Session Initiation Protocol
The Session Initiation Protocol is a signaling protocol used for initiating and terminating real-time sessions that include voice and messaging applications. SIP is used for signaling and controlling multimedia communication sessions in applications of Internet telephony for voice and video calls, in private IP telephone systems, in instant messaging over Internet Protocol networks as well as mobile phone calling over LTE; the protocol defines the specific format of messages exchanged and the sequence of communications for cooperation of the participants. SIP is a text-based protocol, incorporating many elements of the Hypertext Transfer Protocol and the Simple Mail Transfer Protocol. A call established with SIP may consist of multiple media streams, but no separate streams are required for applications, such as text messaging, that exchange data as payload in the SIP message. SIP works in conjunction with several other protocols that carry the session media. Most media type and parameter negotiation and media setup is performed with the Session Description Protocol, carried as payload in SIP messages.
SIP is designed to be independent of the underlying transport layer protocol, can be used with the User Datagram Protocol, the Transmission Control Protocol, the Stream Control Transmission Protocol. For secure transmissions of SIP messages over insecure network links, the protocol may be encrypted with Transport Layer Security. For the transmission of media streams the SDP payload carried in SIP messages employs the Real-time Transport Protocol or the Secure Real-time Transport Protocol. SIP was designed by Mark Handley, Henning Schulzrinne, Eve Schooler and Jonathan Rosenberg in 1996; the protocol was standardized as RFC 2543 in 1999. In November 2000, SIP was accepted as a 3GPP signaling protocol and permanent element of the IP Multimedia Subsystem architecture for IP-based streaming multimedia services in cellular networks. In June 2002 the specification was revised in RFC 3261 and various extensions and clarifications have been published since. SIP was designed to provide a signaling and call setup protocol for IP-based communications supporting the call processing functions and features present in the public switched telephone network with a vision of supporting new multimedia applications.
It has been extended for video conferencing, streaming media distribution, instant messaging, presence information, file transfer, Internet fax and online games. SIP is distinguished by its proponents for having roots in the Internet community rather than in the telecommunications industry. SIP has been standardized by the IETF, while other protocols, such as H.323, have traditionally been associated with the International Telecommunication Union. SIP is only involved for the signaling operations of a media communication session and is used to set up and terminate voice or video calls. SIP can be used to establish multiparty sessions, it allows modification of existing calls. The modification can involve changing addresses or ports, inviting more participants, adding or deleting media streams. SIP has found applications in messaging applications, such as instant messaging, event subscription and notification. SIP works in conjunction with several other protocols that specify the media format and coding and that carry the media once the call is set up.
For call setup, the body of a SIP message contains a Session Description Protocol data unit, which specifies the media format and media communication protocol. Voice and video media streams are carried between the terminals using the Real-time Transport Protocol or Secure Real-time Transport Protocol; every resource of a SIP network, such as user agents, call routers, voicemail boxes, are identified by a Uniform Resource Identifier. The syntax of the URI follows the general standard syntax used in Web services and e-mail; the URI scheme used for SIP is sip and a typical SIP URI has the form sip:username@domainname or sip:username@hostport, where domainname requires DNS SRV records to locate the servers for SIP domain while hostport can be an IP address or a qualified domain name of the host and port. If secure transmission is required, the scheme sips is used. SIP employs design elements similar to the HTTP request/response transaction model; each transaction consists of a client request that invokes a particular method or function on the server and at least one response.
