Application Protocols - huttsystems.com · Application Protocols Domain Name System (DNS) Telnet...
Transcript of Application Protocols - huttsystems.com · Application Protocols Domain Name System (DNS) Telnet...
Application Protocols
New York Institute of TechnologyCSCI 690
Michael Hutt
Application Protocols
Domain Name System (DNS) Telnet File Transfer Protocol (FTP) Trivial File Transfer Protocol (TFTP) Simple Mail Transfer Protcol (SMTP) Secure Shell (SSH) Hypertext Transfer Protocol (HTTP)
Clients and Servers Daemon - passive background process
Ports - well known and random ports
TCP or UDP?
Sockets
DNS /etc/hosts
manual task Domain Name System
county code top level domains generic top level domains
www.yahoo.com com - top level domain yahoo - corporation’s registered name www - host name at yahoo
iris.nyit.edu
DNS…
UDP port 53 used for host queries max mtu used: 512 bytes
TCP used for zone transfers
DNS…
Telnet/Rlogin
Remote login Telnet dates back to 1969 on the ARPANET
telecommunications network protocol Rlogin designed to work between UNIX
systems Telnet designed to work between any host Both are superseded now by ssh
Telnet Server listens on tcp port 23 Uses in-band signaling byte 0xff: IAC (interpret as command)
next byte is the command to send 0xff as data, send 0xff 0xff
NVT - network virtual terminal both ends map real terminal to the NVT
Control-] telnet> allows commands to be sent to the telnet client
Telnet…
File Transfer Protocol (FTP) Uses 2 TCP connections Server performs passive-open on port 21 Client performs active-open to port 21 to establish
control connection Server opens data connection from port 20 asc vs bin transfer Passive-FTP
client issues pasv command and opens data connection torandom port specified by server
Active vs Passive FTP
Active Passive
Anonymous FTP login using username: anonymous
password is your email address
anyone can access files on an anonymousftp site
some sites require the client to have a validdomain name for logging purposes
Trivial File Transfer Protocol(TFTP) UDP port 69 Can be used by routers to boot
boot system tftp router-image.bin 192.168.1.8 Router can generate a core dump via tftp
exception dump 192.168.1.8 inetd.conf
tftp dgram udp wait root /usr/sbin/in.tftpdin.tftpd -s /tftpboot
-s , files must exist before they can be written to
Simple Mail Transfer Protocol(SMTP)
SMTP Protocol [mike@saturn ~]$ telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 saturn.lab.huttsystems.com ESMTP Sendmail 8.14.3/8.14.1; Tue, 17 Nov 2009
10:46:08 -0500 HELO lab.huttsystems.com 250 saturn.lab.huttsystems.com Hello localhost [127.0.0.1], pleased to meet you MAIL From:<[email protected]> 250 2.1.0 <[email protected]>... Sender ok RCPT To:<[email protected]> 250 2.1.5 <[email protected]>... Recipient ok DATA 354 Enter mail, end with "." on a line by itself test message . 250 2.0.0 nAHFk8l7005955 Message accepted for delivery QUIT 221 2.0.0 saturn.lab.huttsystems.com closing connection Connection closed by foreign host. You have mail in /var/spool/mail/mike [mike@saturn ~]$
Secure Shell (SSH)
Servers listens on TCP port 22 Replacement for telnet Uses public-key cryptography SSH-1 vulnerable to man-in-the-middle
attacks SSH-2 should be used Problem with Telnet ->
SSH…11:09:59.909193 IP earth.telnet > 192.168.1.30.61642: P 193:205(12) ack 62 win 4067 0x0000: 000d 9361 cb26 00e0 b064 0b7d 0800 45c0 ...a.&...d.}..E. 0x0010: 0034 0010 0000 ff06 3687 c0a8 01fe c0a8 .4......6....... 0x0020: 011e 0017 f0ca 496f ba4c 6fb8 0ace 5018 ......Io.Lo...P. 0x0030: 0fe3 b779 0000 0d0a 5061 7373 776f 7264 ...y....Password 0x0040: 3a20 19a6 1384 :.....11:10:00.334764 IP 192.168.1.30.61642 > earth.telnet: P 62:63(1) ack 205 win 65535 0x0000: 00e0 b064 0b7d 000d 9361 cb26 0800 4510 ...d.}...a.&..E. 0x0010: 0029 32d0 4000 4006 8382 c0a8 011e c0a8 .)2.@.@......... 