1

I've been reading on packets a lot today. I was confused for sometime because smtp, http, or ftp, for example, are all called protocols. But that they also somehow utilize transport protocols like TCP. I couldn't locate them on the packet 4 layers. Until I just discovered they're simply part of the application layer.

I want to know what exactly these "protocols" offer. I'm guessing a specific format for the data which applications on the client side know how to handle? If so, does this mean that realistically, I might have to create my own "protocols" if I created an application with a unique functionality?

Dhari
  • 119
  • 2
  • Yes, that's exactly what it means. Very often it is necessary to create own protocols that can step on other ones. – mr mcwolf Jan 27 '23 at 06:50
  • Well, that's unfortunate, I went into this rabbit hole to know how to use Wireshark. But if each malicious piece of software can create its protocol & I guess also encrypt its data, then what's the point of analyzing the packets themselves. – Dhari Jan 27 '23 at 06:54
  • If we talk about security - packet analysis will show if there is any unusual activity in the monitored network. Another option is to diagnose topological problems in the network. And of course, the analysis can be used for debugging. – mr mcwolf Jan 27 '23 at 06:57

1 Answers1

0

A protocol, in this case, is just a structured way of communicating between two or multiple parties.

If you write, for example, a PHP-App and offer an API, you created a protocol to interact with your program. It defines how others interact with it and what response they can expect while doing so. Your self-created protocol depends on others, like the HTTP and TCP.

I suggest watching following video of LiveOverflow, explaining exactly this: https://www.youtube.com/watch?v=d-zn-wv4Di8&ab_channel=LiveOverflow

I want to know what exactly these "protocols" offer.

You can read the definition of each protocol, if you really want to

Fabian Wagner - a6a2f5842
  • 765
  • 7
  • 12