SIP reuses most of the header fields, encoding rules and status codes of HTTP, providing a readable text-based format. SIP can be carried by several transport layer protocols including Transmission Control Protocol, User Datagram Protocol, Stream Control Transmission Protocol. SIP clients use TCP or UDP on port numbers 5060 or 5061 for SIP traffic to servers and other endpoints. Port 5060 is used for non-encrypted signaling traffic whereas port 5061 is used for traffic encrypted with Transport Layer Security. SIP-based telephony networks implement call processing features of Signaling System 7, for which special SIP protocol extensions exist, although the two protocols themselves are different. SS7 is a centralized protocol, characterized by a complex central network architecture and dumb endpoints. SIP is a client-server protocol of equipotent peers. SIP features are implemented in the communicating endpoints, while the traditional SS7 architecture is in use only between switching centers; the network elements that use the Session Initiation Protocol for commun
Network Time Protocol
The Network Time Protocol is a networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks. In operation since before 1985, NTP is one of the oldest Internet protocols in current use. NTP was designed by David L. Mills of the University of Delaware. NTP is intended to synchronize all participating computers to within a few milliseconds of Coordinated Universal Time, it uses the intersection algorithm, a modified version of Marzullo's algorithm, to select accurate time servers and is designed to mitigate the effects of variable network latency. NTP can maintain time to within tens of milliseconds over the public Internet, can achieve better than one millisecond accuracy in local area networks under ideal conditions. Asymmetric routes and network congestion can cause errors of 100 ms or more; the protocol is described in terms of a client-server model, but can as be used in peer-to-peer relationships where both peers consider the other to be a potential time source.
Implementations send and receive timestamps using the User Datagram Protocol on port number 123. They can use broadcasting or multicasting, where clients passively listen to time updates after an initial round-trip calibrating exchange. NTP supplies a warning of any impending leap second adjustment, but no information about local time zones or daylight saving time is transmitted; the current protocol is version 4, a proposed standard as documented in RFC 5905. It is backward compatible with version 3, specified in RFC 1305. In 1979, network time synchronization technology was used in what was the first public demonstration of Internet services running over a trans-Atlantic satellite network, at the National Computer Conference in New York; the technology was described in the 1981 Internet Engineering Note 173 and a public protocol was developed from it, documented in RFC 778. The technology was first deployed in a local area network as part of the Hello routing protocol and implemented in the Fuzzball router, an experimental operating system used in network prototyping, where it ran for many years.
Other related network tools were available both and now. They include the Daytime and Time protocols for recording the time of events, as well as the ICMP Timestamp and IP Timestamp option. More complete synchronization systems, although lacking NTP's data analysis and clock disciplining algorithms, include the Unix daemon timed, which uses an election algorithm to appoint a server for all the clients. In 1985, NTP version 0 was implemented in both Fuzzball and Unix, the NTP packet header and round-trip delay and offset calculations, which have persisted into NTPv4, were documented in RFC 958. Despite the slow computers and networks available at the time, accuracy of better than 100 milliseconds was obtained on Atlantic spanning links, with accuracy of tens of milliseconds on Ethernet networks. In 1988, a much more complete specification of the NTPv1 protocol, with associated algorithms, was published in RFC 1059, it drew on the experimental results and clock filter algorithm documented in RFC 956 and was the first version to describe the client-server and peer-to-peer modes.
In 1991, the NTPv1 architecture and algorithms were brought to the attention of a wider engineering community with the publication of an article by David L. Mills in the IEEE Transactions on Communications. In 1989, RFC 1119 was published defining NTPv2 by means of a state machine, with pseudocode to describe its operation, it introduced a management protocol and cryptographic authentication scheme which have both survived into NTPv4. The design of NTPv2 was criticized for lacking formal correctness principles by the DTSS community, their alternative design included Marzullo's algorithm, a modified version of, promptly added to NTP. The bulk of the algorithms from this era have largely survived into NTPv4. In 1992, RFC 1305 defined NTPv3; the RFC included an analysis of all sources of error, from the reference clock down to the final client, which enabled the calculation of a metric that helps choose the best server where several candidates appear to disagree. Broadcast mode was introduced. In subsequent years, as new features were added and algorithm improvements were made, it became apparent that a new protocol version was required.
In 2010, RFC 5905 was published containing a proposed specification for NTPv4. The protocol has moved on since and as of 2014, an updated RFC has yet to be published. Following the retirement of Mills from the University of Delaware, the reference implementation is maintained as an open source project led by Harlan Stenn. NTP uses a semi-layered system of time sources; each level of this hierarchy is termed a stratum and is assigned a number starting with zero for the reference clock at the top. A server synchronized to a stratum n server runs at stratum n + 1; the number represents the distance from the reference clock and is used to prevent cyclical dependencies in the hierarchy. Stratum is not always an indication of reliability. A brief description of strata 0, 1, 2 and 3 is provided below. Stratum 0 These are high-precision timekeeping devices such as atomic clocks, GPS or other radio clocks, they generate a accurate pulse per second signal that triggers an interrupt and timestamp on a connected computer.
