Skip to content

Server Message Block

Server Message Block (SMB) is the application protocol underpinning file and printer sharing on Windows networks. SMB usually runs directly over the TCP/445 port.

File Transfer Protocol

The File Transfer Protocol (FTP) allows a client to upload and download files from a network server. It is often used to upload files to websites. FTP is associated with the use of port TCP/21 to establish a connection and either port TCP/20 to transfer data in "active" mode or a server-assigned port in "passive" mode.

![[Pasted image 20231014124602.png]]

LDAP

The Lightweight Directory Access Protocol (LDAP) is a TCP/IP protocol used to query and update an X.500 directory. It is widely supported in current directory products—Windows Active Directory or the open source OpenLDAP, for instance. LDAP uses TCP and UDP port 389 by default.

AAA

An authentication, authorization, and accounting (AAA) server is one that consolidates authentication services across multiple access devices. AAA uses the following components:

  • Supplicant—The device requesting access, such as a user's PC or laptop.
  • Network access server (NAS) or network access point (NAP)—Network access appliances, such as switches, access points, and VPN gateways. These are also referred to as "AAA clients" or "authenticators."
  • AAA server—The authentication server, positioned within the local network.

With AAA, the network access appliances do not have to store any authentication credentials. They simply act as a transit to forward this data between the AAA server and the supplicant. AAA is often implemented using a protocol called Remote Authentication Dial-in User Service (RADIUS).![[Pasted image 20231014125412.png]]

Simple Network Management Protocol

The Simple Network Management Protocol (SNMP) is a framework for management and monitoring network devices. SNMP consists of a management system and agents.

Syslog is an example of a protocol and supporting software that facilitates log collection. It has become a de facto standard for logging events from distributed systems. For example, syslog messages can be generated by routers and switches, as well as UNIX or Linux servers and workstations. A syslog collector usually listens on port UDP/514.

Proxies

Many enterprise networks also use some sort of NAT, but another option is to deploy a proxy server. A proxy server does not just translate IP addresses. It takes a whole HTTP request from a client, checks it, then forwards it to the destination server on the Internet. When the reply comes back, it checks it and then shuttles it back to the LAN computer. A proxy can be used for other types of traffic too (email, for instance).

Load Balancer

![[Pasted image 20231014131534.png]]A load balancer can be deployed to distribute client requests across server nodes in a farm or pool. You can use a load balancer in any situation where you have multiple servers providing the same function.

Supervisory Control and Data Acquisition

supervisory control and data acquisition (SCADA) system takes the place of a control server in large-scale, multiple-site ICSs. SCADAs typically run as software on ordinary computers, gathering data from and managing plant devices and equipment with embedded PLCs, referred to as "field devices." These embedded systems typically use WAN communications, such as cellular or satellite, to link the SCADA server to field devices.

Core1