UNIT 4

1. ARQ Techniques (Automatic Repeat reQuest)

ARQ techniques are error-control mechanisms used in communication protocols to ensure

reliable data transmission. They include the following:

a. Stop-and-Wait ARQ

● Concept: The sender transmits one frame at a time and waits for an
acknowledgment (ACK) before sending the next frame. If no ACK is received within a
timeout period, the frame is retransmitted.
● Advantages: Simple to implement.
● Disadvantages: Low efficiency for long-distance or high-speed links.

Diagram:
Sender: Frame 1 ---> Receiver
ACK 1 <--- Receiver

b. Go-Back-N ARQ

● Concept: The sender transmits multiple frames but can only send up to N
unacknowledged frames. If an error is detected, all subsequent frames are
retransmitted starting from the erroneous one.
● Advantages: Improves efficiency over Stop-and-Wait.
● Disadvantages: Higher bandwidth wastage in retransmissions.

Diagram:
Sender: Frame 1, Frame 2, Frame 3 ---> Receiver
 ACK 1 <--- Receiver

c. Selective Repeat ARQ

● Concept: The sender retransmits only the frames that were received incorrectly or
not at all, based on negative acknowledgments (NAKs).
● Advantages: Reduces unnecessary retransmissions.
● Disadvantages: More complex to implement.

Diagram:
Sender: Frame 1, Frame 2 ---> Receiver
NAK 2 <--- Receiver
Frame 2 ---> Receiver

2. Associate Classifications of ARQ Techniques

ARQ techniques can be classified based on error recovery and data acknowledgment.

Error Recovery Classification

● Stop-and-Wait: Error recovery involves retransmitting the single frame in error.

● Go-Back-N: Error recovery involves retransmitting all frames starting from the first
erroneous frame.
● Selective Repeat: Error recovery involves retransmitting only erroneous frames.

Data Acknowledgment Classification

● Cumulative ACK: Acknowledges all frames up to a certain point.

● Selective ACK: Acknowledges specific frames, supporting more efficient
retransmission.

Example Use Case:

● Stop-and-Wait ARQ is used in simple, low-latency communication systems.

● Go-Back-N and Selective Repeat ARQ are used in high-latency or high-bandwidth
environments, like satellite communications.

Diagram (Comparison Table Example):

ARQ Technique Frames Sent Retransmission Complexit

Simultaneously Approach y

Stop-and-Wait ARQ 1 All frames after timeout Simple

Go-Back-N ARQ N From first erroneous Moderate
frame

Selective Repeat N Only erroneous frames Complex

ARQ

3. UDP Protocol (User Datagram Protocol)

Header Format

● Fields:
1. Source Port (16 bits)
2. Destination Port (16 bits)
3. Length (16 bits)
4. Checksum (16 bits)

Connection Setup and Termination

● UDP is connectionless. No setup or termination is required. Each datagram is

independent.

Applications

● Real-time applications like video streaming, VoIP, and DNS.

4. TCP Protocol (Transmission Control Protocol)

Header Format

● Fields:
1. Source Port, Destination Port (16 bits each)
2. Sequence Number (32 bits)
3. Acknowledgment Number (32 bits)
4. Header Length (4 bits)
5. Flags (e.g., SYN, ACK, FIN) (6 bits)
6. Window Size, Checksum, Urgent Pointer

Connection Setup (Three-Way Handshake)

1. SYN: Client sends SYN to initiate the connection.

2. SYN-ACK: Server responds with SYN-ACK.
3. ACK: Client acknowledges, establishing the connection.

Connection Termination

1. FIN: One side sends a FIN flag.

2. ACK: The other side acknowledges.
3. Both sides exchange FIN and ACK to complete termination.
Applications

● Reliable communication such as web browsing (HTTP/HTTPS), email (SMTP/IMAP),

and file transfers (FTP).