Stratum 0 devices are known as reference clocks. Stratum 1 These are computers whose system time is synchronized to w
Simple Network Management Protocol
Simple Network Management Protocol is an Internet Standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior. Devices that support SNMP include cable modems, switches, workstations and more. SNMP is used in network management for network monitoring. SNMP exposes management data in the form of variables on the managed systems organized in a management information base which describe the system status and configuration; these variables can be remotely queried by managing applications. Three significant versions of SNMP have been deployed. SNMPv1 is the original version of the protocol. More recent versions, SNMPv2c and SNMPv3, feature improvements in performance and security. SNMP is a component of the Internet Protocol Suite as defined by the Internet Engineering Task Force, it consists of a set of standards for network management, including an application layer protocol, a database schema, a set of data objects.
In typical uses of SNMP, one or more administrative computers called managers have the task of monitoring or managing a group of hosts or devices on a computer network. Each managed system executes a software component called an agent which reports information via SNMP to the manager. An SNMP-managed network consists of three key components: Managed devices Agent – software which runs on managed devices Network management station – software which runs on the managerA managed device is a network node that implements an SNMP interface that allows unidirectional or bidirectional access to node-specific information. Managed devices exchange node-specific information with the NMSs. Sometimes called network elements, the managed devices can be any type of device, but not limited to, access servers, cable modems, hubs, IP telephones, IP video cameras, computer hosts, printers. An agent is a network-management software module. An agent has local knowledge of management information and translates that information to or from an SNMP-specific form.
A network management station executes applications that control managed devices. NMSs provide the bulk of the memory resources required for network management. One or more NMSs may exist on any managed network. SNMP agents expose management data on the managed systems as variables; the protocol permits active management tasks, such as configuration changes, through remote modification of these variables. The variables accessible via SNMP are organized in hierarchies. SNMP itself does not define which variables a managed system should offer. Rather, SNMP uses an extensible design; these hierarchies are described as a management information base. MIBs describe the structure of the management data of a device subsystem; each OID identifies a variable that can be read or set via SNMP. MIBs use the notation defined by Structure of Management Information Version 2.0, a subset of ASN.1. SNMP operates in the application layer of the Internet protocol suite. All SNMP messages are transported via User Datagram Protocol.
The SNMP agent receives requests on UDP port 161. The manager may send requests from any available source port to port 161 in the agent; the agent response is sent back to the source port on the manager. The manager receives notifications on port 162; the agent may generate notifications from any available port. When used with Transport Layer Security or Datagram Transport Layer Security, requests are received on port 10161 and notifications are sent to port 10162. SNMPv1 specifies five core protocol data units. Two other PDUs, GetBulkRequest and InformRequest were added in SNMPv2 and the Report PDU was added in SNMPv3. All SNMP PDUs are constructed as follows: The seven SNMP PDU types as identified by the PDU-type field are as follows: GetRequest A manager-to-agent request to retrieve the value of a variable or list of variables. Desired variables are specified in variable bindings. Retrieval of the specified variable values is to be done as an atomic operation by the agent. A Response with current values is returned.
SetRequest A manager-to-agent request to change the value of a variable or list of variables. Variable bindings are specified in the body of the request. Changes to all specified variables are to be made as an atomic operation by the agent. A Response with new values for the variables is returned. GetNextRequest A manager-to-agent request to discover available variables and their values. Returns a Response with variable binding for the lexicographically next variable in the MIB; the entire MIB of an agent can be walked by iterative application of GetNextRequest starting at OID 0. Rows of a table can be read by specifying column OIDs in the variable bindings of the request. GetBulkRequest A manager-to-agent request for multiple iterations of GetNextRequest. An optimized version of GetNextRequest. Returns a Response with multiple variable bindings walked from the variable binding or bindings in the request. PDU specific non-repeaters and max-repetitions fields are used to control response behavior.
