Chapter 2

Chapter 2 Application Protocols

Domain Name Service • defines a hierarchical naming standard for the Internet • top-level-domains (TLDs) • "old-style" .com, .edu, .net, .mil, .gov • ccTLDs .au, .us, .gb • "new generic" TLDs .info, .biz • second-level-domains • company.com, com.au • third-level-domains • bond.edu.au

Registration & Administration • country code top level domains (ccTLDs) • country by country • Australia: auDA • TLDs • was: administrated by Network Solutions • Internic • now: several 'accredited registrars' • accredited by ICANN • dispute resolution at infringements

DNS Function • maps domain names to IP addresses • aka "forward lookup" • eg. kirk.bond.edu.au -> A 131.244.1.1 • 'A record' holds address information in database • maps aliases to other names • 'CNAME records' list canonical names • eg. www.bond.edu.au -> CNAME redback.bond.edu.au

DNS Function • maps domain names to mailserver names • eg. webmaster@bond.edu.au -> MX staff.bond.edu.au • 'MX record' in database • maps IP addresses to host names • aka "reverse lookup" • 'PTR record in subzone of IN-ADDR.arpa • eg. 1.1.244.131.in-addr.arpa -> PTR kirk.Bond.edu.au

DNS Database • database contains zones • everything what is known about a domain • host names, IP addresses, subdomains.... • every zone is made up by records • 'A records' for addresses • 'MX records' for mail exchange references • 'NS records' specifying the authoritative DNS for a zone • every record has TTL (time-to-live) for caching

DNS Distributed Operation • iterative query • server answers either directly or gives reference to other DNS server • recursive query • server asks other DNSs itself • more costly for the server, security issues • zone transfer • (trusted) DNSs exchange complete 'zones' • for replication mainly

DNS Distributed Operation (cont'd) • data dynamics • read often, write seldom • fault tolerance • more than one name server for a zone • caching, replication • relaxed consistency, things "converge eventually"

Domain Name Service (cont'd) ;; QUESTIONS: ;; bond.edu.au, type = A, class = IN ;; ANSWERS: bond.edu.au. 86400 A 131.244.1.1 ;; AUTHORITY RECORDS: bond.edu.au. 86400 NS kirk.bond.edu.au. bond.edu.au. 86400 NS minerva.its.bond.edu.au. bond.edu.au. 86400 NS diablo.onthenet.com.au. ;; ADDITIONAL RECORDS: kirk.bond.edu.au. 86400 A 131.244.1.1 minerva.its.bond.edu.au. 86400 A 131.244.14.1 diablo.onthenet.com.au. 75661 A 203.10.89.2 bond.edu.au. 86400 MX 10 kirk.bond.edu.au.

Telnet • for interactive access to a remote machine • "Internet terminal" • Catalogs, databases, services, etc. via Telnet -> primitive information systems (although mostly displaced by the web) • e.g. telnet pac.carl.org • Colorado Alliance of Research Libraries • TCP-based protocol, default server port 23 • multiplexes control data and user comm. into one TCP stream • Application: telnet <host> [<port>]

user login shell kernel kernel pseudo terminal driver terminal driver telnet client telnet server tcp/ip stack tcp/ip stack Telnet process model telnet shell.it.bond.edu.au Green Hat Linux release 5.5 (Manhattan) Kernel 2.20.36 on an 68000 login: jruser Password: tcsh>

Telnet's pros and cons • Standardized (RFC 854) • Application useful to debug text-based protocols (HTTP, SMTP, NNTP, POP, ....) • but 1 keystroke = 3 TCP packets • Data and Passwords in the clear • like most other remote login tools • simple to eavesdrop • don't use it for interactive work! • use SSH for that

Telnet for Debugging: HTTP > telnet www.bond.edu.au http Trying 203.144.16.237... Connected to redback.Bond.edu.au. Escape character is '^]'. GET / HTTP/1.0 HTTP/1.1 200 OK Server: Netscape-Enterprise/3.0 Date: Tue, 16 Apr 2002 11:34:21 GMT Content-type: text/html Last-modified: Sun, 26 May 2002 23:59:55 GMT Content-length: 22944 Accept-ranges: bytes Connection: close <html> <head> <title>Bond University</title> .....