5. Distinction Between UDP and TCP Protocols

Feature TCP UDP

Connection Type Connection-oriented Connectionless

Reliability Reliable Unreliable

Speed Slower (due to Faster

overhead)

Use Cases HTTP, FTP, SMTP VoIP, DNS, Streaming

Header Size Larger (20-60 bytes) Smaller (8 bytes)

6. Here’s a comparison of UDP and TCP protocols based on the specified parameters:

Parameter TCP UDP

Type of Service Connection-oriented Connectionless

Reliability Reliable; ensures data delivery Unreliable; no guarantee of

through acknowledgment and delivery.
retransmission.

Error Checking Error detection via checksum and Error detection via
error recovery mechanisms. checksum only. No recovery.

Acknowledgment Yes, acknowledgment is mandatory No acknowledgment is

Required for data transfer. required.
Sequence Maintains sequence using sequence No sequence maintained.
numbers. Data can arrive out of order.

Speed Slower due to reliability overhead. Faster due to minimal

overhead.

Retransmission Retransmits lost or corrupted data. No retransmission

mechanism.

Length of Header Larger (20-60 bytes). Smaller (8 bytes).

Weight Heavier due to additional features Lighter because of its

like sequencing, acknowledgment, simplicity.
and retransmission.

Handshaking Requires a three-way handshake for No handshake; direct data

Techniques connection setup. transmission.

Broadcasting Broadcasting not supported. Supports broadcasting and

Techniques multicasting.

Protocols Used by HTTP, FTP, SMTP, IMAP, Used by DNS, DHCP, VoIP,
etc. video streaming, etc.

Stream Type Stream-based (continuous data Message-based (datagram).

stream).

Overhead High due to extensive error control Low due to lack of

and handshaking. connection setup and
control mechanisms.
Key Notes:

● TCP is preferred where data accuracy and reliability are critical, such as web
browsing, email, and file transfers.
● UDP is preferred for real-time applications requiring low latency, like video streaming,
online gaming, and DNS lookups.

Let me know if you’d like additional clarifications or examples!

7. What is the three-way handshaking method for Connection establishment and Connection
termination in TCP.

The three-way handshake is a method used in TCP (Transmission Control Protocol) to

establish a reliable connection between a client and a server. It ensures that both parties are
ready for communication and can successfully exchange data. Similarly, connection
termination involves a sequence of steps to properly close the connection.

Connection Establishment: Three-Way Handshake

1. Step 1: SYN (Synchronize)

○ The client sends a SYN (synchronize) packet to the server to request a

connection.
 ○ The SYN packet includes a sequence number, Seq = x, to initiate
synchronization.

Diagram:

Client: SYN, Seq = x ---> Server

2.
3. Step 2: SYN-ACK (Synchronize and Acknowledge)

○ The server responds with a SYN-ACK packet.

○ The SYN-ACK packet contains:
■ Ack = x + 1 (acknowledging the client's SYN).
■ Its own sequence number, Seq = y.

Diagram:

Client <--- SYN-ACK, Seq = y, Ack = x + 1 Server

4.
5. Step 3: ACK (Acknowledge)

○ The client acknowledges the server's SYN-ACK by sending an ACK packet.

○ The ACK packet contains:
■ Ack = y + 1 (acknowledging the server's sequence number).
○ At this point, the connection is established.

Diagram:

Client: ACK, Ack = y + 1 ---> Server

6.

Connection Termination

TCP uses a four-step process to terminate a connection, as both sides need to agree to
close the connection.

1. Step 1: FIN (Finish)

○ One side (client or server) initiates termination by sending a FIN packet,

indicating no more data will be sent.

Diagram:

Client: FIN, Seq = u ---> Server

 2.
3. Step 2: ACK (Acknowledge)

○ The receiving side acknowledges the FIN by sending an ACK packet.

Diagram:

Client <--- ACK, Ack = u + 1 Server

4.
5. Step 3: FIN (Finish)

○ The receiving side sends its own FIN packet to indicate it has finished
transmitting data.

