CSE 331 Introduction to Networks and Security Lecture
- Slides: 24
CSE 331: Introduction to Networks and Security Lecture 12 Fall 2002
Announcements • Reminder: – Project 1 due on Monday, Oct. 7 th – In-class midterm Wednesday, Oct. 9 th • Monday’s Class – Further Topics in Networking – Review / Question & Answer CSE 331 Fall 2002 2
Recap • Remote Procedure Call (RPC) – Java’s remote method invocation (RMI) CSE 331 Fall 2002 3
Today • RMI Demo • Application-level Protocols – SMTP: Simple Mail Transfer Protocol – HTTP: Hyper. Text Transfer Protocol – SNMP: Simple Network Management Protocol CSE 331 Fall 2002 4
Java RMI Permissions • Socket permissions in a policy file // policy. pol grant { permission java. net. Socket. Permission "<IP>: 1024 -65535", "connect, accept, listen, resolve"; permission java. net. Socket. Permission "*: 1099", "connect, resolve"; }; CSE 331 Fall 2002 5
Running Java programs with policies • java –Djava. security. policy=policy Program CSE 331 Fall 2002 6
Protocol Stack Revisited Application SMTP, HTTP, SNMP Presentation Session Transport Network Data Link So far… Physical CSE 331 Fall 2002 7
Common Features • SMTP, HTTP, SNMP – – Request/Reply protocols built on TCP or UDP Designed to handle a fixed set of messages Companion data format Many applications Protocol SMTP HTTP SNMP Data Format RFC 822 and MIME HTML MIB CSE 331 Fall 2002 Programs Pine, NSMail, Eudora, … Explorer, Netscape, Opera snmpget, snmpset, … 8
SMTP: Simple Mail Transfer Protocol • Data format RFC 822 – – Adopted around 1982, extended 1993, 1996 http: //www. faqs. org/rfcs/rfc 822. html ASCII text Header and Body CSE 331 Fall 2002 9
RFC 822 Headers • <CRLF>-terminated lines containing pairs of form type: value • Many valid Header types • Some headers filled out by client – To: stevez@cis. upenn. edu – Subject: CSE 331 • Others filled out by mail delivery system – Date: – Received: – From: CSE 331 Fall 2002 10
MIME: Multipurpose Internet Mail Extensions • Consists of three parts 1. Additional RFC 822 Headers • MIME-Version: • Content-Type: • Content-Transfer-Encoding: 2. Content types (and subtypes) • • • text/plain text/rich image/gif application/postscript Multipart/mixed; boundary=“…” CSE 331 Fall 2002 11
MIME Encoding • Mail systems assume ASCII – Only 64 valid characters A-Z, a-z, 0 -9, +, / • • Some datatypes include arbitrary binary data (e. g. JPEG) Base 64 encoding – 3 bytes of data map to 4 ASCII Characters – A=0, B=1, … • Also 7 bit ASCII encoding – Human readable CSE 331 Fall 2002 12
From: Steve Zdancewic <stevez@cis. upenn. edu> MIME-Version: 1. 0 To: stevez@cis. upenn. edu Subject: Example Mail Content-Type: multipart/mixed; boundary="------02030700070803050607" This is a multi-part message in MIME format. -------02030700070803050607 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7 bit This is the body. -------02030700070803050607 Content-Type: text/plain; name="example. txt" Content-Transfer-Encoding: 7 bit Content-Disposition: inline; filename="example. txt" Hello -------02030700070803050607 Content-Type: image/jpeg; name="doc. jpg" Content-Transfer-Encoding: base 64 Content-Disposition: inline; filename="doc. jpg" /9 j/4 AAQSk. ZJRg. ABAQEASABIAAD//g. AXQ 3 Jl. YXRl. ZCB 3 a. XRo. IFRo. ZSBHSU 1 Q/9 s. AQw. AIBg. YH 13 CSE 331 Fall 2002 Bg. UIBwc. HCQk. ICgw. UDQw. LCww. ZEh. MPFB 0 a. Hx 4 d. Ghwc. ICQu. Jy. Ai. LCMc. HCg 3 KSww. MTQ 0 NB 8 n OT 04…
SMTP • Mail Reader – User edits/reads/search e-mail • Mail Daemon – Process running on each host (port 27) – Uses SMTP/TCP to transmit mail to daemons on other machines – Most daemons based on Berkley’s sendmail • Mail Gateways – Store and forward e-mail (much like IP router) – Buffers on disk – Attempts to resend CSE 331 Fall 2002 14
