410 likes | 534 Views
ECE5650. Basic Network Services (II) FTP, Email, and DNS. Recap: HTTP and Web. HTTP request msg format and method types: GET, POST, HEAD, PUT, DELATE HTTP response msg format and status codes Cookies and their usage: Persistent vs Non-Persistent cookies.
E N D
ECE5650 Basic Network Services (II) FTP, Email, and DNS 2: Application Layer
Recap: HTTP and Web • HTTP request msg format and method types: • GET, POST, HEAD, PUT, DELATE • HTTP response msg format and status codes • Cookies and their usage: • Persistent vs Non-Persistent cookies 2: Application Layer
2.1 Principles of network applications 2.2 Web and HTTP 2.3 FTP 2.4 Electronic Mail SMTP, POP3, IMAP 2.5 DNS 2.7 Socket programming with TCP 2.8 Socket programming with UDP 2.9 Building a Web server Examples ofInternet Services 2: Application Layer
transfer file to/from remote host client/server model client: side that initiates transfer (either to/from remote) server: remote host ftp: RFC 959 ftp server: port 21 for control, port 20 for data FTP user interface FTP client FTP server local file system FTP: the file transfer protocol file transfer user at host remote file system 2: Application Layer
All communication (login, control and data are secured) transfer file to/from remote host same as FTP client/server model network protocol designed by the IETF to provide secure file transfer and manipulation facilities over the secure shell (SSH) protocol. SFTP user interface SFTP client SFTP server local file system SFTP: secure file transfer protocol file transfer over SSH user at host remote file system 2: Application Layer
FTP client contacts FTP server at port 21, specifying TCP as transport protocol Client obtains authorization over control connection Client browses remote directory by sending commands over the persistent control connection. When server receives a command for a file transfer or directory listing, the server opens a TCP data connection to client After transferring one file, server closes connection. TCP control connection port 21 TCP data connection port 20 FTP client FTP server FTP: separate control, data connections • Server opens a second TCP data connection to transfer another file. • Control connection: “out of band” • HTTP sends control info in-band • FTP server maintains “state”: current directory, earlier authentication 2: Application Layer
Sample commands: sent as ASCII text over control channel USERusername PASSpassword LISTreturn list of file in current directory RETR (Get) filenameretrieves (gets) file STOR (Put) filenamestores (puts) file onto remote host Sample return codes status code and phrase (as in HTTP) 331 Username OK, password required 125 data connection already open; transfer starting 425 Can’t open data connection 452 Error writing file FTP commands, responses 2: Application Layer
Access control commands: USER, PASS, ACT, CWD, CDUP, SMNT, REIN, QUIT. Transfer parameter commands: PORT, PASV, TYPE STRU, MODE. Service commands: RETR, STOR, STOU, APPE, ALLO, REST, RNFR, RNTO, ABOR, DELE, RMD, MRD, PWD, LIST, NLST, SITE, SYST, STAT, HELP, NOOP. www.faqs.org/rfcs/rfc959.html All FTP commands (RFC 959) 2: Application Layer
FTP/SFTP is used to transfer files between hosts FTP is an out-of-band protocol: control is sent over server port 21 while data is sent over server port 20. Control connection is persistent and the FTP server must maintain the state of the user. Data connection is non-persistent and initiated by FTP server. FTP Summary 2: Application Layer
Three major components: user agents mail servers simple mail transfer protocol: SMTP User Agent a.k.a. “mail reader” composing, editing, reading mail messages e.g., Eudora, Outlook, elm, Netscape Messenger outgoing, incoming messages stored on server user agent user agent user agent user agent user agent user agent SMTP SMTP SMTP mail server mail server mail server outgoing message queue user mailbox Electronic Mail 2: Application Layer
Mail Servers mailbox contains incoming messages for user messagequeue of outgoing (to be sent) mail messages SMTP protocol between mail servers to send email messages client: sending mail server “server”: receiving mail server user agent user agent user agent user agent user agent user agent SMTP SMTP SMTP mail server mail server mail server Electronic Mail: mail servers 2: Application Layer
uses TCP to reliably transfer email message from client to server, port 25 direct transfer: sending server to receiving server three phases of transfer handshaking (greeting) transfer of messages closure command/response interaction commands: ASCII text response: status code and phrase messages must be in 7-bit ASCII Electronic Mail: SMTP [RFC 2821] 2: Application Layer
1) Alice uses UA to compose message and “to” bob@wayne.edu 2) Alice’s UA sends message to her mail server; message placed in message queue 3) Client side of SMTP opens TCP connection with Bob’s mail server 4) SMTP client sends Alice’s message over the TCP connection 5) Bob’s mail server places the message in Bob’s mailbox 6) Bob invokes his user agent to read message user agent user agent mail server mail server Scenario: Alice sends message to Bob 1 2 6 3 4 5 2: Application Layer
