:#333,stroke-width:2px
    class Client,Server victim
    class Router,Attacker compromised
   """)

# The Tale of DHCP

*Through Six-Seven the hopeful client calls,<br>
While Six-Eight sees what bounty freely falls.<br>
"DISCOVER!" shouts each newcomer bold,<br>
"OFFER, REQUEST, and ACK!" the tale is told.<br>
By UDP's broadcast far and wide,<br>
DHCP gives each guest somewhere to reside!*

In the network realm dwells the Dynamic Host Configuration Protocol, a boisterous innkeeper known as **DHCP**. Making its home at **Port 67 (UDP)** for servers and **Port 68 (UDP)** for clients, this jolly protocol delights in finding homes for every device that wanders into the network. "You need an address? Have an address!" it cries cheerfully, tossing IP addresses about like rooms at a bustling inn.

DHCP chose UDP because sometimes you need to shout to be heard - especially when you don't have an IP address yet! "Can't send a proper TCP packet without an IP," it chortles, "so we just yell until someone answers!" Indeed, DHCP's iconic DISCOVER message goes out as a broadcast, seeking any DHCP server that might be listening.

Our innkeeper's famous four-part welcome:
- **DISCOVER**: "Hello? Anyone there?" (Client's hopeful cry)
- **OFFER**: "Over here! I've got a nice address for you!" (Server's response)
- **REQUEST**: "Yes please, I'll take that one!" (Client's acceptance)
- **ACK**: "It's yours! Make yourself at home!" (Server's confirmation)

Along with addresses, DHCP hands out other useful bits:
- Default gateway ("The road to the internet is that way!")
- Subnet mask ("These are your neighbors")
- DNS servers ("Need directions? Ask these folks")
- Lease time ("But don't stay too long!")

Special features of our address-giving friend:
- **Reservation**: "This regular guest always gets room 192.168.1.100"
- **Exclusion**: "Rooms 192.168.1.1-10 are for VIPs only"
- **Scopes**: "Different floors for different folks"
- **Relay Agents**: "My assistants help me hear guests in other buildings"

The wise administrator knows to:
- Set appropriate lease times
- Configure reservations for important devices
- Monitor available address pools
- Set up failover servers ("In case I catch a cold!")

Security considerations (because even friendly innkeepers need rules):
- Only trusted DHCP servers allowed
- Watch for rogue servers
- Monitor for address exhaustion attacks
- Use DHCP snooping on switches

And so DHCP continues its merry task of welcoming new devices to the network, ensuring each gets its own address and knows its way around. "Dynamic!" it proudly proclaims, "Because who wants to assign all these addresses by hand?"

# The Tale of SNMP

*Through One-Six-One the Network Snoop peers out,<br>
While One-Six-Two hears Traps and Agent's shout.<br>
By UDP's swift path the queries fly,<br>
'Cross MIB's vast tree where answers lie.<br>
"How fares thy bandwidth?" comes the endless call,<br>
As SNMP keeps watch o'er one and all!*

In the network realm dwells the Simple Network Management Protocol, a nosy fellow known to friends as **SNMP**. Making its primary home at **Port 161 (UDP)** for queries and **Port 162 (UDP)** for traps, this curious protocol simply must know how everything is doing. "How's your bandwidth?" it asks the router. "Any errors lately?" it queries the switch. "Getting warm in there?" it pesters the server.

SNMP chose UDP for its conversations - why wait for acknowledgments when you're asking thousands of questions every minute? Besides, if a query gets lost, there's always another one coming soon! Though some say this makes SNMP a bit unreliable, it simply replies "Speed over certainty, that's my motto!"

Our network inspector has gone through several versions:
- **SNMPv1**: The original questioner (now considered far too trusting)
- **SNMPv2c**: Added bulk queries but kept the simple security
- **SNMPv3**: Finally learned about proper security (though it grumbles about the extra work)

SNMP organizes all its knowledge in vast tree structures called MIBs (Management Information Bases):
- "Everything has its place!" it insists
- Each piece of information has a unique OID (Object Identifier)
- "1.3.6.1.2.1.1.3" means uptime (though only SNMP finds this obvious)

Our inspector has three main ways of doing its job:
- **GET**: "Tell me about..." (Reading values)
- **SET**: "Change this to..." (Modifying settings)
- **TRAP**: "Come quick, something happened!" (Alerts from devices)

Things SNMP loves to monitor:
- Interface status ("Are you up? Down? How many bytes lately?")
- CPU usage ("Working hard or hardly working?")
- Memory usage ("Feeling a bit full?")
- Temperature ("Is it hot in here?")
- Error counts ("Had any troubles?")

The wise administrator knows to:
- Use SNMPv3 for security (ignore v1's protests about it being overkill)
- Set proper community strings (not just "public" and "private")
- Limit who can make SET requests
- Watch for excessive polling
- Keep MIBs updated

Security concerns (because even nosy protocols need boundaries):
- SNMPv1 and v2c are chatty and insecure
- SNMPv3 adds authentication and privacy
- Community strings should be treated like passwords
- SNMP traffic should stay on management networks

And so SNMP continues its endless rounds, poking and prodding at every device in sight, building up a detailed picture of the network's health through its countless questions and observations. "Simple, they called me," it mutters, "but have you seen the size of my MIB tree lately?"

# The Tale of Syslog

*Through Five-One-Four the Logger's tales are told,<br>
Some urgent, some routine, some brash and bold.<br>
UDP's quick whispers race through distant halls,<br>
While TCP makes sure no message falls.<br>
From ERRORs grave to INFO's gentle sight,<br>
The Logger minds each message day and night!*

In the network realm dwells Syslog, the incessant gossip who simply must record everything that happens. Making its home at **Port 514** (both UDP and TCP), this chatterbox protocol has been collecting and sharing system messages since the earliest days of Unix. Unlike its more formal cousins, Syslog isn't picky about how messages reach it - UDP's quick whispers suit it fine for routine chatter, though it also accepts TCP's more reliable service for those really important messages that simply can't be lost.

Syslog ranks its gossip by importance, using Facilities and Severities to sort the urgent from the mundane:
- **Emergency**: "The kingdom is on fire!" (Severity 0)
- **Alert**: "Someone's stealing the crown jewels!" (Severity 1)
- **Critical**: "The drawbridge is stuck!" (Severity 2)
- **Error**: "The court jester tripped." (Severity 3)
- **Warning**: "We're running low on mead." (Severity 4)
- **Notice**: "The knights are having breakfast." (Severity 5)
- **Info**: "Another lovely day in the realm." (Severity 6)
- **Debug**: "Counting particles of dust..." (Severity 7)

Each message comes with its own Facility tag, telling which part of the kingdom it's from:
- kern (0): Messages from the kernel itself
- user (1): Regular user-level gossip
- mail (2): News from the message carriers
- daemon (3): Tales from background servants
- auth (4): Reports from the castle guards
- syslog (5): Syslog's own mumblings
- (and many more!)