SMTP Mail Gateways Mail reader Mail daemon SMTP/TCP Mail gateway Mail daemon Mail reader Mail daemon SMTP/TCP • No need for explicit host in e-mail address – User can receive mail at different machines • Recipient’s machine may not be up – Mail gateway can hold message for later CSE 331 Fall 2002 15
SMTP Dialogs • Client posts commands – HELO, MAIL, RCPT, DATA, QUIT • Server responds with code and humanreadable explanation CSE 331 Fall 2002 16
Example SMTP Dialog HELO seas. upenn. edu 250 Hello daemon@smtpauth. seas. upenn. edu [158. 130. 12. 180] MAIL FROM: <stevez@seas. upenn. edu> 250 OK RCPT TO: <billg@microsoft. com> 250 OK RCPT TO: <ted@microsoft. com> 550 No such user here DATA 354 Start mail input; end with <CRLF> Blah blah… <CRLF> 250 OK QUIT 221 Closing Connection 17
HTTP: Hyper. Text Transfer Protocol • Text-oriented protocol on top of TCP • http: //www. w 3. org/Protocols/ • Messages have the form START_LINE <CRLF> MESSAGE_HEADER <CRLF> MESSAGE_BODY <CRLF> CSE 331 Fall 2002 18
HTTP Request Messages • START_LINE: Operation URL Version – Absolute URL: GET http: //www. cis. upenn. edu/ HTTP/1. 1 • Using the MESSAGE_HEADER – Relative URL: GET / HTTP/1. 1 Host: www. cis. upenn. edu CSE 331 Fall 2002 19
HTTP Request Operations Operation OPTIONS GET HEAD POST PUT DELETE TRACE CONNECT Description get info about server options retrieve document specified by URL retrieve metainfo document by URL give info to the server store document under specified URL delete specified URL loopback request message for use by proxy servers CSE 331 Fall 2002 20
HTTP Response Messages • START_LINE Version Code Reason – HTTP/1. 1 202 Accepted – HTTP/1. 1 404 Not Found Code 1 xx 2 xx 3 xx 4 xx 5 xx Type Information Success Redirection Client Error Server Error Example Reasons request received action successfully accepted further action must be taken request contains bad syntax server didn’t fulfill valid request CSE 331 Fall 2002 21
HTTP Caching • Store a copy of the data closer to the client – Browser caches web pages – ISPs can cache pages – Sites can cache pages at proxies • How to cache changing web pages? – Server assigns expiration date using Expires header – Set of cache directives that specify whether documents can be cached, for how long, etc. – Not easy to cache dynamic content CSE 331 Fall 2002 22
SNMP: Simple Network Management Protocol • Specialized request/reply protocol – Two basic operations: GET and SET – Runs on UDP • Companion data: Management Info. Database (MIB) – Stores information about various protocols running on nodes in the network • Example uses: – Measure # packets dropped/received – Watch for faulty hardware/software – Determine # IP datagram reassemblies that are aborted CSE 331 Fall 2002 23
MIP-II Variables • System – Where located, Uptime, Name • Interfaces – Physical addresses, # packets sent/received • ARP – Contents of address translation table • IP – – Routing table # packets forwarded Reassembly statistics Drop counts • TCP – # of passive/active opens – # timeouts, default timeout settings CSE 331 Fall 2002 24
Uw cse 331
Cse 331
Private securty
Origins of vc and datagram networks
01:640:244 lecture notes - lecture 15: plat, idah, farad
Basestore iptv
Computer security 161 cryptocurrency lecture
Ce 331
Ssis 331
14:332:331
14:332:331
Affirmative easement
Cse 332 p3
Ist 331
Umbc languages
Cmsc 331
Ce 331
Ist 331
Cmsc 331
Cmsc 331
Ceng 331
Cmsc 331
Cmsc 331
In 331 bce, alexander the great successfully invaded egypt.
Ley 26 331