0x0020: 01fe f0ca 0017 6fb8 0ace 496f ba58 5018 ......o...Io.XP. 0x0030: ffff 592e 0000 63 ..Y…c11:10:00.535458 IP 192.168.1.30.61642 > earth.telnet: P 63:64(1) ack 205 win 65535 0x0000: 00e0 b064 0b7d 000d 9361 cb26 0800 4510 ...d.}...a.&..E. 0x0010: 0029 32d1 4000 4006 8381 c0a8 011e c0a8 .)2.@.@......... 0x0020: 01fe f0ca 0017 6fb8 0acf 496f ba58 5018 ......o...Io.XP. 0x0030: ffff 532d 0000 69 ..S-..i11:10:00.739341 IP 192.168.1.30.61642 > earth.telnet: P 64:67(3) ack 205 win 65535 0x0000: 00e0 b064 0b7d 000d 9361 cb26 0800 4510 ...d.}...a.&..E. 0x0010: 002b 32d2 4000 4006 837e c0a8 011e c0a8 .+2.@.@..~...... 0x0020: 01fe f0ca 0017 6fb8 0ad0 496f ba58 5018 ......o...Io.XP. 0x0030: ffff d9c6 0000 7363 6f ...…sco11:10:00.947555 IP earth.telnet > 192.168.1.30.61642: P 205:213(8) ack 69 win 4060 0x0000: 000d 9361 cb26 00e0 b064 0b7d 0800 45c0 ...a.&...d.}..E. 0x0010: 0030 0014 0000 ff06 3687 c0a8 01fe c0a8 .0......6....... 0x0020: 011e 0017 f0ca 496f ba58 6fb8 0ad5 5018 ......Io.Xo...P. 0x0030: 0fdc 5f26 0000 0d0a 6561 7274 683e 966e .._&....earth>.n 0x0040: fe72
Hypertext Transfer Protocol(HTTP) Resource discovery services prior to the WWW
Archie provides a directory of thousands of FTP servers
WAIS: Wide Area Information Server Provides databases to search for keywords in files
Gopher Menu driven front end to Archie, WAIS and anonymous
FTP Veronica
Index of titles of Gopher items
The World Wide Web Hypertext markup language
Uniform Resource Locators subset of URIs - Uniform Resource Identifiers
"Uniform Resource Locator" (URL) refers to the subset ofURI that identify resources via a representation of theirprimary access mechanism (e.g., their network "location"),rather than identifying the resource by name or by someother attribute(s) of that resource.”
Hypertext Transfer Protocol
HTML HTML 4.01 - current version HTML 5 - working draft status A basic HTML document looks like this:<!DOCTYPE html><html> <head> <title>Sample page</title> </head> <body> <h1>Sample page</h1> <p>This is a <a href="demo.html">simple</a> sample.</p> <!-- this is a comment --> </body></html>
HTML…
New tags in HTML 5 <nav> <footer> <audio> <video>
“lack of uniform codec availability will make itimpossible for content creators to publish their videosin a single format…
Ogg Theora is an open format that is thought to beunencumbered by patents. ”
HTTP 1.1 RFC 2616 request/response protocol default port for http is TCP port 80 HTTP/1.0 used a new connection for each
request/response exchange HTTP/1.1 connection may be used for one or more
request/response exchanges persistent connection firefox: about:config network.http.max-persistent-
connections-per-server;1
URIs The HTTP protocol does not place any a priori limit
on the length of a URI
Note: Servers ought to be cautious about dependingon URI lengths above 255 bytes, because someolder client or proxy implementations might notproperly support these lengths.
http_URL = "http:" "//" host [ ":" port ] [ abs_path [ "?" query ]]
HTTP Methods OPTIONS GET HEAD POST PUT DELETE TRACE CONNECT
GET Methodtelnet www.w3.org 80Trying 128.30.52.54...Connected to www.w3.org.Escape character is '^]'.GET /pub/WWW/TheProject.html HTTP/1.1Host: www.w3.org
HTTP/1.1 301 Moved PermanentlyDate: Tue, 17 Nov 2009 18:16:52 GMTServer: Apache/2Location: http://www.w3.org/TheProject.htmlCache-Control: max-age=21600Expires: Wed, 18 Nov 2009 00:16:52 GMTContent-Length: 241Connection: closeContent-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="http://www.w3.org/TheProject.html">here</a>.</p></body></html>Connection closed by foreign host.
Status Codes 1xx: Informational - Request received, continuing
process 2xx: Success - The action was successfully
received, understood, and accepted 3xx: Redirection - Further action must be taken in
order to complete the request 4xx: Client Error - The request contains bad syntax
or cannot be fulfilled 5xx: Server Error - The server failed to fulfill an
apparently valid request