Henry Dalziel | Concise Bytes | September 16, 2013
What is TCP IP?
TCP IP stands for Transmission Control Protocol and Internet Protocol. The word ‘Protocol’ comes twice in the definition. By ‘Protocol’ we mean a set of rules for behavior that people (in our case, computer systems) accept and obey. The easiest way to understand protocols is by explaining them as a set of rules that we all agree on. Without rules or agreed processes chaos would rule supreme. This is particularly important in IT (not least Information Security) because computers must be able to communicate with each other – and they do this through TCP IP.
TCP IP was always designed to link computers from different vendors, such as HP, Compaq, IBM etc., TCP IP is agnostic – i.e. it will work with any machine (when configured correctly).
According to W3, in 2013, 212 million computers in the world run TCP IP. TCP IP can be installed on any and all of the following operating systems (on the same network).
What is a packet?
Many of our Hacker Hotshot speakers talk about ‘packets’ and ‘packet sniffing’ and this is a term that will keep recurring as you progress in your career or will be unfamiliar to you if you are just starting your career. Everything we do on the Internet involves packets, or ‘packet data’. For example, every Web page or email or file or image that we view is processed as a series of packets.
On the Internet, the networks (cables that ‘carry the data’) breaks, for example, an e-mail message into several parts. The ‘parts’ are broken into bytes, and these are known as ‘packets.’ Each packet carries the necessary information that will help it reach its destination. These packets are sent in the protocols that the Internet uses: TCP IP.
What are LAN’s, WAN’s, VLAN’s and SAN’s – and how do they fit in with TCP IP
The answer is that they all fit within TCP IP. Think of TCP IP as the life-blood of the network. Networks come in different sizes and shapes. The two main networks are LAN’s (Local Area Networks: and WAN’s (Wide Area Networks), are defined by how much distance the networks cover. VLAN refers to a Virtual Local Area Network and differs because it has nothing to do with geography (like LAN or WAN) but rather the connection is applicable to a local virtual entity (for more on this you can read into CAN’s – which is an abbreviation for a Campus Area Network).
SAN is Storage Area Network which is a high volume and high speed network made of lots of different storage devices.
What is the security posture of TCP IP?
TCP is far from perfect or ideal. There are two major problems with TCP IP, namely with ‘addressing’ and ‘security.’ When the Internet and TCP IP was first invented it was designed to connect universities and military computers, the developers had no idea it would explode into the ‘World Wide Web’ and evolve into a commercial medium.
When the Internet was designed, 32 bits of address space (allowing for approximately four billion computers) seemed an abundance (for more on this read about IPv4 and IPv6) but this is rapidly running out! The 32 address ‘bits’ are fast running out because IP address numbers are allocated in blocks and not all of the numbers in a block are actually utilized.
The security aspect is obvious. TCP/IP was never designed to be encrypted, hijacked, DOS attacked, authentication attacked, Man In The Middle Attacked, etc., these are all threats that developed over time. The inept level of security within TCP IP (from its’ inception) has spawned an enormous amount of work and research to patch and toughen the protocols.
Here’s your Concise Byte: TCP IP! Think of it as an agreed set of standards that makes the Internet work.