Modern Syslog has learned some new tricks:
- **RFC 5424**: A more structured way to tell tales
- **TLS Encryption**: For when messages need privacy
- **Reliable Delivery**: TCP ensures important messages arrive
- **Message Filtering**: Not all gossip needs to be repeated

When devices want to share their stories:
1. They choose UDP for casual chat or TCP for important news
2. Format their message with proper facility and severity
3. Add a timestamp (when did it happen?)
4. Include their name (who's telling the tale?)
5. Send it off to the Syslog server

The wise administrator knows to:
- Use TCP for important messages
- Set up proper message filters
- Keep logs rotating (even gossips need to clean house)
- Watch for unusual patterns
- Back up important logs

Security considerations (because even gossips have secrets):
- Consider TLS for sensitive messages
- Control who can send logs
- Protect stored log files
- Monitor for log injection attacks

And so Syslog continues its endless task of collecting and recording the realm's every whisper and shout, from the gravest emergency to the most mundane debug message, ensuring that no digital tale goes untold!

### Sample: Syslog
```
Apr  1 09:15:23 tabard-inn sshd[1478]: Accepted password for host_wyf from 192.168.1.10 port 49234 ssh2
Apr  1 09:15:25 tabard-inn sudo: host_wyf : TTY=pts/0 ; PWD=/home/pilgrims ; USER=root ; COMMAND=/usr/bin/brew-ale start
Apr  1 09:16:12 canterbury-gate kernel: [1234567.123456] PILGRIM ALERT: Large group approaching from Southwark direction
Apr  1 09:16:45 tabard-inn meal-service[2345]: Started preparation for evening feast, estimated 29 pilgrims
Apr  1 09:17:01 prioress-node systemd[1]: Starting Daily tale rotation...
Apr  1 09:17:03 miller-mill kernel: [1234567.789012] CPU temperature above threshold: 90°C (Tales being told too quickly)
Apr  1 09:18:14 pardoner-box nginx[3456]: 192.168.1.50 - - [01/Apr/2024:09:18:14 +0100] "GET /false-relics HTTP/1.1" 451 667 "-" "Pardoner/2.0"
Apr  1 09:18:16 canterbury-gate firewall: Blocked suspicious indulgence traffic from 10.0.0.666
Apr  1 09:19:00 knights-keep monitoring[5678]: Performance alert: Squire response time > 500ms
Apr  1 09:20:11 clerk-server cron[6789]: (oxford_scholar) CRON job completed: /usr/local/bin/translate_latin.sh
Apr  1 09:21:33 monk-proxy haproxy[7890]: Server monk-backend/scriptorium is DOWN, reason: Failed Heath check
Apr  1 09:22:45 friar-node apache2[8901]: [error] [client 192.168.1.100] PHP Warning: Failed to dispense blessings: insufficient privileges
Apr  1 09:23:59 yeoman-farm backup[9012]: Critical: Failed to backup daily harvest logs - plowshare full
Apr  1 09:24:10 wife-bath mariadb[1234]: [ERROR] Table './marriages/previous_husbands' is full
```

# The Tale of LDAP

*At Three-Eight-Nine the Directory Drake peers,<br>
While Six-Three-Six brings safety through the years.<br>
"Your users must be sorted!" comes the cry,<br>
As LDAP keeps their secrets, asks not why.<br>
Through TCP each query flows with care,<br>
For organization is this keeper's flair!*

In the network realm dwells the Lightweight Directory Access Protocol, a rather obsessive organizer known to its friends as **LDAP**. Originally dwelling at **Port 389 (TCP)**, this meticulous record-keeper found itself in need of better security, and thus its more prudent twin **LDAPS** took up residence at **Port 636 (TCP)**. Together, they maintain the grand directories of the network realm, keeping track of users, computers, and all manner of organizational details.

LDAP, you see, is quite particular about organization. Everything must be arranged in a precise tree structure, rather like a family tree but for network resources. "Distinguished Names!" it proclaims proudly, "Every object must have one!" It insists on organizing everything with peculiar labels like "cn=Users,dc=example,dc=com" - a naming scheme that makes perfect sense to LDAP but leaves others scratching their heads.

Our directory keeper speaks through TCP (it would never trust UDP with its precious records!) using a special language of operations:
- **BIND**: "State your name and password!" (Authentication)
- **SEARCH**: "Let me find that for you!" (Looking up information)
- **ADD**: "A new entry! How exciting!" (Creating records)
- **MODIFY**: "Just a small change..." (Updating records)
- **DELETE**: "Gone, but never forgotten!" (Removing entries)

LDAP keeps track of all sorts of things:
- Users (their names, roles, and passwords)
- Computers (where they live in the network)
- Groups (who belongs where)
- Permissions (who can do what)
- Email addresses (where to find people)
- Printer settings (where to send documents)

The original LDAP was perhaps a bit too trusting, sending its precious directory information in the clear. Its security-conscious sibling LDAPS wraps everything in TLS encryption, ensuring all those sensitive details stay private as they travel across the network. Modern administrators much prefer LDAPS, treating regular LDAP like a slightly careless relative who can't be trusted with secrets.

When a program wishes to consult these directory keepers:
1. First, it must make a TCP connection
2. For LDAPS, a proper TLS handshake ensues
3. Then comes the BIND operation to prove identity
4. Only then may it search the hallowed directories

Security is paramount in the directory realm:
- LDAPS encrypts all traffic
- Strong authentication is required
- Access controls limit who can see what
- Failed attempts are carefully logged

The wise administrator knows to:
- Use LDAPS instead of plain LDAP
- Keep directory information properly organized
- Regularly update access permissions
- Monitor for suspicious query patterns
- Keep backups of the directory data

And so LDAP and LDAPS continue their meticulous work, organizing the digital realm with Distinguished Names and careful hierarchies, even if their naming conventions sometimes leave others bewildered by their peculiar formality.

# The Tale of SMB

*Through Four-Four-Five our sharing friend holds court,<br>
While NetBIOS once helped of that sort.<br>
From files to printers, all resources shared,<br>
Though version one, alas, went quite impaired!<br>
Now SMBv3 keeps secrets tight,<br>
Through TCP's steady hand, all flows just right.*

In the network realm dwells the Server Message Block, a chatty old protocol who simply loves to share. Known to friends as **SMB**, this sociable soul has been helping computers share their files and printers since the earliest days of networks. Making its home primarily at **Port 445 (TCP)** - though in younger days it also frolicked with NetBIOS at ports 137-139 - SMB has quite a tale to tell about its journey from simple file-sharing to becoming a secure and sophisticated protocol.

