Introduction and Comparison of SSH, SSL, TLS, PPP, L2TP, PPTP, and IPSec

SSL: Specifies a Data Security score between the Application Protocol (HTTP, telnet, nntp, FTP) and TCP/IP.

Layer mechanism. Provides data encryption, server authentication, message integrity, and optional client authentication for TCP/IP connections.

.
Difference between SSL and TLS: TLS can be seen as an upgraded version of SSL. The main difference is that the supported encryption algorithms are different.

SSH: SSH is a protocol used for secure remote login and other security network services on insecure networks. It provides

Supports secure remote login, secure file transmission, and secure TCP/IP and X-window system traffic forwarding. It

You can automatically encrypt, authenticate, and compress the transmitted data. It mainly solves the plaintext transmission of passwords on the network.

IPSec: IPSec is designed to provide entry-to-entry communication security. Under this mechanism, the security of group communication is provided by a single node to multiple machines (or even the entire LAN ); (2) end-to-end group communication security: the computer that acts as the endpoint performs security operations. Any of the above modes can be used to build a virtual private network (VPN), which is also one of the main uses of IPSec. It should be noted that the above two operation modes differ greatly in terms of security implementation. It encrypts and authenticates IP protocol groups.

In computing, point-to-point (PPP) is usually used to establish a direct connection between two nodes. It is mainly used to connect two computers using telephone lines, and is now also useful in broadband computer connection. Many Internet service providers use PPP to provide users with access services (for example, access to the Internet has largely replaced the old standard image slip ). As the data link layer 2 protocol, PPP supports both synchronous link connection and asynchronous link connection. The PPP protocol is designed to work with multiple network layer protocols (such as IP, IPX, and appletalk) and is designed to replace the non-standard protocol slip of the data link layer. The PPP protocol was designed after the original HDLC specification. Therefore, the designers of the PPP protocol include many additional features that were not considered in the WAN data link layer protocol until then.

Both PPTP and L2TP use the PPP protocol to encapsulate data, and then add additional headers for data transmission over the Internet. Although the two protocols are very similar, there are still some differences:

1. PPTP requires the Internet to be an IP network. L2TP only requires the tunneling media to provide packet-oriented point-to-point connections. L2TP can be used on IP (using UDP), RST relay permanent virtual circuit (PVCs), X.25 virtual circuit (VCS), or ATM VCs networks.

2. PPTP can only establish a single tunnel between two points. L2TP supports multiple tunnels between two points. With L2TP, you can create different tunnels for different service quality.

3. L2TP can provide header compression. When the header is compressed, the overhead occupies 4 bytes, while the PPTP protocol occupies 6 bytes.

4. L2TP can provide tunneling verification, while PPTP does not. However, when both L2TP or PPTP and IPSec are used together, IPSec can provide tunneling verification without the need to verify the tunnel over Layer 2 protocol.

SSL, ssh, and TLS work on the transport layer, PPP, PPTP, and L2TP work on the data link layer, and IPSec works on the network layer.

 

Appendix: OSI Layer-7 Model

TCP/IP protocol layering:
1. Application Layer: responsible for handling specific application details. For example, telnet, FTP, and e-mail.
2. Transport Layer: Provides end-to-end communication for applications on two hosts. There are two different transmission protocols: TCP (Transmission Control Protocol) and UDP (User Datagram Protocol ).
3. The network layer (Internet layer) Processes Group Activities in the network. Includes IP protocol (Internet Protocol), ICMP protocol (Internet Control Packet protocol), and IGMP protocol (Internet Group Management Protocol ).
4. The link layer (data link layer/network interface layer) usually includes the device drivers in the operating system and the corresponding network interface card in the computer. They work together with the details of the physical interfaces of the transmission media.