SSH • interactive access to a remote computer, like TELNET • but encrypted data transfer • password not sniffable • nifty authentication tricks possible • arbitrary TCP traffic can be tunneled • not fully standardized • not as widespread yet, less applications and servers • no replacement for TELNET as a debugging tool

File Transfer Protocol • Bi-directional file transfer (binary, ASCII) • ftp <host> (default port: 21) • Interactive access (file, directory commands) • Authentication via username/password • Anonymous FTP: • login as anonymous/<email address>

user user interface user protocol interpreter user data transfer function FTP process model client server control connection server protocol interface (FTP commands, FTP replies) file system file system server data transfer function data connection

FTP sample session > ftp mirror.aarnet.edu.au Connected to .... 220 AARNet Mirror FTP server ready. Name (mirror.aarnet.edu.au:az): ftp 331 Anonymous login ok Password: az@bond.edu.au 230 Anonymous access granted, restrictions apply. ftp> ls 150 Opening ASCII mode data connection for file list drwxr-xr-x 13 mirror mirror 4096 May 26 21:17 pub drwxr-xr-x 7 root root 512 Feb 28 00:47 raid 226 Transfer complete. ftp> bye 221 Goodbye.

FTP commands • User commands, understood by the client app. • get, put, mget, mput • cd, dir, lcd, prompt, ascii, binary • Protocol commands exchanged by client and server • USER, PASS, QUIT, RETR, STOR, CWD, LIST

FTP replies • 3-digit code (ASCII) + optional message • Example replies: • 125 Data connection already open; transfer starting. • 200 Command OK. • 331 Username OK, password required. • 425 Can'topen data connection. • 500 Syntax error (unrecognized command). • QUIT -> 221 Goodbye

FTP's pros and cons • Pro: • Standardized (RFC 959) • Anonymous FTP • Contra: • Passwords and data in the clear • Very hard to get through a firewall securely

queue user user agent transfer agent user user agent transfer agent user mail drop Electronic Mail client sender TCP port 25 server receiver

Protocols involved in email • Simple Mail Transfer Protocol (SMTP) • mail exchange between MTAs • TCP protocol, port 25 • binary transport still not guaranteed • Post Office Protocol (POP) • retrieve mail from a mail drop • TCP , port 110 (POP3) • Internet Message Access Protocol (IMAP) • access and manage remote mail drop • TCP, port 143 (IMAP4)

SMTP sample session 220 athena.bond.edu.au -- Server ESMTP helo cluon.it.bond.edu.au 250 athena.bond.edu.au OK, cluon.it.bond.edu.au [131.244.8.139]. mail from: <az@bond.edu.au> 250 2.5.0 Address Ok. rcpt to: <az@bond.edu.au> 250 2.1.5 az@bond.edu.au OK. data 354 Enter mail, end with a single ".". bla . 250 2.5.0 Ok. quit 221 2.3.0 Bye received. Goodbye.

The corresponding email • Email format specified in RFC 2821 and RFC 2822 Received: from conversion-daemon.staff.bond.edu.au by staff.bond.edu.au (iPlanet Messaging Server 5.1 (built May 7 2001)) id <0GXB00G01M0GH6@staff.bond.edu.au> for azangerl@ims-ms-daemon (ORCPT az@bond.edu.au); Fri, 07 Jun 2002 15:51:54 +1000 (EST) Received: from cluon.it.bond.edu.au (cluon.it.bond.edu.au [131.244.8.139]) by staff.bond.edu.au (iPlanet Messaging Server 5.1 (built May 7 2001)) with SMTP id <0GXB00GN0MXK2G@staff.bond.edu.au> for azangerl@ims-ms-daemon (ORCPT az@bond.edu.au); Fri, 07 Jun 2002 15:51:54 +1000 (EST) Date: Fri, 07 Jun 2002 15:51:53 +1000 (EST) From: az@staff.bond.edu.au To: az@staff.bond.edu.au Message-id: <0GXB00GN4MY02G@staff.bond.edu.au> bla

SMTP commands • Minimal SMTP command set (RFC 2821) • HELO: client identification • MAIL FROM: identify sender • RCPT TO : identify receiver • DATA: start taking the message • QUIT: terminate mail exchange • RSET: abort current mail transaction, reset • VRFY: verify recipient address • NOOP: do nothing

SMTP replies • 3-digit code (ASCII) + optional message • Example replies: • 250 <address>... Sender ok • 354 Enter mail, end with "." on a line by itself • 421 <domain> Service not available, closing transmission channel • 500 Syntax error (unrecognized command). • 221 <domain> closing connection (after QUIT)