In its youth (SMBv1), this sharing enthusiast was perhaps a bit too trusting, passing files around without much concern for security. "Share everything!" was its motto, much to the dismay of network administrators. After some rather embarrassing incidents (like the WannaCry affair), this early version was firmly retired, told to sit in the corner and think about what it had done.

SMBv2 and SMBv3 learned from their elder sibling's mistakes. These newer versions insist on proper security, using TCP exclusively (unlike their predecessor's flirtation with NetBIOS). They love to share just as much, but now they do it safely:

What SMB helps share:
- Files (its favorite thing to share!)
- Printers (though it grumbles about paper jams)
- Network drives (like a lending library for computers)
- Named pipes (secret passages between programs)

Modern SMB has clever tricks for sharing:
- **Encryption**: Keeps shared files safe from prying eyes
- **Multichannel**: Uses multiple network paths for speed
- **File leasing**: Helps programs coordinate their file access
- **Directory caching**: Remembers where everything is stored

Being a rather chatty protocol, SMB follows these steps when sharing:
1. Negotiates the version (no more SMBv1, thank you very much!)
2. Sets up authentication (must check those credentials!)
3. Opens a share (like opening a book to share)
4. Handles file operations (read, write, delete - all very organized)

Security is now SMB's favorite topic (it learned the hard way):
- Requires modern authentication
- Encrypts all traffic by default in v3
- Signs messages to prevent tampering
- Supports access controls on shares

The wise administrator knows to:
- Disable SMBv1 entirely (it's quite elderly now)
- Use proper access controls
- Keep shares protected
- Monitor for unusual access patterns

SMB shows us how even the most social of protocols must learn to balance friendliness with security, though it still loves nothing more than a good file share between trusted friends.

# The Tale of Database Protocols

*A fussy lot these database lords be,<br>
Through TCP they'll chat, but carefully!<br>
At One-Four-Three-Three sits Server SQL grand,<br>
While MySQL at Three-Three-Zero-Six holds land.<br>
Such proper folk! They check each bit with care,<br>
Lest any data point go wandering where!*

Before we speak of protocols and ports, let us understand what these mysterious databases be. Think of the great libraries of medieval times, where monk-scribes would carefully record every tome, scroll, and manuscript in their keeping. They would write in great ledgers: which books they had, where each was stored, who had borrowed them, when they were due to return.

Now in our digital age, we have **databases** - grand electronic stores that do the work of a thousand monk-scribes! These wondrous repositories can hold vast amounts of knowledge: every student's grades, every merchant's inventory, every inn-keeper's reservations - all organized in neat tables and ready to be summoned in an instant.

The Database Keepers are a rather particular bunch who insist that every piece of data be stored "just so." These fussy guardians will speak only through **TCP**, mind you - for they cannot bear the thought of losing even a single byte of precious information! UDP's casual approach to delivery simply won't do for such precise personalities.

The grandest of these is **SQL Server**, Microsoft's rather pompous master of data storage, who insists on holding court at **Port 1433 (TCP)**. Known for its fancy features and proper manners, it sniffs disapprovingly at any query that isn't properly formatted. But beneath that stuffy exterior lies a heart of gold - it will never lose your data, though it may lecture you about proper indexing techniques.

At **Port 3306 (TCP)** lives **MySQL**, a more easy-going sort, though no less careful with the data in its care. While SQL Server might be the choice of merchant princes, MySQL happily serves both humble shops and grand enterprises, asking for no payment in return. Though it speaks the same SQL language as its Microsoft cousin, it does so with less ceremony and more cheer.

Then there's **PostgreSQL** at **Port 5432 (TCP)**, the database keeper who loves to show off its clever tricks. "Want to store JSON? Arrays? Complex geographical data?" it asks excitedly. "I can handle it all!" While the others might stick to simple tables, PostgreSQL delights in juggling data in all sorts of fascinating ways.

The newcomer **MongoDB**, dwelling at **Port 27017 (TCP)**, breaks with tradition entirely. "Why must everything be in tables?" it asks the older keepers, who merely shake their heads at such radical notions. MongoDB happily stores data in whatever shape it arrives, though the traditional keepers mutter about "proper structure" behind its back.

When a program wishes to speak with these particular keepers, it must follow their precise protocols:
1. First, a proper TCP connection - for these keepers demand confirmation of every message
2. Then, the correct credentials - for they are very particular about security
3. Finally, requests in their preferred SQL language (or MongoDB's rebellious JSON-style queries)

Each keeper has its quirks:
- SQL Server insists on having everything "just right"
- MySQL is friendly but still careful
- PostgreSQL loves to show off its clever features
- MongoDB cheerfully breaks all the rules

But all of them share a solemn duty to protect their data:
- They demand proper passwords (and get quite huffy if you forget them)
- They insist on encryption for all conversations
- They keep careful backup copies of everything
- They stand guard against unauthorized access

The wise administrator knows these keepers' ways:
- Never expose them to the wild internet (they get terribly nervous)
- Keep them updated (they do love their patches)
- Use secure connections (they simply won't have it any other way)
- Back up their data (for they do fret so about losing things)

And so the Database Keepers maintain their careful watch over our digital knowledge, each in their own particular way - fussy and proper, yes, but utterly reliable in their sacred duty to keep our data safe.

### Graphic: Database Connections

In [15]:
# @title
mm("""
graph LR
    Client["👩‍💻 Your Computer<br/>Database Client"]
    Network["🌐 Internet<br/>or Network"]
    DB["💽 Remote Database<br/>Database Server"]

    subgraph "How Database Connection Works"
        Client -->|"1 - Hey, can I connect?<br/>(Username + Password)"| Network
        Network -->|"2 - Checking credentials..."| DB
        DB -->|"3 - Yes, you can connect!"| Client
        Client -->|"4 - Show me the data"| DB
        DB -->|"5 - Here's your data"| Client
    end

    classDef default fill:#f9f9f9,stroke:#333,stroke-width:2px
    classDef client fill:#e8f5e9,stroke:#333,stroke-width:2px
    class Client client""")


## The Tale of SIP

*In Port Five-Zero-Six-Zero dwells with pride,<br>
The Session Herald, joining far and wide.<br>
Through REGISTER and INVITE calls ring clear,<br>
While BYE and ACK keep conversations near.<br>
From voice to video, all signals flow,<br>
As SIP directs each path through which they go.*

Among the most noble heralds in the network realm stands the Session Initiation Protocol, known simply as **SIP**. This masterful coordinator orchestrates the intricate dance of real-time communication, from simple voice calls to rich video conferences. Born from the need to connect people across the digital realm, SIP serves as the diplomatic ambassador of modern communication, speaking a language of INVITE messages, acknowledgments, and farewells that helps establish, modify, and end multimedia sessions between willing participants.