Sample SMTP interaction C: telnet smtp.wayne.edu 25 S: 220 mirapointmr3.wayne.edu C: HELO alice S: 250 Hello alice, pleased to meet you C: MAIL FROM: <alice@crepes.fr> S: 250 alice@crepes.fr... Sender ok C: RCPT TO: <bob@wayne.edu> S: 250 bob@wayne.edu ... Recipient ok C: DATA S: 354 Enter mail, end with "." on a line by itself C: Do you like ketchup? C: How about pickles? C: . S: 250 Message accepted for delivery C: QUIT S: 221 wayne.edu closing connection 2: Application Layer
Try SMTP interaction for yourself: • telnet ece.eng.wayne.edu 25 • see 220 reply from server • enter HELO, MAIL FROM, RCPT TO, DATA, QUIT commands above lets you send email without using email client (reader) 2: Application Layer
SMTP: protocol for exchanging email msgs RFC 822: standard for text message format: header lines, e.g., To: From: Subject: differentfrom SMTP commands. SMTP msg goes into the DATA command body the “message”, 7-bit ASCII characters only SMTP Mail message format header blank line body 2: Application Layer
MIME: multimedia mail extension, RFC 2045, 2056 additional lines in msg header declare MIME content type From: alice@crepes.fr To: bob@wayne.edu Subject: Picture of yummy crepe. MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Type: image/jpeg base64 encoded data ..... ......................... ......base64 encoded data Message format: multimedia extensions MIME version method used to encode data, quoted-printable is another method multimedia data type, subtype, parameter declaration encoded data where each line is 78 7-bit ASCII characters including CRLF 2: Application Layer
Encoding (not encrypting) method input: 8 bit ASCII data output: one of the 64 values listed in the Base64 encoding table and the “=“ character Process: group the input data in chunks of 3-bytes or 24-bits each break each 24-bit chunk into 4 values that are 6-bits each use the Base64 encoding table to find the character of each value if any chunk is less than 3 bytes then pad it with 0s and use the “=“ for any of these 6 0s. A 6-bit value with all 0s and at least 1 non-padded 0 will be an “A” Smallest base64 encoded output is 4 characters. Base64 encoding scheme (RFC 2045) Example: input is AB A ASCII hex=0x41 B ASCII hex=0x42 16-bits + 8 padded 0s: 0100 0001 0100 0010 0000 0000 4 values that are 6-bits each: 010000-010100-001000-000000 16-20-8-6 padded 0s Base64 output is QUI= 2: Application Layer
SMTP: delivery/storage to receiver’s server Mail access protocol: retrieval from server POP3: Post Office Protocol version 3 [RFC 1939] uses port 110 authorization (agent <-->server) and download IMAP: Internet Mail Access Protocol [RFC 1730] more features (more complex) manipulation of stored msgs on server HTTP: Hotmail , Yahoo! Mail, etc. user agent user agent sender’s mail server SMTP Mail access protocols SMTP access protocol receiver’s mail server 2: Application Layer
authorization phase client commands: user: declare username pass: password server responses +OK (Server accepted prior command) -ERR (server rejected prior command) transaction phase, client: list: list message numbers retr: retrieve message by number dele: delete quit UIDL: “unique-ID listing” list unique message ID for all of the messages present in the users mailbox. Useful for download-and-keep by keeping a file that lists the messages retrieved in earlier sessions, the client can use the UIDL command to determine which messages on the server have already been seen. “Received:” in the msg indicates the SMTP servers that forwarded the msg POP3 protocol C: telnet ece.eng.wayne.edu 110 S: +OK POP3 server ready C: user bob S: +OK C: pass hungry S: +OK user successfully logged on C: list S: 1 498 S: 2 912 S: . C: retr 1 S: Return-Path: <fromuser@..> S: Received: from b1 by d1 ... S: more data.. S: . C: dele 1 C: retr 2 S: <message 1 contents> S: . C: dele 2 C: quit S: +OK POP3 server signing off 2: Application Layer
More about POP3 Previous example uses “download-and-delete” mode. User cannot re-read the deleted e-mail. “Download-and-keep”: copies of messages on different clients POP3 is stateless across sessions IMAP Keep all messages in one place: the server Allows user to organize messages in folders IMAP keeps user state across sessions: names of folders and mappings between message IDs and folder name POP3 (more) and IMAP 2: Application Layer
SMTP and POP3 uses persistent connections SMTP requires message (header & body) to be in 7-bit ASCII SMTP server uses CRLF.CRLF to determine end of message download-and-delete vs download-and-keep in POP3 All data communications are insecure by default Comparison with HTTP: HTTP: pull data from web server SMTP: push data to mail server both have command/response interaction, status codes HTTP: each object encapsulated in its own response msg SMTP: multiple objects sent in one multipart msg SMPT msg must be in 7-bit ASCII while HTTP has no restriction Email Summary 2: Application Layer