Diagram:

Client <--- FIN, Seq = v Server

6.
7. Step 4: ACK (Acknowledge)

○ The original sender acknowledges the FIN by sending an ACK packet.

○ At this point, the connection is fully terminated.

Diagram:

Client: ACK, Ack = v + 1 ---> Server

8.

Summary of Key Points:

● Connection Establishment: SYN → SYN-ACK → ACK.

● Connection Termination: FIN → ACK → FIN → ACK.
● The handshake ensures reliable setup and teardown of the connection, preventing
data loss or miscommunication.
8. What is the concept of security in the Internet through Firewalls.

The concept of security on the Internet through firewalls revolves around creating a
barrier between trusted internal networks (e.g., corporate or home networks) and untrusted
external networks (e.g., the Internet). Firewalls enforce security policies by monitoring,
filtering, and controlling incoming and outgoing traffic based on predefined rules.

Key Concepts of Firewalls in Internet Security

1. What is a Firewall?

A firewall is a network security device (hardware or software) designed to protect systems by

filtering traffic, preventing unauthorized access, and mitigating threats like malware, hacking,
and phishing.

2. How Firewalls Work

● Packet Filtering: Inspects packets (data units) based on rules like

source/destination IP, ports, or protocols, allowing or blocking them accordingly.
● Stateful Inspection: Tracks the state of active connections and makes decisions
based on the context of the traffic.
● Proxy Functionality: Acts as an intermediary between clients and servers,
analyzing requests before forwarding them.
● Deep Packet Inspection (DPI): Examines the contents of packets to detect
malicious patterns, ensuring stricter security.
Functions of Firewalls in Internet Security

a. Access Control

● Restricts access to resources based on IP addresses, protocols, or ports.

● Allows only legitimate traffic while blocking harmful traffic.

b. Traffic Monitoring and Logging

● Logs traffic details to help detect and analyze suspicious activities.

c. Protection Against Cyberattacks

● Prevents DDoS attacks, unauthorized access, malware injection, and other

network threats.

d. Segmentation

● Separates networks into zones with varying security levels, such as:
○ DMZ (Demilitarized Zone): A zone for public-facing services (e.g., web
servers).
○ Internal trusted networks for sensitive data.

Types of Firewalls

1. Packet-Filtering Firewalls

● Operate at the network layer.

● Use access control lists (ACLs) to allow or block traffic.
● Efficient but lacks deep inspection capabilities.

2. Stateful Inspection Firewalls

● Operate at the transport layer.

● Maintain state tables to track active connections.

3. Proxy Firewalls

● Operate at the application layer.

● Provide in-depth traffic analysis for specific protocols (e.g., HTTP, FTP).

4. Next-Generation Firewalls (NGFWs)

● Combine traditional firewalls with advanced features like DPI, intrusion

detection/prevention systems (IDS/IPS), and application-layer filtering.
Advantages of Firewalls

1. Enhanced Security: Blocks unauthorized access and protects sensitive data.

2. Customizability: Allows defining specific rules for different traffic types.
3. Threat Mitigation: Detects and prevents malware and intrusion attempts.
4. Network Monitoring: Provides visibility into network activities.

Limitations of Firewalls

1. Limited Scope: Cannot prevent attacks from internal threats or improperly

configured systems.
2. False Positives/Negatives: Overly strict rules might block legitimate traffic or allow
malicious traffic.
3. Performance Impact: High-level inspections can reduce network speed.

Applications of Firewalls in Internet Security

● Corporate Environments: Protect organizational data and systems from external

attacks.
● Home Networks: Secure personal devices and IoT systems.
● Cloud Computing: Secure virtual environments by integrating cloud firewalls.
● E-Commerce Sites: Safeguard transaction data and user information.

Conclusion

Firewalls are a cornerstone of Internet security. They enforce security policies, monitor
traffic, and provide a first line of defense against external threats. However, they work best
when combined with other security measures, such as encryption, antivirus software, and
intrusion detection systems.