Think of SIP as a skilled event planner for all your real-time communications. Here's what makes it special:

1. SIP's Core Messages:
   - **INVITE**: Begins a new conversation
   - **REGISTER**: Tells the network where to find you
   - **BYE**: Ends a conversation politely
   - **ACK**: Confirms messages were received
   - **OPTIONS**: Asks what features are available

SIP works with other protocols to make communication smooth:
- Teams up with RTP for sending actual voice and video
- Uses UDP for speed, but can use TCP when needed
- Works with DNS to find the right destinations

The protocol has clever ways to handle modern communication needs:
- Can transfer calls from one device to another
- Supports conference calls and video meetings
- Allows presence information (showing if someone is available)
- Works with any type of media session

Security is built into SIP's design:
- **Authentication**: Makes sure users are who they claim to be
- **Encryption**: Can protect both signals and media
- **Privacy**: Helps keep communication details confidential

Like any protocol dealing with real-time communication, SIP must be configured carefully:
- Keep systems updated
- Use strong authentication
- Protect SIP servers from unauthorized access
- Monitor for unusual behavior

The Session Herald shows us how a protocol can elegantly manage the complex task of connecting people across the digital realm, making modern communication feel as natural as a conversation across a table.

## The Tale of RDP

*Through Three-Three-Eight-Nine the Display Porter shows,<br>
How distant screens can feel like those at home.<br>
With TCP it guards each click with care,<br>
While UDP makes sounds flow sweet and fair.<br>
Security stands watch through day and night,<br>
So remote work feels close, secure, and right.*

Among the most powerful beings in the network realm dwells the Remote Display Porter, known formally as **RDP (Remote Desktop Protocol)**. Born in the workshops of Microsoft but now embraced by many lands, this remarkable protocol bridges the gap between distant computers, allowing users to reach across networks and control faraway systems as if by magic. Making its home at **Port 3389**, it serves as a faithful porter, carrying screen images, keyboard strokes, and mouse movements back and forth with unwavering reliability. In an age where remote work and distant administration have become essential arts, the Display Porter stands as one of networking's most practical and widely-used enchantments.

Think of RDP as a magical mirror that shows you another computer's screen and lets you control it with your own keyboard and mouse. Here's what makes it special:

1. What RDP Can Do:
   - Shows you the remote computer's screen
   - Lets you use your keyboard and mouse to control it
   - Plays sounds from the remote computer
   - Lets you use your local printer with remote programs
   - Shares your clipboard between computers

RDP uses clever tricks to make everything feel smooth and fast:
- It remembers parts of the screen it's shown before
- It sends rough images first, then adds details
- It adjusts quality based on your internet speed

To keep everything safe, RDP has special security features:
- **Network Level Authentication (NLA)**: Checks who you are before letting you connect
- **Transport Layer Security (TLS)**: Keeps all your data private and secure

A word of caution: Like any powerful tool, RDP needs to be used carefully. Some important safety tips:
- Always use strong passwords
- Don't leave RDP open to the whole internet
- Use a VPN when connecting from outside your network

The Remote Display Porter shows us how network protocols can be both powerful and user-friendly, making distant computers feel like they're right at your desk!

### Quiz: Protocols and Numbers

In [5]:
# @title
import ipywidgets as widgets
from IPython.display import display, clear_output, HTML
import random

# Function to inject custom CSS for RadioButtons
def inject_radio_css():
    display(HTML("""
    <style>
    /* Enable text wrapping for RadioButtons labels */
    .widget-radio > div > label {
        white-space: normal;
        word-wrap: break-word;
    }
    /* Set a fixed width for RadioButtons to accommodate longer texts */
    .widget-radio {
        width: 600px;
    }
    </style>
    """))
protocols = [
    # Existing protocols...
    {
        'abbreviation': 'HTTP',
        'full_name': 'HyperText Transfer Protocol',
        'port': 80,
        'protocol_type': 'TCP'
    },
    {
        'abbreviation': 'HTTPS',
        'full_name': 'HyperText Transfer Protocol Secure',
        'port': 443,
        'protocol_type': 'TCP'
    },
    {
        'abbreviation': 'FTP',
        'full_name': 'File Transfer Protocol',
        'port': 21,
        'protocol_type': 'TCP'
    },
    {
        'abbreviation': 'SSH',
        'full_name': 'Secure Shell',
        'port': 22,
        'protocol_type': 'TCP'
    },
    {
        'abbreviation': 'SMTP',
        'full_name': 'Simple Mail Transfer Protocol',
        'port': 25,
        'protocol_type': 'TCP'
    },
    {
        'abbreviation': 'DNS',
        'full_name': 'Domain Name System',
        'port': 53,
        'protocol_type': 'UDP and TCP'
    },
    {
        'abbreviation': 'Telnet',
        'full_name': 'Telecommunication Network',
        'port': 23,
        'protocol_type': 'TCP'
    },
    {
        'abbreviation': 'POP3',
        'full_name': 'Post Office Protocol version 3',
        'port': 110,
        'protocol_type': 'TCP'
    },
    {
        'abbreviation': 'IMAP',
        'full_name': 'Internet Message Access Protocol',
        'port': 143,
        'protocol_type': 'TCP'
    },
    {
        'abbreviation': 'RDP',
        'full_name': 'Remote Desktop Protocol',
        'port': 3389,
        'protocol_type': 'TCP'
    },
    # Additional protocols...
    {
        'abbreviation': 'DHCP',
        'full_name': 'Dynamic Host Configuration Protocol',
        'port': 67,
        'protocol_type': 'UDP'
    },
    {
        'abbreviation': 'SNMP',
        'full_name': 'Simple Network Management Protocol',
        'port': 161,
        'protocol_type': 'UDP'
    },
    {
        'abbreviation': 'LDAP',
        'full_name': 'Lightweight Directory Access Protocol',
        'port': 389,
        'protocol_type': 'TCP'
    },
    {
        'abbreviation': 'NTP',
        'full_name': 'Network Time Protocol',
        'port': 123,
        'protocol_type': 'UDP'
    },
    {
        'abbreviation': 'BGP',
        'full_name': 'Border Gateway Protocol',
        'port': 179,
        'protocol_type': 'TCP'
    },
    {
        'abbreviation': 'SIP',
        'full_name': 'Session Initiation Protocol',
        'port': 5060,
        'protocol_type': 'UDP'
    },
    {
        'abbreviation': 'TFTP',
        'full_name': 'Trivial File Transfer Protocol',
        'port': 69,
        'protocol_type': 'UDP'
    },
    {
        'abbreviation': 'SMB',
        'full_name': 'Server Message Block',
        'port': 445,
        'protocol_type': 'TCP'
    },
    {
        'abbreviation': 'Syslog',
        'full_name': 'System Logging Protocol',
        'port': 514,
        'protocol_type': 'UDP'
    },
    {
        'abbreviation': 'Kerberos',
        'full_name': 'Kerberos Authentication Protocol',
        'port': 88,
        'protocol_type': 'TCP and UDP'
    },
    {
        'abbreviation': 'RADIUS',
        'full_name': 'Remote Authentication Dial-In User Service',
        'port': 1812,
        'protocol_type': 'UDP'
    },
    {
        'abbreviation': 'FTPS',
        'full_name': 'FTP Secure',
        'port': 990,
        'protocol_type': 'TCP'
    },
    {
        'abbreviation': 'SMTPS',
        'full_name': 'SMTP Secure',
        'port': 465,
        'protocol_type': 'TCP'
    }
]


class ProtocolQuiz:
    def __init__(self, protocols):
        self.protocols = protocols
        self.score = 0
        self.total_questions = len(protocols) * 2  # Each protocol has two question types
        self.current_question_number = 0
        self.questions = self.generate_questions()
        random.shuffle(self.questions)  # Shuffle questions for randomness

