1 / 24

CSE331: Introduction to Networks and Security

CSE331: Introduction to Networks and Security. Lecture 12 Fall 2002. Announcements. Reminder: Project 1 due on Monday, Oct. 7 th In-class midterm Wednesday, Oct. 9 th Monday’s Class Further Topics in Networking Review / Question & Answer. Recap. Remote Procedure Call (RPC)

haroldcook
Download Presentation

CSE331: Introduction to Networks and Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CSE331:Introduction to Networksand Security Lecture 12 Fall 2002

  2. Announcements • Reminder: • Project 1 due on Monday, Oct. 7th • In-class midterm Wednesday, Oct. 9th • Monday’s Class • Further Topics in Networking • Review / Question & Answer CSE331 Fall 2002

  3. Recap • Remote Procedure Call (RPC) • Java’s remote method invocation (RMI) CSE331 Fall 2002

  4. Today • RMI Demo • Application-level Protocols • SMTP: Simple Mail Transfer Protocol • HTTP: HyperText Transfer Protocol • SNMP: Simple Network Management Protocol CSE331 Fall 2002

  5. Java RMI Permissions • Socket permissions in a policy file // policy.pol grant { permission java.net.SocketPermission "<IP>:1024-65535", "connect,accept,listen,resolve"; permission java.net.SocketPermission "*:1099", "connect,resolve"; }; CSE331 Fall 2002

  6. Running Java programs with policies • java –Djava.security.policy=policy Program CSE331 Fall 2002

  7. Protocol Stack Revisited Application SMTP, HTTP, SNMP Presentation Session Transport Network So far… Data Link Physical CSE331 Fall 2002

  8. Common Features • SMTP, HTTP, SNMP • Request/Reply protocols built on TCP or UDP • Designed to handle a fixed set of messages • Companion data format • Many applications Protocol Data Format Programs SMTP RFC 822 and MIME Pine, NSMail, Eudora,… HTTP HTML Explorer, Netscape, Opera SNMP MIB snmpget, snmpset,… CSE331 Fall 2002

  9. SMTP: Simple Mail Transfer Protocol • Data format RFC822 • Adopted around 1982, extended 1993, 1996 • http://www.faqs.org/rfcs/rfc822.html • ASCII text • Header and Body CSE331 Fall 2002

  10. RFC822 Headers • <CRLF>-terminated lines containing pairs of form type: value • Many valid Header types • Some headers filled out by client • To: stevez@cis.upenn.edu • Subject: CSE331 • Others filled out by mail delivery system • Date: • Received: • From: CSE331 Fall 2002

  11. MIME: Multipurpose Internet Mail Extensions • Consists of three parts • Additional RFC822 Headers • MIME-Version: • Content-Type: • Content-Transfer-Encoding: • Content types (and subtypes) • text/plain • text/rich • image/gif • application/postscript • Multipart/mixed; boundary=“…” CSE331 Fall 2002

  12. MIME Encoding • Mail systems assume ASCII • Only 64 valid characters A-Z, a-z, 0-9, +, / • Some datatypes include arbitrary binary data (e.g. JPEG) • Base64 encoding • 3 bytes of data map to 4 ASCII Characters • A=0,B=1,… • Also 7bit ASCII encoding • Human readable CSE331 Fall 2002

  13. From: Steve Zdancewic <stevez@cis.upenn.edu> MIME-Version: 1.0 To: stevez@cis.upenn.edu Subject: Example Mail Content-Type: multipart/mixed; boundary="------------020307000708030506070607" This is a multi-part message in MIME format. --------------020307000708030506070607 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit This is the body. --------------020307000708030506070607 Content-Type: text/plain; name="example.txt" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="example.txt" Hello --------------020307000708030506070607 Content-Type: image/jpeg; name="doc.jpg" Content-Transfer-Encoding: base64 Content-Disposition: inline; filename="doc.jpg" /9j/4AAQSkZJRgABAQEASABIAAD//gAXQ3JlYXRlZCB3aXRoIFRoZSBHSU1Q/9sAQwAIBgYH BgUIBwcHCQkICgwUDQwLCwwZEhMPFB0aHx4dGhwcICQuJyAiLCMcHCg3KSwwMTQ0NB8nOT04…

