and UDP port 162 is used by the management console to receive

                  responses and notifications (also known as trap messages). Trap
                  messages inform the management console when an event or
                  threshold violation occurs on a monitored system.




               Implications of Multilayer Protocols

               As you can see from the previous sections, TCP/IP as a protocol suite
               comprises dozens of individual protocols spread across the various
               protocol stack layers. TCP/IP is therefore a multilayer protocol.
               TCP/IP derives several benefits from its multilayer design, specifically
               in relation to its mechanism of encapsulation. For example, when
               communicating between a web server and a web browser over a typical

               network connection, HTTP is encapsulated in TCP, which in turn is
               encapsulated in IP, which is in turn encapsulated in Ethernet. This
               could be presented as follows:



               [ Ethernet [ IP [ TCP [ HTTP ] ] ] ]


               However, this is not the extent of TCP/IP’s encapsulation support. It is
               also possible to add additional layers of encapsulation. For example,
               adding SSL/TLS encryption to the communication would insert a new

               encapsulation between HTTP and TCP:


               [ Ethernet [ IP [ TCP [ SSL [ HTTP ] ] ] ] ]


               This in turn could be further encapsulated with a Network layer
               encryption such as IPSec:



               [ Ethernet [ IPSec [ IP [ TCP [ SSL [ HTTP ] ] ] ] ] ]


               However, encapsulation is not always implemented for benign
               purposes. There are numerous covert channel communication

               mechanisms that use encapsulation to hide or isolate an unauthorized
               protocol inside another authorized one. For example, if a network