SMTP future • Extended SMTP (ESMTP): RFC 1425 220 athena.bond.edu.au -- Server ESMTP ehlo cluon.it.bond.edu.au 250-athena.bond.edu.au 250-8BITMIME 250-EXPN 250-STARTTLS 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN 250 SIZE 4096000 • .....lots of other capability codes • SIZE: willing to take mail up to size x, RFC1427 • 8BITMIME: "8bit clean" • EXPN: expand address (do not send mail) • AUTH, STARTTLS: authentication at the server

Mail and the DNS • MX resource record in the DNS • Defines mail relay and precedence for domains (hosts) tcsh > nslookup > set qt=mx > sun.com sun.com preference = 40, mail exchanger = mondzo.sun.com sun.com preference = 5, mail exchanger = venus.Sun.COM sun.com preference = 5, mail exchanger = lukla.Sun.COM sun.com preference = 15, mail exchanger = mercury.Sun.COM sun.com preference = 40, mail exchanger = mars.sun.com mondzo.sun.com internet address = 192.18.100.1 venus.Sun.COM internet address = 192.9.25.5 ....... >

Anatomy of an email Received: from mail.bond.edu.au by localhost with POP3 (fetchmail-4.7.5) for rho@localhost (single-drop); Tue, 01 Feb 2000 00:00:06 +1000 (EST) Received: from ocean-xterm4.it.bond.edu.au (localhost [127.0.0.1]) by ocean-xterm4.it.bond.edu.au (8.9.3/8.9.3) with ESMTP id VAA17801; Mon, 31 Jan 2000 21:52:54 +1000 Message-Id: <200001311152.VAA17801@ocean-xterm4.it.bond.edu.au> X-Mailer: exmh version 2.1.1 10/15/1999 To: some_student@student.bond.edu.au Cc: robert_barta@bond.edu.au Subject: Re: proposal for Special topics in Networking / Network Administration In-reply-to: Your message of "Fri, 28 Jan 2000 11:30:56 +1000." <000901bf692f$5414ec60$3c00a8c0@crippsy> Reply-To: rho@bond.edu.au Precedence: normal From: Robert Barta <rho@bond.edu.au> Mime-Version: 1.0 Date: Mon, 31 Jan 2000 21:52:54 +1000 Sender: rho@bond.edu.au that's the text in the body of the email

local store user maildrop user agent user POP server Post Office Protocol • Retrieve mail from a mail drop • Default port: 110 (POP3) client server TCP connection client POP interface

POP sample session • +OK POP3 kirk.bond.edu.au v7.59 server ready • USER rho • +OK User name accepted, password please • PASS ratzfatz • +OK Mailbox open, 2 messages • LIST • +OK Mailbox scan listing follows • 1 1485 • 2 2281 • . • RETR 1 • +OK 1485 octets • Received: from kirk.bond.edu.au (.... • the mail • . • DELE 1 • +OK Message deleted • DELE 3 • -ERR No such message • QUIT • +OK Sayonara • Connection closed by foreign host.

POP commands and replies • Main commands (RFC 1939): • USER specify user name (APOP name digest) • PASS user’s password (cleartext!) • QUIT end session • STAT number of messages, size of mailbox • LIST list mailbox/message, size & number of message • RETR retrieve a message • DELE mark message for deletion • NOOP do nothing • RSET unmark message for deletion • Replies (RFC 1939) • +OK [<text>] • -ERR [<text>]

Internet Message Access Protocol • POP’s shortcomings • password in the clear (if APOP not supported) • transfers mail to local system • network access ? Mail scattered on several computers. • leave mail on POP server • unstructured • IMAP • supports access and management of email on a mail server (RFC 2060)

IMAP goals • Keep mail on the mail server: • mail needs not be transferred back and forth • Manipulation of remote mailboxes as if they were local • Access & management from > 1 computer • full access to mail while travelling • consistent access from home, work, etc. • Concurrent access to shared mailboxes • Access modes: • on-/offline, disconnected

IMAP access modes • Offline: similar to POP • Online: access, manage and manipulate mail on a server (mail is left on the server) • Disconnected (mail is left on the server) • make a cache copy of selected messages and disconnect • manipulate cache copy • reconnect to the server and resynchronize

