Networking Secure Protocols: TLS, SSH, and VPN Explained

 


Networking Secure Protocols: TLS, SSH, and VPN Explained

Introduction

In modern computer networks, protocols such as HTTP, SMTP, POP3, IMAP, and TELNET are widely used to browse the web, send emails, and access remote systems. While these protocols work efficiently, they were originally designed without security features.

This means they do not protect:

  • Confidentiality – preventing others from reading the data

  • Integrity – preventing data from being modified

  • Authenticity – ensuring communication with the correct server

Without security, attackers could intercept passwords, emails, or financial data. To solve these problems, secure networking protocols such as TLS, SSH, and VPNs were introduced.

This blog explains how these technologies protect network communication in a simple and easy-to-understand way.

Transport Layer Security (TLS)

Transport Layer Security (TLS) is a cryptographic protocol that secures communication over the Internet. It ensures that data sent between a client and a server remains private and unaltered.

TLS evolved from Secure Sockets Layer (SSL), which was developed in the 1990s. Over time, TLS has been improved significantly, with TLS 1.3 being the most secure and efficient version today.

Why TLS Is Important

Without TLS, activities such as online banking, shopping, and email communication would be unsafe. TLS encrypts data so that even if network traffic is captured, the information remains unreadable.

HTTPS: HTTP Over TLS

HTTP sends data in plaintext over port 80, making it easy to intercept. HTTPS secures HTTP by running it over TLS and uses port 443.

When accessing a website using HTTPS:

  1. A TCP connection is established

  2. A TLS session is negotiated

  3. Encrypted HTTP data is exchanged

This protects login credentials, personal data, and online transactions from attackers.

Secure Email Protocols: SMTPS, POP3S, and IMAPS

Email protocols also support TLS encryption.

Default (Insecure) Ports

  • SMTP – 25

  • POP3 – 110

  • IMAP – 143

Secure Ports (Using TLS)

  • SMTPS – 465 / 587

  • POP3S – 995

  • IMAPS – 993

When TLS is enabled, email credentials and messages cannot be extracted from captured network traffic.

Secure Shell (SSH)

TELNET allows remote system access but sends all data, including passwords, in plaintext. To overcome this, Secure Shell (SSH) was created.

SSH provides:

  • Encrypted communication

  • Secure authentication methods

  • Protection against network attacks

The most popular open-source implementation of SSH is OpenSSH, which listens on port 22.

SFTP and FTPS

SFTP (SSH File Transfer Protocol)

  • Part of the SSH protocol suite

  • Uses port 22

  • Simple to configure

  • Secure and reliable

FTPS (File Transfer Protocol Secure)

  • FTP secured using TLS

  • Uses port 990

  • Requires certificates

  • More complex firewall configuration

Although both are secure, SFTP is often preferred due to ease of use.

Virtual Private Network (VPN)

A Virtual Private Network (VPN) creates a secure, encrypted tunnel over the Internet. VPNs are commonly used by companies to connect remote branches or allow employees to work securely from home.

Benefits of VPNs

  • Encrypts all network traffic

  • Hides the user’s real IP address

  • Enables secure access to private networks

VPNs make it possible to use public networks safely and access resources as if you were on a private network.

Conclusion

Secure networking is essential in today’s digital world. The three main approaches to securing network traffic are:

  1. TLS – Secures web and email protocols

  2. SSH – Provides secure remote access and tunneling

  3. VPNs – Create private networks over public infrastructure

Together, these technologies ensure safe, private, and trustworthy communication across the Internet.

Final Answers (For Reference)

  • Protocol TLS was built upon: SSL

  • Certificates not suitable for authenticity: Self-signed certificates

  • Packets used for TLS negotiation (HTTPS): 7

  • Protocol where credentials can be extracted: IMAP

  • Open-source SSH implementation: OpenSSH

  • Protocol to connect company branches securely: VPN

  • Captured password in TLS challenge: THM{B8WM6P}

Comments

Post a Comment

Popular Posts