In network communication, multiple protocol layers play a role. At the most basic level, UDP and TCP operate as transport layer protocols, which we've discussed in the previous topic. Built on UDP or TCP, application layer protocols serve distinct functions. They leverage the transport protocols to facilitate particular capabilities, like web browsing and time synchronization.
Classification of protocols
Protocols are essential for ensuring error-free communication between different components or systems. As a tester, you need to test these protocols thoroughly to find any issues or vulnerabilities. The choice of protocol hinges on the specific application or usage scenario. Protocols at the application layer in networks are categorized based on data representation and processing. They are commonly split into binary and text-based protocols.
Text protocols use plain text to convey information between systems. They are easy to read, which simplifies understanding the transmitted data. This information appears in ASCII or Unicode format. Text protocols typically feature in network applications, web servers, email, and other contexts where data needs to be human-readable.
Binary protocols exchange data in a binary format. The data between systems is shown as a string of ones and zeros, leading to more compact data packets and the ability to manage complex structures. Binary protocols are suited for transferring structured data like images, audio, video, binary files and other types of binary-formatted content.
For instance, in testing an app that uses HTTP, you'd check the precision of the transmitted data, correct handling of response codes, and the app's management of various scenarios. When assessing a binary protocol, focus on successful file transfers, strong error handling, and robust security measures.
Text protocols
HTTP is a text-based protocol, enabling the retrieval and display of web pages and allowing testers to interact with and analyze websites. HTTP exchanges information as text, making it easy to read and understand, especially for beginners. This simplicity helps testers identify issues and errors more effectively, thus improving the overall quality of the website under test. For example, here's a session for retrieving a web page from a server:
GET /index.html HTTP/1.1
Host: www.example.comSMTP focuses on transferring emails. Testers can send and receive emails to ensure that an application's email system works as expected. Since it deals with plain text, testers can inspect the email content and verify correct formatting easily. Here's how to send an email to a recipient:
MAIL FROM: <sender@example.com>
RCPT TO: <recipient@example.com>
DATA
Subject: Test Email
This is a test email.
QUITFTP, used for file transfer between a client and a server on a TCP/IP network, allows you to move files from your computer to a remote server. First, establish a connection with the remote server through FTP client software.
Once connected, FTP commands let you navigate the server's directories and transfer files. For instance, to send "report.docx" to the server, navigate to the file on your computer and use the "put" command. To download a file, use the "get" command to fetch it and save it to your computer.
Telnet lets you control a remote computer or network device over the Internet or a TCP/IP network. For example, to configure a router on the other side of the world, use Telnet for remote access, avoiding the need to travel. Using Telnet client software, you'll have a terminal-like interface on your computer.
After connecting, you can send commands as if you were in front of the device, configuring settings, checking system information, and running diagnostics. Telnet allows remote management and troubleshooting of network devices like routers, switches, and servers, serving as a powerful tool for network administrators and system operators.
Session – accessing and configuring a remote device:
telnet 192.168.1.1
Username: your_username
Password: your_password
enable
configure terminal
interface ethernet0
ip address 192.168.1.2 255.255.255.0
exit
write memory
exitText-based protocols offer simplicity and readability, ensuring the communication flow is easily understood. They're flexible and platform-independent, accessible across various operating systems and programming languages, and support different character encodings, enabling data exchange in a range of languages and character sets.
However, there are downsides:
Text-based protocols often require more space for transmission due to delimiters, metadata, and parsing elements, increasing network traffic and strain.
These protocols may be less efficient in terms of speed compared to binary protocols because of the larger data volume.
Complex syntax in some text-based protocols can increase the difficulty of parsing data and software development complexity.
The human-readable format may make data more vulnerable to transmission errors, such as typos and incorrect characters.
Binary protocols
TCP is a classic example of a binary protocol. It forms the backbone of the internet and enables reliable communication between devices across various networks. TCP ensures that data divides into small packets, transmits in binary format, and reassembles at the receiving end.
SNMP is another binary protocol widely used in network management systems. SNMP allows network administrators to monitor and manage network devices by exchanging data in binary format. It provides a standard method of communication for devices like routers, switches, and servers.
HTTP/2 (Hypertext Transfer Protocol version 2) is a binary protocol designed as the next generation of the HTTP protocol. It aims to improve web application performance by reducing network overhead and enhancing request concurrency.
Protocol Buffer (Protobuf) is a data serialization format developed by Google. It uses binary representation for efficient data transfer and storage. Protocol Buffers are often used in distributed systems and web services.
Serialization and deserialization of data using protocol buffers might look like this:
# Serialize data
message = MyMessage()
message.id = 123
message.name = "John Doe"
serialized_data = message.SerializeToString()
# Deserialize data
received_message = MyMessage()
received_message.ParseFromString(serialized_data)
print(received_message)MessagePack is another data serialization format using binary representation. It provides a compact data representation and efficient data transfer between different applications and programming languages.
Binary protocols are highly efficient due to their compact representation. Since they use only zeros and ones, they significantly reduce data size, leading to faster transmission and less bandwidth usage.
These protocols are platform-independent, which means they can be implemented across different operating systems and hardware architectures. Their compatibility makes them widely adopted in various domains.
They can incorporate cryptographic algorithms, simplifying encryption and securing data during transmission. This feature enhances the security of the communication channel between devices.
Although binary protocols are not human-readable, making the transmitted data challenging to understand without the proper decoding tools. This can complicate troubleshooting or debugging communication issues.
Designing and implementing binary protocols requires expertise in encoding and decoding algorithms, which can be complex and time-consuming. Errors in protocol design may lead to interoperability issues.
Conclusion
A tricky question you might encounter in an interview is, "Where can I find information about HTTP, and what is the primary source?" All standardized protocols are described on the IETF site.