IMAP can do more than POP • List/create/delete/rename remote folders • Support for folder hierarchies • Manipulate remote folders != INBOX • Append messages to remote folder • Standard and user-defined status flags (seen, answered, draft, ...) • Simultaneous update and update recovery in shared folders • New mail notification • Determine message structure without downloading • Selective fetching of individual MIME body parts • Server-based searching and selection to minimize data transfer • Negotiated extensions => extend capabilities

IMAP problems • Online mode: no IMAP server => no access to "old" mail • Complex protocol => harder to implement, more security problems, less stable? • elder Mail clients support POP rather than IMAP • Password and data in the clear • various extensions support MD (message digest auth.) or CRAM (challenge-response authentication methods) • with MD,CRAM at least the password not sent in clear

Multipurpose Internet Mail Extension • "old-style" Mail body according to RFC 2822: • only 7 bit ASCII text allowed • max line length: 1000 (SMTP DATA command) • how to transport non-text content? • MIME (RFC 2045-2049) • overcome RFC 822 limitations • requires no change to MTAs • structured mail content

MIME header fields (1/3) • MIME-Version • version of the Internet message body format standard in use • MIME-version: 1.0 • Content-Type • describe the data contained in the body => user agent can pick an appropriate agent to present the data to the user • Content-Type: text/plain

MIME header fields (2/3) • Content-Transfer-Encoding • describe encoding of binary data (non-7-bit) into a 7 bit short line format (SMTP, RFC 2821) • Content-Transfer-Encoding: base64 • Content-ID • one body may want to reference another • => unique id required • Content-ID: <id42@ocean-xterm4.it.bond...>

MIME header fields (3/3) • Content-Description • associate some descriptive information with a given message body • Content-Description: Mail message body

MIME example (screenshot)

MIME example (raw content) • Subject: test • Content-Type: multipart/mixed; boundary="border_1" • This is a multi-part message in MIME format. • --border_1 • Content-Type: multipart/alternative; boundary="border_2" • --border_2 • Content-Type: text/plain; charset=us-ascii • Content-Transfer-Encoding: 7bit • Content-Description: Mail message body • Just a nice test mail • --border_2 • Content-Type: text/html; charset=us-ascii • Content-Transfer-Encoding: 7bit • <HTML> Just a nice test mail </HTML> • --border_2-- • --border_1 • Content-Type: image/gif; name="test.gif" • Content-Transfer-Encoding: base64 • R0lGODlhIQHRAPcAAAAAAIAAAACA.... • --border_1--

Some MIME content types

eMail issues, non-technical • Be conservative in what you send and liberal in what you receive. • HTML is for the web, email is to be TEXT ONLY. • Quoting • don't fullquote or topquote, ever. • snip irrelevant stuff • make ">" your quote character or switch clients. • McQ limit for mail signatures • (from Usenet regular McQuary, alt.fan.warlord) • up to 4 lines, 80 characters each

eMail issues (cont'd) • don't waste bandwidth • Meta viruses • "There is a dangerous mail going round. Do not open it, it will format your harddisk. Send this to all your friends." • Attachments • proprietary formats are evil. • size does matter

Spam • Spam (UBE/UCE) • commercials via email, "make money fast" • mass marketing, 30+ million email addresses on CDs • illegal in many countries • bandwidth consumption, consumer pays

Spam, personal behaviour • DO NOT EVER reply to spam • address is forged or defunct or a trap: • you validate your address to the spammer • your spam intake will multiply • use "snake skin" addresses • gmx.net, hotmail.com, .... • always complain to sender's ISP • with COMPLETE mail including ALL headers • ferreting the right info out is tedious work

Usenet News • "A global distributed blackboard on top of other networks." • "A World-wide discussion forum which is divided into hierarchical newsgroups dedicated to defined topics."

News basics • Over 60000 newsgroups (~ topics), many DOA • Newsgroups are hierarchically structured • e.g. comp.lang.java, sci.math.research • Users can subscribe to a set of newsgroups • Users can write new articles (or postings) • Users can post them to a (set of) newsgroup(s) • all subscribers see the postings • Users can reply to existing postings • thread (discussion)

Chapter 2

Chapter 2

Presentation Transcript

Chapter 2

Chapter 2

Chapter 2

Chapter 2

Chapter 2

Chapter 2

Chapter 2

Chapter 2

Chapter 2

Chapter 2:

Chapter 2

chapter 2

chapter 2

Chapter 2-2

CHAPTER 2

Chapter 2

Chapter 2

CHAPTER 2

Chapter 2

Chapter 2

CHAPTER 2

Chapter 2