  14. SMTP • Mail Reader • User edits/reads/search e-mail • Mail Daemon • Process running on each host (port 27) • Uses SMTP/TCP to transmit mail to daemons on other machines • Most daemons based on Berkley’s sendmail • Mail Gateways • Store and forward e-mail (much like IP router) • Buffers on disk • Attempts to resend CSE331 Fall 2002

  15. SMTP Mail Gateways Mail reader Mail reader Mail daemon Mail daemon Mail gateway • No need for explicit host in e-mail address • User can receive mail at different machines • Recipient’s machine may not be up • Mail gateway can hold message for later Mail daemon SMTP/TCP SMTP/TCP CSE331 Fall 2002

  16. SMTP Dialogs • Client posts commands • HELO, MAIL, RCPT, DATA, QUIT • Server responds with code and human-readable explanation CSE331 Fall 2002

  17. Example SMTP Dialog HELO seas.upenn.edu 250 Hello daemon@smtpauth.seas.upenn.edu [158.130.12.180] MAIL FROM:<stevez@seas.upenn.edu> 250 OK RCPT TO:<billg@microsoft.com> 250 OK RCPT TO:<ted@microsoft.com> 550 No such user here DATA 354 Start mail input; end with <CRLF>.<CRLF> Blah blah blah… <CRLF>.<CRLF> 250 OK QUIT 221 Closing Connection

  18. HTTP: HyperText Transfer Protocol • Text-oriented protocol on top of TCP • http://www.w3.org/Protocols/ • Messages have the form START_LINE <CRLF> MESSAGE_HEADER <CRLF> <CRLF> MESSAGE_BODY <CRLF> CSE331 Fall 2002

  19. HTTP Request Messages • START_LINE: Operation URL Version • Absolute URL:GET http://www.cis.upenn.edu/ HTTP/1.1 • Using the MESSAGE_HEADER • Relative URL:GET / HTTP/1.1Host: www.cis.upenn.edu CSE331 Fall 2002

  20. HTTP Request Operations Operation Description OPTIONS get info about server options GET retrieve document specified by URL HEAD retrieve metainfo document by URL POST give info to the server PUT store document under specified URL DELETE delete specified URL TRACE loopback request message CONNECT for use by proxy servers CSE331 Fall 2002

  21. HTTP Response Messages • START_LINE Version Code Reason • HTTP/1.1 202 Accepted • HTTP/1.1 404 Not Found Code Type Example Reasons 1xx Information request received 2xx Success action successfully accepted 3xx Redirection further action must be taken 4xx Client Error request contains bad syntax 5xx Server Error server didn’t fulfill valid request CSE331 Fall 2002

  22. HTTP Caching • Store a copy of the data closer to the client • Browser caches web pages • ISPs can cache pages • Sites can cache pages at proxies • How to cache changing web pages? • Server assigns expiration date using Expires header • Set of cache directives that specify whether documents can be cached, for how long, etc. • Not easy to cache dynamic content CSE331 Fall 2002

  23. SNMP:Simple Network Management Protocol • Specialized request/reply protocol • Two basic operations: GET and SET • Runs on UDP • Companion data: Management Info. Database (MIB) • Stores information about various protocols running on nodes in the network • Example uses: • Measure # packets dropped/received • Watch for faulty hardware/software • Determine # IP datagram reassemblies that are aborted CSE331 Fall 2002

  24. MIP-II Variables • System • Where located, Uptime, Name • Interfaces • Physical addresses, # packets sent/received • ARP • Contents of address translation table • IP • Routing table • # packets forwarded • Reassembly statistics • Drop counts • TCP • # of passive/active opens • # timeouts, default timeout settings CSE331 Fall 2002

More Related