Skip to content

Chapter 11

The Presentation Layer
format, compression, encryption

The Session Layer
As the name implies, functions at the session layer create and maintain dialogs between source and destination applications. The session layer handles the exchange of information to initiate dialogs, keep them active, and to restart sessions that are disrupted or idle for a long period of time.

HTTP : The three common message types are GET, POST, and

Email supports three separate protocols for operation:
Simple Mail Transfer Protocol (SMTP), Post Office Protocol (POP), and IMAP. The application layer process that sends mail uses SMTP. A client retrieves email, however, using one of the two application layer protocols: POP or IMAP.

MUA : mail user agent
MTA : mail transfer agent
MDA : mail delivery agent =

email gönderirken smtp kullanılır : mua > mda, mua > mta >
mail çekilirken : pop3, imap
smtp tcp 25

POP is used by an application to retrieve mail from a mail
server. With POP, mail is downloaded from the server to
the client and then deleted on the server. This is how POP
operates, by default. The server starts the POP service by passively listening on TCP port 110 for client connection requests.

Unlike POP, when the user connects to an IMAP-capable server, copies of the messages are downloaded to the client application. The original messages are kept on the server until manually deleted. Users view copies of the messages in their email client software.

DNS : root dns > top level dns > secondary level dns

Dynamic Host Configuration Protocol (DHCP)
selefi bootp
ip address, subnet mask, default gateway, dns

dhcp operation (udp 67, 68)

The client establishes the first connection to the server
for control traffic using TCP port 21, consisting of
client commands and server replies.
The client establishes the second connection to the server
for the actual data transfer using TCP port 20. This
connection is created every time there is data to be

An FTP client is an application that runs on a computer
that is used to push and pull data from a server running
an FTP daemon (FTPd).

legacy ethernet : 10Mbit
fastethernet : 100Mbit
gigabit ethernet : 1000Mbit = 1Gbit
10gigabit ethernet : 10000Mbit = 10Gbit


converged network : data, voip, iptv




A computer virus is a type of malware that propagates by
inserting a copy of itself into, and becoming part of,
another program. It spreads from one computer to another,
leaving infections as it travels.

In contrast to viruses, which require the spreading of an
infected host file, worms are standalone software and do
not require a host program or human help to propagate. A
worm does not need to attach to a program to infect a host
and enter a computer through a vulnerability in the
system. Worms take advantage of system features to travel
through the network unaided.

Trojan Horses

A Trojan horse is another type of malware named after the
wooden horse the Greeks used to infiltrate Troy. It is a
harmful piece of software that looks legitimate. Users are
typically tricked into loading and executing it on their
systems. After it is activated, it can achieve any number
of attacks on the host, from irritating the user (popping
up windows or changing desktops) to damaging the host
(deleting files, stealing data, or activating and
spreading other malware, such as viruses). Trojan horses
are also known to create back doors to give malicious
users access to the system.