9. Describe the Email along with various Scenario and architecture.

10. How congestion is controlled in the Transport Layer.

9. Email: Scenarios and Architecture

What is Email?

Email (Electronic Mail) is a method of exchanging digital messages over the Internet or a
network. It enables communication between users, typically through email servers and
clients.
Scenarios for Using Email

1. Personal Communication: Sending messages, sharing files, or updates among

family and friends.
2. Professional Communication: Collaboration in organizations, sharing project
updates, or sending official documents.
3. Marketing and Promotions: Businesses use emails to promote products,
newsletters, or offers.
4. Transactional Updates: Notifications like account creation, order confirmation, or
payment receipts.
5. Alerts and Reminders: System-generated alerts for tasks, deadlines, or security
updates.

Email Architecture

Email architecture consists of three main components: User Agent (UA), Message Transfer
Agent (MTA), and Message Delivery Agent (MDA).

1. User Agent (UA):

○The application (e.g., Gmail, Outlook) that allows users to compose, send,
and read emails.
2. Message Transfer Agent (MTA):

○Responsible for transferring emails between servers using protocols like

SMTP (Simple Mail Transfer Protocol).
3. Message Delivery Agent (MDA):

○ Delivers emails to the recipient's inbox using protocols like IMAP (Internet
Message Access Protocol) or POP3 (Post Office Protocol).

Email Flow and Protocols

1. Email Composition:

○ The sender composes the email using a UA (e.g., Gmail, Thunderbird).

2. Email Sending (SMTP):

○ The UA sends the email to an SMTP server (MTA), which routes the message
to the recipient's server.
3. Email Storage (MDA):

○ The recipient’s MDA stores the email for retrieval.

 4. Email Retrieval (IMAP/POP3):

○ The recipient retrieves the email using an email client (UA) and protocols like
IMAP or POP3.

Diagram of Email Architecture

Sender UA ---> SMTP Server (MTA) ---> Internet ---> Receiver MTA ---> Receiver MDA --->
Receiver UA

10. Congestion Control in the Transport Layer

What is Congestion Control?

Congestion control is the process of managing network traffic to prevent congestion, where
excessive traffic leads to degraded performance and packet loss.

Congestion Control Mechanisms in the Transport Layer

Transport layer protocols like TCP implement congestion control to ensure efficient data flow.

1. Slow Start:

○
Begins with a low transmission rate and gradually increases the rate
(exponential growth) to avoid overloading the network.
2. Congestion Avoidance:

○When congestion is detected (e.g., through packet loss), the rate of data
transmission is reduced to avoid further congestion.
○ Uses techniques like Additive Increase/Multiplicative Decrease (AIMD):
■ Additive Increase: Gradually increases the congestion window size.
■ Multiplicative Decrease: Reduces the window size upon packet loss.
3. Fast Retransmit:

○If three duplicate ACKs are received, the sender assumes a packet is lost and
retransmits it immediately without waiting for a timeout.
4. Fast Recovery:

○ After a packet is retransmitted, the congestion window is reduced but not

reset to its initial value. It then gradually grows.
5. Explicit Congestion Notification (ECN):

○ Routers mark packets with a congestion signal instead of dropping them. The
sender reduces the transmission rate upon receiving such a signal.
 6. Leaky Bucket Algorithm:

○
Limits the data flow rate to ensure traffic is smooth, regardless of the
burstiness of incoming data.
7. Token Bucket Algorithm:

○ Allows bursts of data but ensures that the long-term transmission rate does
not exceed a specified limit.

Challenges in Congestion Control

● High Bandwidth-Delay Product Networks: Managing congestion in networks with

large delays or bandwidth.
● Fairness: Ensuring all users get equitable network access.
● Dynamic Traffic Patterns: Adapting to varying traffic loads efficiently.

Conclusion

Congestion control in the transport layer ensures efficient and reliable data delivery,
minimizes packet loss, and optimizes network performance. TCP's mechanisms, such as
slow start, congestion avoidance, and fast retransmit, are widely used to handle congestion
effectively.