GetBulkRequest was introduced in SNMPv2. Response Returns variable bindings and acknowledgement from agent to manager for GetRequest, SetRequest, GetNextRequest, GetBulkRequest and InformRequest. Error reporting is provided by error-index fields. Although it was used as a response to both gets and sets, this P
Stream Control Transmission Protocol
The Stream Control Transmission Protocol is a computer networking communications protocol which operates at the transport layer and serves a role similar to the popular protocols TCP and UDP. It is standardized by IETF in RFC 4960. SCTP provides some of the features of both UDP and TCP: it is message-oriented like UDP and ensures reliable, in-sequence transport of messages with congestion control like TCP, it differs from those protocols by providing multi-homing and redundant paths to increase resilience and reliability. In the absence of native SCTP support in operating systems, it is possible to tunnel SCTP over UDP, as well as to map TCP API calls to SCTP calls so existing applications can use SCTP without modification; the reference implementation was released as part of FreeBSD version 7. It has since been ported; the IETF Signaling Transport working group defined the protocol in the year 2000, the IETF Transport Area working group maintains it. RFC 4960 defines the protocol. RFC 3286 provides an introduction.
SCTP applications submit their data to be transmitted in messages to the SCTP transport layer. SCTP places messages and control information into separate chunks, each identified by a chunk header; the protocol can fragment a message into a number of data chunks, but each data chunk contains data from only one user message. SCTP bundles the chunks into SCTP packets; the SCTP packet, submitted to the Internet Protocol, consists of a packet header, SCTP control chunks, followed by SCTP data chunks. One can characterize SCTP as message-oriented, meaning it transports a sequence of messages, rather than transporting an unbroken stream of bytes as does TCP; as in UDP, in SCTP a sender sends a message in one operation, that exact message is passed to the receiving application process in one operation. In contrast, TCP is a stream-oriented protocol; however TCP does not allow the receiver to know how many times the sender application called on the TCP transport passing it groups of bytes to be sent out.
At the sender, TCP appends more bytes to a queue of bytes waiting to go out over the network, rather than having to keep a queue of individual separate outbound messages which must be preserved as such. The term multi-streaming refers to the capability of SCTP to transmit several independent streams of chunks in parallel, for example transmitting web page images together with the web page text. In essence, it involves bundling several connections into a single SCTP association, operating on messages rather than bytes. TCP preserves byte order in the stream by including a byte sequence number with each segment. SCTP, on the other hand, assigns a message-id to each message sent in a stream; this allows independent ordering of messages in different streams. However, message ordering is optional in SCTP. Features of SCTP include: Reliable transmission of both ordered and unordered data streams. Multihoming support in which one or both endpoints of a connection can consist of more than one IP address, enabling transparent fail-over between redundant network paths.
Delivery of chunks within independent streams eliminates unnecessary head-of-line blocking, as opposed to TCP byte-stream delivery. Explicit partial reliability. Path selection and monitoring to select a primary data transmission path and test the connectivity of the transmission path. Validation and acknowledgment mechanisms protect against flooding attacks and provide notification of duplicated or missing data chunks. Improved error detection suitable for Ethernet jumbo frames; the designers of SCTP intended it for the transport of telephony over Internet Protocol, with the goal of duplicating some of the reliability attributes of the SS7 signaling network in IP. This IETF effort is known as SIGTRAN. In the meantime, other uses have been proposed, for example, the Diameter protocol and Reliable Server Pooling. TCP has provided the primary means to transfer data reliably across the Internet. However, TCP has imposed limitations on several applications. From RFC 4960: TCP provides both reliable data transfer and strict order-of-transmission delivery of data.
Some applications need reliable transfer without sequence maintenance, while others would be satisfied with partial ordering of the data. In both of these cases, the head-of-line blocking property of TCP causes unnecessary delay. For applications exchanging distinct records or messages, the stream-oriented nature of TCP requires the addition of explicit markers or other encoding to delineate the individual records. In order to avoid sending many small IP packets where one single larger packet would have sufficed, the TCP implementation may delay transmitting data while waiting for more data being queued by the application. If and when such a small delay is undesirable, the application must explicitly request undelayed transmission on a case-by-case basis using the push facility. SCTP on the other hand allows undelayed transmission to be configured as a default for an association, eliminating any undesired delays, but at the cost of higher transfer overhead; the limited scope of TCP sockets complicates the task of providing highly-available data transfer capability using multi-homed hosts.