        # Inject custom CSS
        inject_radio_css()

        # Initialize the UI components
        self.init_ui()

    def generate_questions(self):
        questions = []
        for protocol in self.protocols:
            # Type 1: Given Protocol, choose correct Port and Protocol Type
            q1 = {
                'type': 'protocol_to_port',
                'question': f"For the protocol <b>{protocol['full_name']} ({protocol['abbreviation']})</b>, select the correct port number and protocol type.",
                'options': self.generate_options(protocol, 'protocol_to_port'),
                'correct_option': f"{protocol['port']} - {protocol['protocol_type']}"
            }
            questions.append(q1)

            # Type 2: Given Port Number, identify the Protocol
            q2 = {
                'type': 'port_to_protocol',
                'question': f"Given the port number <b>{protocol['port']}</b>, identify the correct protocol.",
                'options': self.generate_options(protocol, 'port_to_protocol'),
                'correct_option': f"{protocol['full_name']} ({protocol['abbreviation']}) - {protocol['protocol_type']}"
            }
            questions.append(q2)
        return questions

    def generate_options(self, correct_protocol, question_type):
        options = []
        if question_type == 'protocol_to_port':
            # Correct option: "port - protocol_type"
            correct_option = f"{correct_protocol['port']} - {correct_protocol['protocol_type']}"
            options.append(correct_option)

            # Generate four incorrect options with randomized protocol types
            while len(options) < 5:
                random_protocol = random.choice(self.protocols)
                if random_protocol == correct_protocol:
                    continue
                # Randomize protocol type for incorrect options
                protocol_type = random.choice(['TCP', 'UDP'])
                incorrect_option = f"{random_protocol['port']} - {protocol_type}"
                if incorrect_option not in options:
                    options.append(incorrect_option)

        elif question_type == 'port_to_protocol':
            # Correct option: "Full Name (Abbreviation) - protocol_type"
            correct_option = f"{correct_protocol['full_name']} ({correct_protocol['abbreviation']}) - {correct_protocol['protocol_type']}"
            options.append(correct_option)

            # Generate four incorrect options with randomized protocol types
            while len(options) < 5:
                random_protocol = random.choice(self.protocols)
                if random_protocol['port'] == correct_protocol['port']:
                    continue  # Avoid duplicate port numbers
                incorrect_full_name = f"{random_protocol['full_name']} ({random_protocol['abbreviation']})"
                protocol_type = random.choice(['TCP', 'UDP'])
                incorrect_option = f"{incorrect_full_name} - {protocol_type}"
                if incorrect_option not in options:
                    options.append(incorrect_option)

        random.shuffle(options)
        return options

    def init_ui(self):
        # Title
        self.title = widgets.HTML(value="<h2>Network Protocols Quiz</h2>")

        # Question Number
        self.question_num = widgets.HTML(value="")

        # Question Text
        self.question_text = widgets.HTML(value="")

        # Options (Radio Buttons) with adjusted layout
        self.options = widgets.RadioButtons(
            options=[],
            description='',
            disabled=False,
            layout=widgets.Layout(width='600px')  # Adjust width as needed
        )

        # Submit Button
        self.submit_button = widgets.Button(
            description='Submit',
            button_style='primary',
            tooltip='Submit your answer',
            disabled=False
        )
        self.submit_button.on_click(self.submit_answer)

        # Feedback
        self.feedback = widgets.HTML(value="")

        # Next Button
        self.next_button = widgets.Button(
            description='Next',
            button_style='success',
            tooltip='Next question',
            disabled=True
        )
        self.next_button.on_click(self.next_question)

        # Score Display
        self.score_display = widgets.HTML(value="")

        # Layout
        self.quiz_box = widgets.VBox([
            self.title,
            self.question_num,
            self.question_text,
            self.options,
            widgets.HBox([self.submit_button, self.next_button]),
            self.feedback,
            self.score_display
        ])

        display(self.quiz_box)

        # Display the first question
        self.display_question()

    def display_question(self):
        if self.current_question_number < len(self.questions):
            current_q = self.questions[self.current_question_number]
            self.question_num.value = f"<b>Question {self.current_question_number + 1}/{self.total_questions}</b>"
            self.question_text.value = current_q['question']
            self.options.options = current_q['options']
            self.options.value = None
            self.feedback.value = ""
            self.submit_button.disabled = False
            self.next_button.disabled = True
        else:
            self.end_quiz()

    def submit_answer(self, b):
        selected = self.options.value
        if selected is None:
            self.feedback.value = "<span style='color: red;'><b>Please select an option before submitting.</b></span>"
            return

        current_q = self.questions[self.current_question_number]
        correct = current_q['correct_option']

        if current_q['type'] == 'protocol_to_port':
            # Compare the selected option string directly
            is_correct = selected == correct
        elif current_q['type'] == 'port_to_protocol':
            # Compare the selected option string directly
            is_correct = selected == correct
        else:
            is_correct = False  # Fallback

        if is_correct:
            self.feedback.value = "<span style='color: green;'><b>Correct!</b></span>"
            self.score += 1
        else:
            # Provide the correct answer
            self.feedback.value = f"<span style='color: red;'><b>Incorrect.</b> The correct answer is <b>{correct}</b>.</span>"

        # Update score display
        self.score_display.value = f"Current Score: {self.score}/{self.current_question_number + 1}"

        # Disable submit button and enable next button
        self.submit_button.disabled = True
        self.next_button.disabled = False

    def next_question(self, b):
        self.current_question_number += 1
        self.display_question()

    def end_quiz(self):
        # Clear the quiz box and display final score with a congratulatory message
        self.quiz_box.children = [
            self.title,
            widgets.HTML(value="<h3>Quiz Completed!</h3>"),
            widgets.HTML(value=f"<p>Your final score is <b>{self.score}/{self.total_questions}</b>.</p>"),
            widgets.HTML(value="<p>Thank you for participating!</p>")
        ]

# Initialize and start the quiz
quiz = ProtocolQuiz(protocols)


VBox(children=(HTML(value='<h2>Network Protocols Quiz</h2>'), HTML(value=''), HTML(value=''), RadioButtons(lay…

## Moving Down the Stack: The Internet Protocol

*As packets journey through the network deep,<br>
Below our protocols, IP does keep<br>
The addresses and routes through which they flow,<br>
Ensuring every packet knows where to go!*

We've explored the colorful cast of application protocols that make the Internet useful - the HTTPs, SMTPs, and DNSs of the networking world. But now it's time to descend a few layers in our networking stack and examine how these higher-level protocols actually get their packets from point A to point B.