—------------------------------------------------------------------------------------------------------------------------
11. What are the Congestion Control Techniques. Describe the following Congestion Control
Techniques along with causes and effects: (a) Open-loop Congestion Control Technique (b)
Close-loop congestion control technique 12. Illustrate the various Congestion Control
Techniques along with causes and effects.

11. Congestion Control Techniques

Congestion control techniques are strategies used to manage network congestion to ensure
efficient and reliable data transfer. They can be broadly categorized into open-loop
congestion control and closed-loop congestion control.

(a) Open-loop Congestion Control Technique

● Definition:
Open-loop congestion control attempts to prevent congestion from occurring by
managing traffic during the network design or configuration phase. It does not rely on
feedback from the network.
 ● Techniques:

○ Traffic Shaping:
■ Techniques like Leaky Bucket or Token Bucket ensure traffic flows at
a regulated rate, preventing sudden bursts.
○ Admission Control:
■ Limits the number of flows entering the network, ensuring no more
traffic is admitted than the network can handle.
○ Resource Reservation:
■ Allocates fixed resources for specific flows to guarantee performance,
e.g., reserving bandwidth.
● Causes of Congestion:

○ Sudden traffic surges.

○ Overloaded routers.
○ Inefficient traffic management at entry points.
● Effects of Congestion:

○ Packet delays.
○ Increased packet loss.
○ Degraded network throughput.

(b) Closed-loop Congestion Control Technique

● Definition:
Closed-loop congestion control detects congestion after it occurs and responds
dynamically to reduce or mitigate its effects. It relies on feedback from the network.

● Techniques:

○ Backpressure:
■ Intermediate nodes signal upstream nodes to slow down data
transmission when congestion is detected.
○ Choke Packets:
■ Special packets are sent from congested nodes to the source,
instructing it to reduce the transmission rate.
○ Implicit Signaling:
■ Congestion is inferred by observing packet loss, delays, or
retransmission requests.
○ Explicit Signaling:
■ Network elements mark packets explicitly to indicate congestion, e.g.,
using ECN (Explicit Congestion Notification).
● Causes of Congestion:

○ High traffic volume.

○ Network bottlenecks.
 ○ Insufficient buffer space in routers.
● Effects of Congestion:

○ Wasted bandwidth due to retransmissions.

○ Increased latency.
○ Reduced quality of service.

12. Congestion Control Techniques: Causes and Effects

Here are common congestion control techniques with their causes and effects:

1. Leaky Bucket Algorithm (Open-Loop)

● Mechanism:
Smoothens traffic by releasing packets at a constant rate, regardless of bursts.
● Causes Addressed:
Traffic bursts overwhelming the network.
● Effects:
○ Prevents congestion by regulating packet flow.
○ Potential delay for bursty data.

2. Token Bucket Algorithm (Open-Loop)

● Mechanism:
Allows traffic bursts up to a limit by storing tokens; packets can be transmitted only if
tokens are available.
● Causes Addressed:
Bursty traffic requiring some flexibility.
● Effects:
○ Supports bursty traffic while preventing sustained congestion.

3. Slow Start (Closed-Loop)

● Mechanism:
Gradually increases the transmission rate until congestion signals are detected.
● Causes Addressed:
Sudden traffic surges.
● Effects:
○ Prevents overshooting network capacity.
○ Slower initial data transfer.

4. Congestion Avoidance (Closed-Loop)

● Mechanism:
Increases the transmission window size linearly and decreases it multiplicatively
upon detecting congestion.
 ● Causes Addressed:
Gradual buildup of traffic.
● Effects:
○ Ensures stable network throughput.
○ Avoids drastic performance drops.

5. Explicit Congestion Notification (ECN) (Closed-Loop)

● Mechanism:
Routers mark packets to indicate congestion instead of dropping them.
● Causes Addressed:
Packet loss due to congestion.
● Effects:
○ Reduces retransmission overhead.
○ Improves throughput.

