Search This Blog

Saturday, January 23, 2010

some IP protocol codes (from Sonicwall Elearning)

Protocol Code                     Protocol Description
1                                          ICMP - internet Control Message Protocol
2                                          IGMP - internet group management protocol
4                                          IP within IP
6                                          TCP - transmission control protocol
17                                         UDP - user datagram protocol
41                                         IPv6
47                                         GRE - generic router ecapsulation (used by pptp)
50                                         IPSEC (ESP - ecapsulating security payload)
51                                          IPSEC (AH - authentication header)

4 comments:

  1. the IP Header – layer 3 of the OSI model

    ReplyDelete
  2. nternet Protocol Security (IPsec) is a suite of protocols for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a data stream. IPsec also includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session. IPsec can be used to protect data flows between a pair of hosts (e.g. computer users or servers), between a pair of security gateways (e.g. routers or firewalls), or between a security gateway and a host.
    IPsec is a dual mode, end-to-end, security scheme operating at the Internet Layer of the Internet Protocol Suite, which is approximately Layer 3 in the OSI model. Some other Internet security systems in widespread use, such as SSL, TLS and SSH, operate in the upper layers of these models, SSL VPN being an example. IPsec is more flexible, operating as it does at a lower level in the stack. Hence it can be used for protecting more traffic (i.e., all those at and above layer 3), and applications need not be specifically designed to use IPsec. The use of TLS/SSL, on the other hand, must typically be incorporated into the design of applications.
    IPsec is a successor of the ISO standard NLSP (Network Layer Security Protocol). The NLSP protocol was based on the SP3 protocol that was published by NIST, but designed by the Secure Data Network System project of the NSA.

    ReplyDelete
  3. AH versus ESP - "Authentication Header" (AH) and "Encapsulating Security Payload" (ESP) are the two main wire-level protocols used by IPsec, and they authenticate (AH) and encrypt+authenticate (ESP) the data flowing over that connection. They are typically used independently, though it's possible (but uncommon) to use them both together.

    ReplyDelete
  4. Main mode versus aggressive mode These modes control an efficiency-versus-security tradeoff during initial IKE key exchange. "Main mode" requires six packets back and forth, but affords complete security during the establishment of an IPsec connection, while Aggressive mode uses half the exchanges providing a bit less security because some information is transmitted in clearext.

    ReplyDelete