Enter the Internet Protocol (IP), the fundamental addressing and routing system that underlies all our previous tales. If our application protocols are like postal workers, merchants, and librarians, then IP is like the very road system they travel upon, complete with addresses, street signs, and routing rules.

So let us leave our application layer protocols to their tasks, and dive deeper into the network layer, where IP reigns supreme and every packet must follow its rules of addressing and routing. Here, we'll find a world of binary math, subnet masks, and routing algorithms - the underlying structure that makes our modern Internet possible.

# The Tale of Core Internet Protocols

*Beneath the realms where web and mail hold sway,<br>
Three guardians guide each packet on its way.<br>
ICMP sends word when troubles brew,<br>
TCP ensures each message gets through,<br>
While UDP, swift as summer wind,<br>
Cares not if packets reach their end!*

Before we meet our core protocols, let us recall our application friends - HTTP, SMTP, DNS, and all the rest. Remember how they each had their special ports and ways of talking? Well, now we'll meet the protocols that help them actually move their messages across the network.

## The Tale of ICMP (Internet Control Message Protocol)

Think of ICMP as the network's town crier and troubleshooter. Unlike our other protocols who carry messages between applications, ICMP's job is to shout about network problems and help test if paths are working.

ICMP's most famous tool is the "ping" - a simple way of asking "Are you there?" and waiting for "Yes, I am!" Here's how it works:
1. Computer A sends an "Echo Request" to Computer B
2. If Computer B is there and working, it sends back an "Echo Reply"
3. Computer A can then say "The round trip took X milliseconds!"

But ICMP does much more than ping. It also delivers these important messages:
- "Sorry, that computer isn't available!" (Destination Unreachable)
- "Your package took too long to deliver!" (Time Exceeded)
- "There's a better way to get there!" (Redirect)

When you use the `traceroute` command (or `tracert` on Windows), you're using ICMP's Time Exceeded messages to discover the path your packets take through the network. Each router along the way sends back a message saying "I handled your packet!"

## The Tale of TCP (Transmission Control Protocol)

Remember how we mentioned TCP in our earlier tales? Now let's see how it actually works. TCP is like a very careful courier service that:
1. Always gets a signature for delivery
2. Numbers each package in a sequence
3. Makes sure packages arrive in the right order
4. Sends replacements for any lost packages

When two computers want to start a TCP conversation, they perform what we call a "three-way handshake":
```
Computer A: "Hello, I'd like to talk!" (SYN)
Computer B: "Hello, I hear you! Let's talk!" (SYN-ACK)
Computer A: "Great, let's begin!" (ACK)
```

TCP keeps track of every piece of data it sends, waiting for confirmation that each piece arrived safely. If something gets lost, TCP sends it again. This is why protocols like HTTP and SMTP use TCP - they can't afford to lose any part of their web pages or emails!

### Graphic: Three Way Handshake

In [16]:
# @title
mm("""
sequenceDiagram
    participant Client as Client (IP: 192.168.1.10)
    participant Server as Server (IP: 10.0.0.1:80)

    note over Client,Server: TCP Three-Way Handshake

    Client->>+Server: SYN (Seq=x)<br/>Flags: SYN=1, ACK=0
    note left of Client: Initial Sequence Number (ISN)<br/>Random number x

    Server->>+Client: SYN-ACK (Seq=y, Ack=x+1)<br/>Flags: SYN=1, ACK=1
    note right of Server: Server's ISN (y)<br/>Acknowledges client's ISN

    Client->>+Server: ACK (Seq=x+1, Ack=y+1)<br/>Flags: SYN=0, ACK=1
    note over Client,Server: Connection Established
""")


## The Tale of UDP (User Datagram Protocol)

UDP is like TCP's carefree cousin who believes "speed over safety!" Instead of carefully tracking each package, UDP just throws the data out onto the network and hopes for the best. No checking for lost packets, no waiting for acknowledgments, no guaranteeing things arrive in order.

This might sound careless, but it's perfect for certain tasks:
- DNS uses UDP because a quick answer is better than no answer
- Video streaming uses UDP because it's better to skip a frame than pause the video
- Online games use UDP because slight glitches are better than lag

The difference between TCP and UDP is like the difference between sending a certified letter (TCP) and shouting to someone across the street (UDP). The certified letter will definitely arrive, but takes longer. The shout is quicker, but they might not hear you!

## When to Use Each Protocol

Our protocol friends each shine in different situations:

**Use ICMP when:**
- You need to test if a computer is reachable (ping)
- You want to trace the path to a destination (traceroute)
- You need to report network problems

**Use TCP when:**
- Every piece of data must arrive correctly
- Order matters
- You're using HTTP, SMTP, SSH, or other protocols that can't afford to lose data

**Use UDP when:**
- Speed is more important than perfect delivery
- You're streaming media
- You're gaming
- You're making quick queries like DNS lookups

In our next tale, we'll see how these protocols work with different types of network traffic - from one-to-one conversations to messages meant for everyone!

# The Tale of Tunnels and Guards

*Through secret paths our packets safely go,<br>
While IPSec guards them high and low.<br>
GRE builds tunnels swift and true,<br>
As private data passes safely through!*

Having met our core protocols (ICMP, TCP, and UDP), let us now explore how packets can travel secretly and safely across the dangerous open Internet. Just as medieval merchants needed safe passage through foreign lands, our modern data needs protected paths across the public network.

Think of **GRE (Generic Routing Encapsulation)** as a master tunnel builder. When two networks need to talk across the Internet while pretending they're directly connected, GRE creates a virtual tunnel between them. It's like building a secret underground passage between two castles, allowing messages to pass unseen through intervening lands.

The process of GRE tunneling follows these essential steps:
1. Take the original packet
2. Wrap it in a new packet (like putting a letter in a new envelope)
3. Send it through the tunnel to the other end
4. Unwrap it at the destination

This simple but effective tunneling makes GRE perfect for connecting private networks across the Internet, but it has one significant limitation - it doesn't protect the traffic. For that, we need IPSec.