6. Backpressure (Closed-Loop)

● Mechanism:
Routers signal upstream nodes to stop sending packets when their buffer is full.
● Causes Addressed:
Bottlenecks due to overloaded routers.
● Effects:
○ Reduces packet loss.
○ Causes temporary delays.

Causes of Congestion

1. High traffic volume exceeding network capacity.

2. Sudden bursts of data.
3. Insufficient bandwidth or buffer space.
4. Poor traffic management or routing.

Effects of Congestion

1. Delay: Longer time for packets to reach their destination.

2. Packet Loss: Packets are dropped when buffers overflow.
3. Throughput Reduction: Effective data transfer rate decreases.
4. Increased Costs: Higher retransmission rates waste bandwidth.

Conclusion
Open-loop congestion control focuses on preventing congestion through pre-emptive
techniques like traffic shaping, while closed-loop techniques aim to mitigate congestion
dynamically through feedback mechanisms. A combination of both ensures efficient and
reliable network performance.

Here’s a detailed explanation of the requested protocols with architecture/scenarios,

diagrams, and examples:

11.

a. Email Protocols

Key Protocols

1. SMTP (Simple Mail Transfer Protocol):

○ Used for sending emails from the sender to the mail server or between mail
servers.
2. POP3 (Post Office Protocol v3):
○ Used for retrieving emails from a server to a local client. Emails are
downloaded and removed from the server.
3. IMAP (Internet Message Access Protocol):
○ Enables accessing and managing emails on a remote server without
downloading them.

Architecture
Sender UA -> SMTP Server -> Internet -> Recipient SMTP Server -> POP3/IMAP ->
Recipient UA

Scenario:

● User sends an email via Gmail (UA) using SMTP.

● The recipient retrieves it using IMAP or POP3.

Example:

● Gmail: Uses IMAP/SMTP.

b. Firewalls

Definition:

A firewall monitors and controls incoming/outgoing network traffic based on security policies.
Types:

1. Packet-Filtering Firewalls: Examine packets and allow/block based on rules.

2. Stateful Inspection Firewalls: Track the state of active connections.
3. Proxy Firewalls: Acts as an intermediary between clients and servers.

Architecture:
User -> Firewall -> Network/Internet

Scenario:

● A corporate firewall blocks unauthorized access to internal resources.

Example:

● Cisco ASA firewall.

c. HTTP (HyperText Transfer Protocol)

Definition:

HTTP is a protocol used for communication between web browsers and servers.

Architecture:
Client (Browser) -> HTTP Request -> Web Server -> HTTP Response -> Client

Scenario:

● A user enters www.example.com in their browser. The browser sends an HTTP

GET request to retrieve the page content.

Example:

● Browsing a website like Wikipedia.

d. FTP (File Transfer Protocol)

Definition:

FTP is used for transferring files between a client and a server.

Modes:

1. Active Mode: The client opens a port and waits for the server to connect.
 2. Passive Mode: The server opens a port for the client to connect.

Architecture:
Client -> Control Connection -> FTP Server -> Data Connection -> Client

Scenario:

● A developer uploads files to a web server using an FTP client like FileZilla.

Example:

● File upload/download between a PC and a remote server.

e. DNS (Domain Name System)

Definition:

DNS translates domain names (e.g., www.example.com) into IP addresses (e.g.,

192.168.1.1).

Architecture:
Client -> DNS Resolver -> Root Server -> TLD Server -> Authoritative Server -> IP Address

Scenario:

● A user types www.example.com. DNS translates it to its IP address so the browser

can retrieve the webpage.

Example:

● Google Public DNS (8.8.8.8).

f. Telnet

Definition:

Telnet is a protocol used for remote command-line interface access over a network.

Architecture:
Client -> Telnet Request -> Server -> Command Execution -> Response -> Client

Scenario:
 ● A network administrator accesses a remote router to configure settings.

