a protocol governs the formats of the messages exchanged between several hosts as well as the action to be taken following the sending or reception of these messages.



An example of protocol


a teacher in a class questions his pupils he sends a message:

  1. do you have questions?
  2. Each student receives the message, analyzes it, if a student has a question
  3. He raises his hand to send a signal to the professor.
  4. The teacher sends a message back to the student to let him know that he can ask his question
  5. The student asks his question.


This is a convention on how to communicate between a teacher and his students.


Hosts / computers wishing to communicate over the internet agree on a communication protocol.


    HTTP : HyperText Transfer



    It is the transmission protocol allowing the user to access web pages through a browser, for example


    If we go to the HTTP protocol will be:


    • Send a request to the server (hosting the site)


     GET HTTP / 1.1


    • The server will respond with a format in HTML or CSS


    HTTP / 1.1 200 OK

    <! DOCTOTYPE html>



    etc ...


    All communication through the internet depends on protocols defined in advance, there are many others, as well as communication applications on a computer:


    • HTTP
    • SMPT
    • FTP
    • BitTorrent
    • DNS
    • UDP
    • IP
    • RIP
    • BGP
    • ARP
    • Ethernet
    • etc ...


    All these protocols are governed by the Internet Egineering Task Force


    It is a very vast subject and you have not finished learning, do not wait to know everything to put it into practice, you can go to the HTTP request chapter or we will use BurpSuite to identify different protocols and their effects.



      TCP : Transmission Control Protocol



      It is a protocol which allows the transmission (see Internet architecture chapter), of the data flow (that is to say everything that circulates on the Internet) over a network connection.


      When two machines wish to transmit data (packets) using this protocol, they connect in 3 steps: Three-way handshake (a handshake in 3 steps):


      It's like when you phone someone


      1. you call a friend: computer A sends a SYN packet (synchronized) to computer B
      2. your friend replies "Hello": computer B sends a SYN / ACK (synchronize, acknowledge) packet to A
      3. you say "hi this is Padawan": A responds with an ACK packet (acknowledge)


      The conversation can then begin




      TCP is a "connection-oriented protocol" because it requires synchronized communication between the client and the server. The packages will then be sent in order and with the guarantee that they arrive whole.


      In opposition we have a "connectionless protocol" which is the UDP protocol.


      UDP : User Datagram Protocol



      It also allows data transmission but without guaranteeing arrival at the recipient. It is said to be a connectionless protocol, that is to say that it can be compared to a letter that you mail: you put your letter in an envelope and you mail it, then nothing guarantees that it will arrive to good port.


      So why use it? For its speed, if for example you are streaming a video or playing video games.


      See the differences between TCP and UDP here on this vidéo. We will talk about these two protocols again in the Port Scan chapter. As a reminder, they are part of the Transport Layer of the TCP / IP protocol.


      ICMP : Internet Control Message Protocol