**IPSec (Internet Protocol Security)** combines the roles of master guard and master spy, protecting messages while verifying their authenticity. It offers two main security components:

| Component | Function |
|-----------|-----------|
| Authentication Header (AH) | Data integrity and origin authentication |
| Encapsulating Security Payload (ESP) | Encryption and optional authentication |

IPSec uses **Internet Key Exchange (IKE)** to establish and maintain security associations between hosts. These security relationships determine how the traffic will be protected. For the actual protection of data, IPSec can operate in one of two modes:

| Mode | Protection |
|------|------------|
| Transport Mode | Protects payload only |
| Tunnel Mode | Protects entire original packet |

When GRE and IPSec work together, they create secure pathways across the Internet. The wise administrator needs to know these key principles:
1. Configure GRE for basic tunneling
2. Apply IPSec for security
3. Maintain proper key management
4. Monitor tunnel health

And so our packets journey through their protected tunnels, wrapped in layers of security, guarded by protocols that ensure their safe passage through the wild lands of the public Internet.

## The Tale of Traffic Types

*Some messages fly to just one friend alone,<br>
While others seek all friends that can be known.<br>
Some find the nearest helper on their way,<br>
While broadcast calls to all who'd hear them say!*

In our network realm, messages can travel in different ways, much like medieval communications might have worked. Just as a kingdom might use personal messengers, town criers, or selective gatherings to spread information, our networks have various methods of delivering packets to their destinations.

### Unicast: The Personal Message

Unicast is like sending a personal letter to a single recipient. When you send a unicast message, it travels directly from one specific sender to one specific destination along a chosen path. This is how most of our familiar protocols communicate - HTTP sends web pages to specific browsers, SMTP delivers email to specific mail servers, and SSH connects to specific remote computers.

Imagine ordering from your favorite online store. When you browse their website, your computer has a private unicast conversation with their web server: your computer politely requests each page, and the server responds directly to you, like a shopkeeper giving personal attention to each customer.

### Broadcast: The Town Crier

Remember our friend DHCP from earlier tales? When it needs to find a DHCP server, it uses broadcast - the digital equivalent of a town crier shouting in the town square. The new computer calls out "Is there a DHCP server here?" and every device in the local network hears the call. However, only the DHCP server responds, much like only the relevant official would respond to a town crier's announcement.

Broadcast comes with three important rules that every network designer must know:
- Messages only work within local networks
- Routers typically block broadcasts to prevent network flooding
- Use broadcasts sparingly to avoid overwhelming the network

### Multicast and Anycast: The Selective Messengers

Multicast serves as a middle ground between personal messages and public announcements. Think of it as sending an invitation to a specific group - only members receive the message, but it's more efficient than sending individual copies. This makes multicast perfect for streaming video, online gaming, and team communications.

Anycast, meanwhile, works more like a chain of stores - customers don't care which specific branch they visit, they just want the nearest one that can help. The DNS system cleverly uses this approach with its root servers. While we speak of "13 root servers," each one actually represents hundreds of computers worldwide, and your requests automatically go to the nearest one.

### Choosing the Right Approach

Here's how these different traffic types compare:

| Traffic Type | Delivery Pattern | Typical Uses | Key Advantage |
|-------------|------------------|--------------|---------------|
| Unicast | One-to-One | Web browsing, Email | Reliable, direct communication |
| Broadcast | One-to-All (Local) | Network discovery | Reaches all local devices |
| Multicast | One-to-Many | Streaming media, Gaming | Efficient group delivery |
| Anycast | One-to-Nearest | DNS, CDNs | Automatic load distribution |

The wise network designer chooses their traffic type carefully based on their specific needs. Most everyday communication uses unicast, but when you need to reach groups efficiently or distribute load across multiple servers, the other types become invaluable tools in your networking toolbox.

And so our packets travel through the network realm, each finding its own best path to its destination. Whether through private conversations, public announcements, group messages, or nearest-neighbor delivery, every packet eventually finds its way home.

## The Grand Conclusion: How It All Comes Together

*From cables deep to applications high,<br>
Through layers seven, packets swift do fly.<br>
Each protocol and piece plays its part,<br>
To make our networks run like written art!*

As our tales of protocols draw to a close, let's see how all these pieces work together in a real network. Imagine you're sitting at your computer, about to visit a website. Here's how our entire cast of characters springs into action:

### The Journey of a Web Request

1. **First, Getting Connected** (Physical & Data Link Layers)
   - Your computer connects to the network through a cable or Wi-Fi
   - The network card talks to the switch using Ethernet
   - If you're on Wi-Fi, the access point bridges you to the network

2. **Finding Your Way** (Network Layer)
   - DHCP has already given you an IP address
   - Your computer checks its TCP/IP settings for the default gateway
   - IP prepares to route your packets through the network

3. **Looking Up the Website** (Application & Network Layers)
   - DNS springs into action to find the website's IP address
   - Your computer sends a UDP query to the DNS server
   - DNS responds with the IP address you need

4. **Making the Connection** (Transport Layer)
   - TCP creates a reliable connection to the web server
   - The famous three-way handshake takes place
   - A secure channel is established using HTTPS

5. **Getting the Web Page** (Application Layer)
   - HTTP sends your request for the page
   - The web server responds with the content
   - Your browser displays the page

### How the Protocols Work Together

Remember our protocol families:

**The Core Protocols:**
- IP routes everything through the network
- TCP ensures reliable delivery
- UDP provides fast, simple transmission
- ICMP reports on network health

**The Security Guards:**
- IPSec protects sensitive traffic
- HTTPS encrypts web traffic
- SSH secures remote access
- SFTP handles secure file transfers

**The Service Providers:**
- DNS translates names to addresses
- DHCP configures new devices
- SMTP/IMAP/POP3 handle email
- FTP/SFTP move files around

### How It Maps to Network Equipment

All these protocols run on real network devices:

**Switches** (Layer 2):
- Handle the physical movement of frames
- Create local networks
- Don't usually care about IP addresses

**Routers** (Layer 3):
- Use IP to move packets between networks
- Run routing protocols
- Connect different networks together

**Firewalls** (Multiple Layers):
- Control which protocols can pass
- Protect networks from attacks
- Often handle IPSec tunnels

**Servers** (Application Layer):
- Run services like DNS, DHCP, email
- Respond to client requests
- Host websites and applications

### The Big Picture

Think of our network as a city:
- The physical network is like the streets and buildings
- Protocols are like the rules of the road
- IP addresses are like street addresses
- DNS is like a phone book
- Routers are like intersections
- Firewalls are like security checkpoints
- Servers are like businesses providing services

Each protocol:
- Has its specific job
- Works at a particular layer
- Cooperates with other protocols
- Follows standard rules
- Helps make the network useful

### Why It Matters

Understanding these protocols helps you:
- Troubleshoot network problems
- Design better networks
- Keep networks secure
- Choose the right protocol for each task
- Understand how the Internet works

Remember that every network interaction, from loading a web page to sending an email, involves many of these protocols working together. Each plays its part in the grand dance of network communication, from the lowest physical signals to the highest application data.