Example:

● Using Telnet to troubleshoot a network device.

Diagram Summary

● Each protocol can be represented using sequence diagrams showcasing their flow:
○ Email: Sender to SMTP Server to Recipient via IMAP/POP3.
○ Firewalls: Network flow passes through the firewall for monitoring.
○ HTTP: Browser makes requests, server responds.
○ FTP: File transfers between client and server.
○ DNS: Resolves domain names to IPs.
○ Telnet: Command execution on a remote system.

These protocols underpin modern network communication, offering diverse functionalities for
seamless interaction.

14. Security in the Internet through Firewalls

A firewall is a security system that monitors and controls network traffic based on
predetermined rules. It acts as a barrier between a trusted internal network and untrusted
external networks like the internet.

Types of Firewalls

1. Packet Filtering Firewall: Filters data packets based on IP addresses, ports, and
protocols.
2. Stateful Inspection Firewall: Tracks the state of active connections and makes
decisions based on context.
3. Proxy Firewall: Operates as an intermediary between the user and the external
network.
4. Next-Generation Firewall (NGFW): Includes advanced features like intrusion
detection and application-layer filtering.

Concept

Firewalls:

● Allow legitimate traffic while blocking malicious activities.

● Protect against external attacks like Distributed Denial of Service (DDoS) and
malware.
● Enhance privacy by masking the internal network.

Diagram
Internal Network <-> Firewall <-> External Network (Internet)

Example

● A corporate firewall blocks unauthorized access to sensitive company data.

15. Electronic Mail (Email)

Email is a method of exchanging digital messages over a network.

Key Components

1. User Agent (UA): Software like Outlook or Gmail for composing and reading emails.
2. Mail Server: Stores and forwards emails (e.g., SMTP, IMAP, POP3 servers).
3. Protocols:
○ SMTP: Sends emails.
○ IMAP/POP3: Retrieves emails.

Email Process Architecture

1. Sender composes an email using UA.

2. UA sends the email to the SMTP server.
3. SMTP forwards the email to the recipient’s mail server.
4. Recipient retrieves the email using IMAP or POP3.

Diagram

Sender UA -> SMTP Server -> Internet -> Recipient SMTP Server -> IMAP/POP3 ->
Recipient UA

16. Protocol Descriptions

a. IDS (Intrusion Detection System)

● Definition: Monitors network traffic for suspicious activities.

● Types:
○ Host-based IDS (HIDS): Monitors a specific host.
○ Network-based IDS (NIDS): Monitors the entire network.

b. SSH (Secure Shell)

● Definition: Provides secure access to remote servers using encryption.

 ● Example: Remote login for network administration.

Diagram:
User <-> SSH Client <-> Encrypted Connection <-> SSH Server

c. SSL (Secure Sockets Layer)

● Definition: Encrypts data transferred between clients and servers, ensuring security.
● Example: HTTPS websites use SSL for secure communication.

d. SNMP (Simple Network Management Protocol)

● Definition: Used to monitor and manage devices in a network.

● Example: Monitoring a network router’s performance.

e. RTP (Real-time Transport Protocol)

● Definition: Facilitates the real-time delivery of audio and video over IP networks.
● Example: Video conferencing.

17. Protocol Comparisons

a. HTTP vs. FTP

Parameter HTTP FTP

Purpose Transfer hypertext Transfer files

documents

Connection Stateless Stateful

Port Used 80 (default) 20 (data), 21 (control)

Security Less secure FTP-Secured (FTPS)

available
 Transmission Request-response Binary or text file
Mode

b. HTTP vs. DNS vs. FTP

Parameter HTTP DNS FTP

Purpose Web page access Domain name resolution File transfer

Layer Application Application Application

Port Used 80 53 20, 21

Security Can use HTTPS (SSL/TLS) No inherent encryption FTPS

available

These protocols and their comparisons illustrate their specific use cases, architecture, and
functionalities in modern networking.