Transcription
CMSC 332Computer NetworkingEmail and DNSProfessor SzajdaCMSC 332: Computer Networks
Review Last lecture we talked about design principles, and theapplication protocols HTTP and FTP‣Text commands sent over a port (recall telnet example)‣Difference in statefullness‣HTTP and FTP are primarily pull protocolsCMSC 332: Computer Networks2
Chapter 2: Application layer 2.1 Principles of network applications 2.2 Web and HTTP 2.3 FTP 2.4 Electronic Mail 2.5 DNS 2.6 P2P ApplicationsCMSC 332: Computer Networks3
Electronic MailThree major components: useragentuser agentsmail serverssimple mail transfer protocol:SMTPUser Agent a.k.a. “mail reader” e.g., Eudora, Outlook, elm, pine,Apple Mail, GMail outgoing, incoming messagesstored on servercomposing, editing, reading mailmessagesCMSC 332: Computer Networksoutgoing message queueuser eragentmailserveruseragentuseragentuseragent4
Electronic Mail: mail serversMail Servers mailbox contains incomingmessages for usermessage queue of outgoing (tobe sent) mail messagesSMTP protocol between mailservers to send email messages‣‣client: sending mail server“server”: receiving mail ragentCMSC 332: Computer gent5
Electronic Mail: SMTP [RFC 5321] uses TCP to reliably transfer email message from client to server, port 25direct transfer: sending server to receiving serverthree phases of transfer‣handshaking (greeting)‣transfer of messages‣closurecommand/response interaction‣commands: ASCII text‣response: status code and phrase messages must be in 7-bit ASCIICMSC 332: Computer Networks6
Scenario: Alice sends message to Bob4) SMTP client sends Alice’s messageover the TCP connection5) Bob’s mail server places themessage in Bob’s mailbox6) Bob invokes his user agent toread message1) Alice uses UA to composemessage and “to”bob@someschool.edu2) Alice’s UA sends message toher mail server; messageplaced in message queue3) Client side of SMTP opens TCPconnection with Bob’s mailserver1useragentCMSC 332: Computer Networks2mailserver3mailserver456useragent7
Sample SMTP interactionS:C:S:C:S:C:S:C:S:C:C:C:S:C:S:220 hamburger.eduHELO crepes.fr250 Hello crepes.fr, pleased to meet youMAIL FROM: alice@crepes.fr 250 alice@crepes.fr. Sender okRCPT TO: bob@hamburger.edu 250 bob@hamburger.edu . Recipient okDATA354 Enter mail, end with "." on a line by itselfDo you like ketchup?How about pickles?.250 Message accepted for deliveryQUIT221 hamburger.edu closing connectionCMSC 332: Computer Networks8
Try SMTP interaction for yourself: telnet servername 25 see 220 reply from server enter HELO, MAIL FROM, RCPT TO, DATA, QUITcommandsabove lets you send email without using email client (reader)CMSC 332: Computer Networks9
SMTP: final words SMTP uses persistentconnections‣Just like.? SMTP requires message (header& body) to be in 7-bit ASCII SMTP server uses CRLF.CRLFto determine end of messageCMSC 332: Computer NetworksComparison with HTTP: HTTP: pull SMTP: push both have ASCII command/response interaction, statuscodes HTTP: each object encapsulatedin its own response msg SMTP: multiple objects sent inmultipart msg10
Mail message formatSMTP: protocol for exchangingemail msgsRFC 2822: standard for textmessage format: headerheader lines, nt from SMTPcommands! body‣the “message”, ASCII charactersonlyCMSC 332: Computer Networks11
Message format: multimedia extensions MIME: multimedia mail extension, RFC 2045, 2056additional lines in msg header declare MIME content typeMIME versionmethod usedto encode datamultimedia datatype, subtype,parameter declarationFrom: alice@crepes.frTo: bob@hamburger.eduSubject: Picture of yummy crepe.MIME-Version: 1.0Content-Transfer-Encoding: base64Content-Type: image/jpegbase64 encoded data .base64 encoded dataencoded dataCMSC 332: Computer Networks12
Mail access protocolsuseragent SMTPSMTPsender’s mailserveraccessprotocoluseragentreceiver’s mailserverSMTP: delivery/storage to receiver’s serverMail access protocol: retrieval from server‣POP: Post Office Protocol [RFC 1939] authorization (agent -- server) and download‣IMAP: Internet Mail Access Protocol [RFC 3501] more features (more complex) manipulation of stored msgs on server‣HTTP: Gmail, Hotmail ,Yahoo! Mail, etc.CMSC 332: Computer Networks13
POP3 protocolauthorization phase client commands:‣user: declare username‣pass: passwordserver responses‣ OK‣-ERRtransaction phase, client: list: list message numbersretr: retrieve message by numberdele: deletequitCMSC 332: Computer NetworksS:C:S:C:S: OK POP3 server readyuser bob OKpass hungry OK user successfully loggedC:S:S:S:C:S:S:C:C:S:S:C:C:S:list1 4982 912.retr 1 message 1 contents .dele 1retr 2 message 1 contents .dele 2quit OK POP3 server signing offon14
POP3 (more) and IMAPMore about POP3IMAP Keep all messages in oneplace: the server Allows user to organizemessages in folders IMAP keeps user stateacross sessions:Previous example uses“download and delete”mode. Bob cannot re-read e-mail if he changes client “Download-and-keep”:copies of messages ondifferent clients‣names of folders andmappings between messageIDs and folder name POP3 is stateless acrosssessionsCMSC 332: Computer Networks15