*And so our packets journey ever on,<br>
Through protocol layers till their task is done.<br>
Each piece and part in harmony must play,<br>
To keep our digital world running day by day!*

## Review With Quizlet


In [6]:
%%html
<iframe src="https://quizlet.com/988785878/learn/embed?i=psvlh&x=1jj1" height="600" width="100%" style="border:0"></iframe>

## Glossary

| Term | Definition |
| --- | --- |
| Port | A numerical identifier distinguishing specific processes or services on a device, commonly associated with network protocols (e.g., 80 for HyperText Transfer Protocol, 443 for HyperText Transfer Protocol Secure) operating over TCP or UDP. |
| Protocol | A set of rules and conventions for communication between devices in a network, defining data formats, transmission methods, and error handling (e.g., HyperText Transfer Protocol, File Transfer Protocol, Domain Name System). |
| Transmission Control Protocol (TCP) | A connection-oriented method ensuring reliable data transmission across networks, utilizing acknowledgments, error checking, and retransmissions. |
| TCP Handshake | A three-step process (SYN, SYN-ACK, ACK) used to establish a connection between a client and server, ensuring reliable data exchange. |
| User Datagram Protocol (UDP) | A connectionless method that enables fast but less reliable data transmission, often used for streaming and gaming due to its lack of error correction and acknowledgment. |
| Secure Shell (SSH) | A protocol enabling secure remote access and file transfers, using encryption to protect communications. Operates on TCP port 22. |
| Transport Layer Security (TLS) | A cryptographic protocol providing secure communication over a network, commonly used for web traffic encryption. Often layered with other protocols like HyperText Transfer Protocol Secure. |
| Telecommunication Network (Telnet) | A protocol used for remote command-line access to devices, typically unencrypted, making it less secure. Operates on TCP port 23. |
| Domain Name System (DNS) | A system translating human-readable domain names into IP addresses, essential for locating devices on a network. Typically operates on UDP port 53. |
| Dynamic Host Configuration Protocol (DHCP) | A protocol for dynamically assigning IP addresses to devices on a network, ensuring efficient address allocation. Operates on UDP ports 67 (server) and 68 (client). |
| Lightweight Directory Access Protocol (LDAP) | A protocol for accessing and managing directory information, often used in authentication systems. Operates on TCP/UDP port 389. |
| Lightweight Directory Access Protocol Secure (LDAPS) | A secure version of Lightweight Directory Access Protocol using Transport Layer Security or Secure Sockets Layer for encrypted communication. Operates on TCP port 636. |
| File Transfer Protocol (FTP) | A protocol for transferring files between a client and a server, typically operating on TCP ports 20 and 21. |
| Secure File Transfer Protocol (SFTP) | A secure method for file transfer using Secure Shell encryption, operating on TCP port 22. |
| Trivial File Transfer Protocol (TFTP) | A simplified, connectionless method for file transfer, often used for network booting and firmware updates. Operates on UDP port 69. |
| HyperText Transfer Protocol (HTTP) | A protocol for transmitting hypertext and other resources over the web, typically operating on TCP port 80. |
| HyperText Transfer Protocol Secure (HTTPS) | A secure version of HyperText Transfer Protocol using Transport Layer Security or Secure Sockets Layer to encrypt communication, typically operating on TCP port 443. |
| Simple Mail Transfer Protocol (SMTP) | A protocol for sending email messages, typically operating on TCP port 25 or 587. |
| Secure Simple Mail Transfer Protocol (SMTPS) | A secure version of Simple Mail Transfer Protocol using Transport Layer Security or Secure Sockets Layer for encrypted email transmission, operating on TCP port 465. |
| Post Office Protocol version 3 (POP3) | A protocol for retrieving email from a server, typically downloading messages to a client. Operates on TCP port 110 (unencrypted) and 995 (encrypted). |
| Internet Message Access Protocol (IMAP) | A protocol for accessing email messages stored on a server, allowing synchronization across multiple devices. Operates on TCP port 143 (unencrypted) and 993 (encrypted). |
| Simple Network Management Protocol (SNMP) | A protocol used for monitoring and managing devices on a network, such as routers and switches. Operates on UDP ports 161 (agent) and 162 (trap messages). |
| System Logging Protocol (Syslog) | A protocol for transmitting log messages from devices to a central logging server. Commonly operates over UDP port 514. |
| Server Message Block (SMB) | A protocol for sharing files, printers, and other resources between devices on a network. Operates on TCP port 445. |
| Session Initiation Protocol (SIP) | A protocol used for initiating, maintaining, and terminating multimedia communication sessions such as VoIP calls. Typically operates on TCP/UDP ports 5060 and 5061. |
| Remote Desktop Protocol (RDP) | A protocol enabling remote access to a graphical user interface on a Windows machine. Operates on TCP port 3389. |
| Domain Name System (DNS) | A system translating human-readable domain names into IP addresses, essential for locating devices on a network. Typically operates on UDP port 53. |
| SQL Server Protocol | A protocol for communicating with Microsoft SQL Server databases, typically using TCP port 1433. |
| Root Server (DNS) | A foundational DNS server that provides information about top-level domain (TLD) servers, enabling domain name resolution to begin. |
| Top-Level Domain (TLD) Server (DNS) | A DNS server responsible for handling requests related to specific top-level domains, such as `.com` or `.org`. |
| Authoritative Server (DNS) | A DNS server that holds the definitive records for a domain, providing accurate answers for queries about that domain. |
| Domain Name System Security Extensions (DNSSEC) | A suite of security measures that add authentication to DNS, ensuring integrity and preventing spoofing. |
| Generic Routing Encapsulation (GRE) | A tunneling protocol that encapsulates packets for transmission over another protocol, often used for creating VPNs. |
| Internet Protocol Security (IPSec) | A suite of protocols for securing IP communications, providing encryption, integrity, and authentication. Operates on protocols 50 (ESP) and 51 (AH). |
| Authentication Header (AH) | A component of Internet Protocol Security providing data integrity, authentication, and anti-replay protection without encryption. |
| Encapsulating Security Payload (ESP) | A component of Internet Protocol Security providing encryption, data integrity, authentication, and anti-replay protection. |
| Internet Control Message Protocol (ICMP) | A protocol used for sending diagnostic and error messages in networks, such as ping and traceroute. Operates directly over IP, without a port number. |
| Unicast | A communication method where data is sent from a single source to a single destination. |
| Broadcast | A communication method where data is sent from a single source to all devices on a network. |
| Multicast | A communication method where data is sent from a single source to multiple specified destinations within a group. |
| Anycast | A communication method where data is sent from a single source to the nearest or best recipient in a group of potential destinations. |