People: many identifiers: SSN, name, passport # Internet hosts, routers: IP address (32 or 128 bit) - used for addressing datagrams “canonical name”, e.g., ww.yahoo.com - used by humans Q: map between IP addresses and name ? Domain Name System (DNS) is: 1- distributed database implemented in hierarchy of many name servers 2- application-layer protocol: host, routers and name servers communicate to resolvenames (address/name translation). DNS protocol uses UDP transport protocol and port 53. 3- employed by other application layer protocols (HTTP, SMTP, FTP) to resolve host names. DNS: Domain Name System 2: Application Layer
Why not centralize DNS? single point of failure traffic volume distant centralized database maintenance doesn’t scale! DNS services Hostname to IP address translation Host aliasing Canonical (actual) and alias names (user-friendly): cwis-1.wayne.edu for alias www.wayne.edu Mail server aliasing: mail server and web server can share the same alias name. E.g. czxu@wayne.edu, wayne.edu Load distribution Replicated Web servers: a set of IP addresses for one canonical name. DNS returns the list of IPs for a name but rotated by 1 each time so the user can use the first listed IP. DNS 2: Application Layer
Root DNS Servers (13 servers labeled A-M) org DNS servers edu DNS servers com DNS servers poly.edu DNS servers umass.edu DNS servers pbs.org DNS servers yahoo.com DNS servers amazon.com DNS servers Distributed, Hierarchical Database Top-Level Domain Servers (TLDs) Authoritative DNS servers Each Client uses a local DNS server that does not belong to the hierarchy: • The local DNS is usually assigned by the DHCP server as part of the temporary IP assignment (run command: “ipconfig /all” to find your local DNS server). 2: Application Layer
a Verisign, Dulles, VA c Cogent, Herndon, VA (also Los Angeles) d U Maryland College Park, MD g US DoD Vienna, VA h ARL Aberdeen, MD j Verisign, ( 11 locations) k RIPE London (also Amsterdam, Frankfurt) i Autonomica, Stockholm (plus 3 other locations) m WIDE Tokyo e NASA Mt View, CA f Internet Software C. Palo Alto, CA (and 17 other locations) b USC-ISI Marina del Rey, CA l ICANN Los Angeles, CA DNS: Root name servers There are 13 root DNS server world wide that are labeled A-M: map of root DNS, as of Oct 2006. 2: Application Layer
TLD and Authoritative Servers • Top-level domain (TLD) servers: responsible for com, org, net, edu, etc, and all country code top-level domains (ccTLD) us, ca, in, cn, jp. • Network solutions maintains servers for com TLD • Educause for edu TLD • Authoritative DNS servers: organization’s with public names has DNS servers, providing authoritative hostname to IP mappings for organization’s servers (e.g., Web and mail). • Can be maintained by organization or service provider 2: Application Layer
Local Name Server • Does not strictly belong to hierarchy • Each ISP (residential ISP, company, university) has one. • Also called “default name server” • When a host makes a DNS query, query is sent to its local DNS server • Acts as a proxy, forwards query into hierarchy. 2: Application Layer
Client X wants IP address for Y Steps performed: 1- Client sends DNS request to the local DNS server to search on its behalf (recursive query) 2- local DNS contacts one of the root DNSs to resolve hostname Y. 3- root DNS returns the TLD DNS IP to local DNS 4- local DNS contacts one of the TLDs to get an Authoritative DNS nam 5- TLD returns IP of authoritative DNS to local DNS 6- local DNS contacts authoritative DNS to resolve X 7- authoritative DNS returns IP of Y 8- local DNS return IP of Y to X Query 1 is recursive Queries 2, 4 and 6 are iterative root DNS server 2 3 TLD DNS server 4 5 local DNS server 6 7 1 8 authoritative DNS server requesting host X Y Example of Typical DNS request Example of recursive+iterative DNS query - typically used 2: Application Layer
root DNS server 2 3 6 7 TLD DNS server 4 5 local DNS server 1 8 authoritative DNS server requesting host requested host Recursive and Iterative DNS queries • recursive query: • puts burden of name resolution on contacted name server • heavy load? • iterative query: • reply is directly returned to requesting server • “I don’t know this name, but ask this server” Example of pure recursive DNS query - not typically used 2: Application Layer
once (any) name server learns mapping, it caches mapping cache entries timeout (disappear) after some time TLD servers typically cached in local name servers Thus root name servers not often visited Client may also cache DNS names update/notify mechanisms under design by IETF RFC 2136 http://www.ietf.org/html.charters/dnsind-charter.html DNS: caching and updating records 2: Application Layer