TCP is vulnerable to denial-of-service attacks, such as SYN attacks. Adoption has been slowed by lack of awareness, lack of implementations (particularly in Microsoft Windows
Hypertext Transfer Protocol Secure is an extension of the Hypertext Transfer Protocol. It is used for secure communication over a computer network, is used on the Internet. In HTTPS, the communication protocol is encrypted using Transport Layer Security, or its predecessor, Secure Sockets Layer; the protocol is therefore often referred to as HTTP over TLS, or HTTP over SSL. The principal motivation for HTTPS is authentication of the accessed website and protection of the privacy and integrity of the exchanged data while in transit, it protects against man-in-the-middle attacks. The bidirectional encryption of communications between a client and server protects against eavesdropping and tampering of the communication. In practice, this provides a reasonable assurance that one is communicating without interference by attackers with the website that one intended to communicate with, as opposed to an impostor. HTTPS connections were used for payment transactions on the World Wide Web, e-mail and for sensitive transactions in corporate information systems.
Since 2018, HTTPS is used more by web users than the original non-secure HTTP to protect page authenticity on all types of websites. The Uniform Resource Identifier scheme HTTPS has identical usage syntax to the HTTP scheme. However, HTTPS signals the browser to use an added encryption layer of SSL/TLS to protect the traffic. SSL/TLS is suited for HTTP, since it can provide some protection if only one side of the communication is authenticated; this is the case with HTTP transactions over the Internet, where only the server is authenticated. HTTPS creates a secure channel over an insecure network; this ensures reasonable protection from eavesdroppers and man-in-the-middle attacks, provided that adequate cipher suites are used and that the server certificate is verified and trusted. Because HTTPS piggybacks HTTP on top of TLS, the entirety of the underlying HTTP protocol can be encrypted; this includes the request URL, query parameters and cookies. However, because host addresses and port numbers are part of the underlying TCP/IP protocols, HTTPS cannot protect their disclosure.
In practice this means that on a configured web server, eavesdroppers can infer the IP address and port number of the web server that one is communicating with, as well as the amount and duration of the communication, though not the content of the communication. Web browsers know how to trust HTTPS websites based on certificate authorities that come pre-installed in their software. Certificate authorities are in this way being trusted by web browser creators to provide valid certificates. Therefore, a user should trust an HTTPS connection to a website if and only if all of the following are true: The user trusts that the browser software implements HTTPS with pre-installed certificate authorities; the user trusts the certificate authority to vouch only for legitimate websites. The website provides a valid certificate; the certificate identifies the website. The user trusts. HTTPS is important over insecure networks, as anyone on the same local network can packet-sniff and discover sensitive information not protected by HTTPS.
Additionally, many free to use and paid WLAN networks engage in packet injection in order to serve their own ads on webpages. However, this can be exploited maliciously in many ways, such as injecting malware onto webpages and stealing users' private information. HTTPS is very important for connections over the Tor anonymity network, as malicious Tor nodes can damage or alter the contents passing through them in an insecure fashion and inject malware into the connection; this is one reason why the Electronic Frontier Foundation and the Tor project started the development of HTTPS Everywhere, included in the Tor Browser Bundle. As more information is revealed about global mass surveillance and criminals stealing personal information, the use of HTTPS security on all websites is becoming important regardless of the type of Internet connection being used. While metadata about individual pages that a user visits is not sensitive, when combined, they can reveal a lot about the user and compromise the user's privacy.
