360 likes | 445 Views
實驗四 網路協定觀察與分析. Instructor: Teaching Assistant: 1998/12/7 High Speed Network lab. Department of Computer Information Science, NCTU. Outline. Sniffer Introduction NetXRay Operation Guide HTTP Protocol Overview Protocol Analysis Example (HTTP) Experiment Requirements.
E N D
實驗四網路協定觀察與分析 Instructor: Teaching Assistant: 1998/12/7 High Speed Network lab. Department of Computer Information Science, NCTU
Outline • Sniffer Introduction • NetXRay Operation Guide • HTTP Protocol Overview • Protocol Analysis Example (HTTP) • Experiment Requirements
HTTP Overview • Application-level, distributed, collaborative, hypermedia information system. • HTTP/0.9 (1990) : raw data transfer • HTTP/1.0 (RFC1945) : MIME-like message • HTTP/1.1 (RFC2068) : persistent connection, caching, hierarchical proxies, new methods…. • HTTP-NG • HDTP • Push (WebCasting), ICP(Internet Cache Protocol),….
HTTP Overview (cont’) Web server client A Proxy client B
Multipurpose Internet Mail Extension -- MIME • Non-textual data --> RFC 822 (7 bit) • MIME-type • 1. Textual message bodies other than US-ASCII • 2. Textual header information other than US-ASCII • 3. Non-textual message part • 4. Multi-part message bodies
Protocol Parameters • HTTP version • URI (Uniform Resource Identifiers) • Date/Time • Character sets • Content coding • Transfer coding • Media types
Persistent Connections • Separate TCP connection (HTTP/1.0) : increasing HTTP server load and traffic load • Default behavior of HTTP/1.1 • Either client or server close connection by : • Connection : close • Pipelined requests/responses within a connection
HTTP messages • Generic message format • = request-line | response-line • *message-header • CRLF • [message body] • request-line • = Method SP Request-URI SP HTTP-Version CRLF • response-line • = HTTP-Version SP Status-Code SP Reason-Phrase CRLF
HTTP messages -- Methods • OPTION : request for information about the communication options available on the request/response chain • GET : retrieve information • HEAD : retrieve information (test hypertext links for validity, accessibility, and recent modification) • POST : subordinate to a directory, newsgroup, database... • PUT : store entity • DELETE : delete entity • TRACE : see what is being received at the other end of the request chain
HTTP messages -- Status Codes • 1XX : Informational • 2XX : Success • 3XX : Redirection (further actions needed) • 4XX : Client error • 5XX : Server error Examples. 100 : Continue 201 : Created 302 : Multiple choices 403 : Forbidden 504 : Gateway time-out
Access Authentication • Basic authentication scheme • WWW-authenticate header, Authorization header • base64 coding of user-pass • Digest authentication scheme (RFC2069)
Security Considerations • Authentication of clients • Offering a choice of authentication schemes • Abuse of server log information • Attacks based on file & path names (“..”) • Personal information • DNS spoofing • Transfer of sensitive information (Server, Via, Referer, From header)
Caching • Reduces the number of network round-trips and bandwidth requirement • Semantic transparency • Expiration model • age, expiration(lifetime) calculation • Validation model • cache validator (Last-Modified header) • Response cachability : 200, 203, 206, 300, 301, 410 • Cache control mechanism
Caching • Cache control • Cache control header • 1. What is cachable • 2. Expiration mechanism modify • 3. Cache revalidation & reload control • 4. Entity transform
Related RFC list • RFC822 : Standard for the Format of ARPA Internet Text Message • RFC1630 : Universal Resource Identifier in WWW • RFC1700 : Assigned Numbers • RFC1738 : Universal Resource Locators • RFC1808 : Relative Uniform Resource Locators • RFC1945 : Hypertext Transfer Protocol -- HTTP/1.0 • RFC2045 : MIME part one • RFC2047 : MIME part three • RFC2069 : Digest Access Authentication
HTTP ProtocolExample 設定擷取封包位址 設定擷取封包協定
HTTP Protocol Example (cont’) 交通大學首頁 校園公告
網路協定列表: • HTTP必須列入實驗觀察對象。另外,各位同學可以從下列協定中選擇另一個協定作為觀察與分析的對象,所有RFC可由[1]或NCTUCCCA取得。由於ARP協定的分析流程已詳述在實驗報告範例,所以這個協定〝不可〞列入實驗報告觀察對象。 • SNMP、ARP、RARP、DNS、SMTP、RPC 、RIP、HTTP、DVMRP、POP3、NFS以及NetBIOS等。
實驗報告要求: • 實驗報告應該包括下列項目:實驗名稱、組員與系級、實驗目的、設備與操作環境、所觀察協定之背景知識、方法與步驟、觀察與紀錄、討論(針對問題與討論的項目回答,或自行提出問題並討論之)及參考書目。報告篇幅限定為8~10頁(A4),一律繳交雷射或噴墨列印之完稿。