local file that is checked by the client DNS of the OS before sending a DNS request. It can speed the web access. If the requested name is found in the hosts file then its corresponding IP is used. Can be used to create custom (name-IP) entries. File Location: windows XP: C:\WINDOWS\system32\drivers\etc most UNIX and Linux: /etc File Structure: <IP address><space><name><space><# comment> Example of an entry: 127.0.0.1 localhost #default entry hosts file 2: Application Layer
DNS: distributed db storing resource records(RR) Type=NS name is domain (e.g. foo.com) value is hostname of authoritative name server for this domain always in non-authoritative DNSs to point to authoritative DNSs RR format: (name, value, type, ttl) DNS records • Type=A • name is hostname • value is IP address • always in authoritative DNS • may be cached in non-authoritative DNSs • Type=CNAME • name is alias name for some “canonical” (the real) name www.ibm.com is really servereast.backup2.ibm.com • value is canonical name • used by all hosts • Type=MX • value is name of mailserver associated with name that is usually an alias name • company can have a web server and a mail server with the same alias name. e.g. [wayne.edu mail.wayne.edu, MX] TTL is time to live of the RR and determines when an RR should be removed from cache. 2: Application Layer
DNS records with DNS servers • Authoritative DNSs for an institution: • must contain Type A RRs for the institution’s public names and IPs. • may contain Type MX RRs for the institution’s public mail server names and IPs. • may contain Type CNAME RRs if the institution has Canonical names for its alias names. • TLD DNSs • contain Type NS RRs with each organization’s public name is mapped to its authoritative DNS server names. There is usually a primary and secondary authoritative DNS servers. • contain Type A RRs with the Authoritative DNS server name and IP address. 2: Application Layer
DNS protocol :queryand reply messages, both with same message format DNS protocol, messages • msg header • identification: 16 bit #, query and reply msgs use the same # • flags: • query or reply 1 bit flag • recursion desired or available 1 bit • reply is authoritative 2: Application Layer
DNS protocol, messages Name, type fields for a query RRs in response to query records for authoritative servers additional “helpful” info that may be used 2: Application Layer
Inserting records into DNS • Example: just created startup “Network Utopia” • Register name networkuptopia.com at a registrar (e.g., Network Solutions) • Need to provide registrar with names and IP addresses of your authoritative name server (primary and secondary) • Registrar inserts two RRs into the com TLD server: (networkutopia.com, dns1.networkutopia.com, NS) (dns1.networkutopia.com, 212.212.212.1, A) • Put in authoritative server Type A record for www.networkuptopia.com and Type MX record for networkutopia.com • How do people get the IP address of your Web site? 2: Application Layer
nslookup command and whois DB • used to displays information that you can use to diagnose Domain Name System (DNS) infrastructure. Contacts the specified DNS server to retrieve requested records. • nslookup <domain or IP to find> <DNS server name> • Example: nslookup wayne.com • whois database can be used to locate the corresponding registrar, DNS server and IPs for a particular domain. • Only registrars accredited by the Internet Corporation for Assigned Names and Numbers (ICANN - non-profit org) are authorized to register .aero, .biz, .com, .coop, .info, .museum, .name, .net, .org, or .pro names. • .com whois database: http://www.internic.net/whois.html • .edu whois database http://whois.educause.net/index.asp • wayne.edu DNS name servers: NS.WAYNE.EDU 141.217.1.15 NS2.WAYNE.EDU 141.217.1.13 DNS.MERIT.NET NS2.CS.WAYNE.EDU 141.217.16.10 2: Application Layer
DNS Vulnerabilities • DDoS bw-flooding attack against DNS server. • A large scale attack on 13 DNS root servers on Oct 21, 2002 by using ICMP ping messages • Block ICMP ping packets in packet filtering • DNS queries attack • Hard to be filtered • Mitigated by caching in local DNS servers • Man-in-the-middle attack • Trick a server into bogus records into its cache • Hard to implement, because it needs to intercept packets • Reflection attack on other hosts • Send queries with spoofed source addr of a target server 2: Application Layer
DNS services: Hostname to IP address translation Host aliasing, Mail server aliasing, Load distribution DNS is hierarchical and distributed root DNS vs TLD vs Authoritative DNS vs local DNS recursive vs iterative DNS query DNS cache: local server caches TLDs so that root servers are rarely visited DNS record types: A, NS, CNAME, MX DNS Query and Reply msg format is the same nslookup command and the whois database DNS vulnerabilities DNS Summary 2: Application Layer
2.1 Principles of network applications 2.2 Web and HTTP 2.3 FTP 2.4 Electronic Mail SMTP, POP3, IMAP 2.5 DNS 2.6 P2P and File Sharing 2.7 Socket programming with TCP 2.8 Socket programming with UDP 2.9 Building a Web server Examples ofInternet Services 2: Application Layer