Deploying HTTPS allows the use of HTTP/2, that are new generations of HTTP, designed to reduce page load times and latency. It is recommended to use HTTP Strict Transport Security with HTTPS to protect users from man-in-the-middle attacks SSL stripping. HTTPS should not be confused with the little-used Secure HTTP specified in RFC 2660; as of April 2018, 33.2% of Alexa top 1,000,000 websites use HTTPS as default, 57.1% of the Internet's 137,971 most popular websites have a secure implementation of HTTPS, 70% of page loads use HTTPS. Most browsers display a warning. Older browsers, when connecting to a site wit
Media Gateway Control Protocol
The Media Gateway Control Protocol is a signaling and call control communications protocol used in voice over IP telecommunication systems. It implements the media gateway control protocol architecture for controlling media gateways on Internet Protocol networks connected to the public switched telephone network; the protocol is a successor to the Simple Gateway Control Protocol, developed by Bellcore and Cisco, the Internet Protocol Device Control. The methodology of MGCP reflects the structure of the PSTN with the power of the network residing in a call control center softswitch, analogous to the central office in the telephone network; the endpoints are low-intelligence devices executing control commands from a call agent or media gateway controller in the softswitch and providing result indications in response. The protocol represents a decomposition of other VoIP models, such as H.323 and the Session Initiation Protocol, in which the endpoint devices of a call have higher levels of signaling intelligence.
MGCP is a text-based protocol consisting of responses. It uses the Session Description Protocol for specifying and negotiating the media streams to be transmitted in a call session and the Real-time Transport Protocol for framing the media streams; the media gateway control protocol architecture and its methodologies and programming interfaces are described in RFC 2805. MGCP is a master-slave protocol in which media gateways are controlled by a call control agent or softswitch; this controller is called call agent. With the network protocol it can control each specific port on a media gateway; this provides scalable IP telephony solutions. The distributed system is composed of at least one call agent and one or multiple media gateways, which performs the conversion of media signals between circuit-switched and packet-switched networks, at least one signaling gateway when connected to the PSTN. MGCP presents a call control architecture with limited intelligence at the edge and intelligence at the core controllers.
The MGCP model assumes that call agents synchronize with each other to send coherent commands and responses to the gateways under their control. The call agent uses MGCP to request event notifications, reports and configuration data from the media gateway, as well as to specify connection parameters and activation of signals toward the PSTN telephony interface. A softswitch is used in conjunction with signaling gateways, for access to Signalling System No. 7 functionality, for example. The call agent does not use MGCP to control a signaling gateway. A media gateway may be configured with a list of call agents from which it may accept control commands. In principle, event notifications may be sent to different call agents for each endpoint on the gateway, according to the instructions received from the call agents by setting the NotifiedEntity parameter. In practice, however, it is desirable that all endpoints of a gateway are controlled by the same call agent. In the event of such a failure it is the backup call agent's responsibility to reconfigure the media gateway so that it reports to the backup call agent.
The gateway may be audited to determine the controlling call agent, a query that may be used to resolve any conflicts. In case of multiple call agents, MGCP assumes that they maintain knowledge of device state among themselves; such failover features take into account both planned and unplanned outages. MGCP recognizes three essential elements of communication, the media gateway controller, the media gateway endpoint, connections between these entities. A media gateway may host multiple endpoints and each endpoint should be able to engage in multiple connections. Multiple connections on the endpoints support calling features such as call waiting and three-way calling. MGCP is a text-based protocol using a response model. Commands and responses are encoded in messages that are structured and formatted with the whitespace characters space, horizontal tab, carriage return, linefeed and full stop. Messages are transmitted using the User Datagram Protocol. Media gateways use the port number 2427, call agents use 2727 by default.
The message sequence of command and its response is known as a transaction, identified by the numerical Transaction Identifier exchanged in each transaction. The protocol specification defines nine standard commands that are distinguished by a four-letter command verb: AUEP, AUCX, CRCX, DLCX, EPCF, MDCX, NTFY, RQNT, RSIP. Responses begin with a three-digit numerical response code that identifies the outcome or result of the transaction. Two verbs are used by a call agent to query the state of its associated connections. AUEP: Audit Endpoint AUCX: Audit ConnectionThree verbs are used by a call agent to manage the connection to a media gateway endpoint. CRCX: Create Connection DLCX: Delete Connection; this command may be issued by an endpoint to terminate a connection. MDCX: Modify Connection; this command is used to alter operating characteristics of the connection, e.g. speech encoders, half-duplex/full-duplex state and others. One verb is used by a call agent to request notification of events occurring at the endpoint, to apply signals to the connected PSTN network link, or to a connected telephony endpoint, e.g