Chapter 2: Application layer 2.1 Principles of networkapplications 2.2 Web and HTTP 2.3 FTP 2.4 Electronic Mail 2.5 DNS 2.6 P2P ApplicationsCMSC 332: Computer Networks16
DNS: Domain Name SystemPeople: many identifiers:‣SSN, name, passport #Internet hosts, routers:‣IP address (32 bit) - used foraddressing datagrams‣“name”, e.g., ww.yahoo.com used by humansQ: map between IPaddresses and name ?CMSC 332: Computer NetworksDomain Name System: distributed databaseimplemented in hierarchy ofmany name servers application-layer protocol host,routers, name servers tocommunicate to resolve names(address/name translation)‣note: core Internet function,implemented as application-layerprotocol‣complexity at network’s “edge”17
DNSDNS services Hostname to IP addresstranslation Host aliasing‣Canonical and alias names Mail server aliasing Load distribution‣Replicated Web servers: setof IP addresses for onecanonical nameCMSC 332: Computer Networks18
DNSDNS servicesWhy not centralize DNS? Hostname to IP addresstranslation Host aliasing single point of failure traffic volume distant centralized database maintenance‣Canonical and alias names Mail server aliasing Load distribution‣Replicated Web servers: setof IP addresses for onecanonical nameCMSC 332: Computer NetworksIn summary, it doesn’t scale!18
Distributed, Hierarchical DatabaseRoot DNS Serverscom DNS serversyahoo.comDNS serversamazon.comDNS serversorg DNS serverspbs.orgDNS serversedu DNS serverspoly.eduumass.eduDNS servers DNS serversClient wants IP for www.amazon.com; 1st approx: Client queries a root server to find com DNS serverqueries com DNS server to get amazon.com DNS Clientserverqueries amazon.com DNS server to get Clientfor www.amazon.comCMSC 332: Computer NetworksIP address19
DNS: Root name servers contacted by local name server that can not resolve nameroot name server:‣contacts authoritative name server if name mapping not known‣gets mapping‣returns mapping to local name servera Verisign, Dulles, VAc Cogent, Herndon, VA (also Los Angeles)d U Maryland College Park, MDk RIPE London (also Amsterdam, Frankfurt)g US DoD Vienna, VAh ARL Aberdeen, MDi Autonomica, Stockholm (plus 3 other locations)j Verisign, ( 11 locations)e NASA Mt View, CAf Internet Software C. Palo Alto,m WIDE TokyoCA (and 17 other locations)13 root name serversworldwideb USC-ISI Marina del Rey, CAl ICANN Los Angeles, CACMSC 332: Computer Networks20
TLD and Authoritative Serversdomain (TLD) servers: responsible for com, Top-levelorg, net, edu, etc, and all top-level country domains uk,fr, ca, jp.‣Network solutions maintains servers for com TLD‣Educause for edu TLDDNS servers: organization’s DNS servers, Authoritativeproviding authoritative hostname to IP mappings fororganization’s servers (e.g., Web andmail).‣Can be maintained by organization orservice providerCMSC 332: Computer Networks21
Local Name Server Does not strictly belong to hierarchy Each ISP (residential ISP, company, university) has one.‣Also called “default name server” When a host makes a DNS query, query is sent to itslocal DNS server‣Acts as a proxy, forwards query into hierarchy.CMSC 332: Computer Networks22
Example root DNS serverHost at cis.poly.eduwants IP address forgaia.cs.umass.eduTLD DNS serverlocal DNS serverdns.poly.edurequesting hostauthoritative DNS uCMSC 332: Computer Networks23
Example root DNS serverHost at cis.poly.eduwants IP address forgaia.cs.umass.eduTLD DNS serverlocal DNS serverdns.poly.edu1requesting hostauthoritative DNS uCMSC 332: Computer Networks23
Example root DNS serverHost at cis.poly.eduwants IP address forgaia.cs.umass.edu2TLD DNS serverlocal DNS serverdns.poly.edu1requesting hostauthoritative DNS uCMSC 332: Computer Networks23
Example root DNS serverHost at cis.poly.eduwants IP address forgaia.cs.umass.edu23TLD DNS serverlocal DNS serverdns.poly.edu1requesting hostauthoritative DNS uCMSC 332: Computer Networks23
Example root DNS serverHost at cis.poly.eduwants IP address forgaia.cs.umass.edu234TLD DNS serverlocal DNS serverdns.poly.edu1requesting hostauthoritative DNS uCMSC 332: Computer Networks23
Example root DNS serverHost at cis.poly.eduwants IP address forgaia.cs.umass.edu234TLD DNS server5local DNS serverdns.poly.edu1requesting hostauthoritative DNS uCMSC 332: Computer Networks23
Example root DNS serverHost at cis.poly.eduwants IP address forgaia.cs.umass.edu234TLD DNS server5local DNS serverdns.poly.edu1requesting host6authoritative DNS uCMSC 332: Computer Networks23
Example root DNS serverHost at cis.poly.eduwants IP address forgaia.cs.umass.edu234TLD DNS server5local DNS serverdns.poly.edu1requesting host76authoritative DNS uCMSC 332: Computer Networks23
Example root DNS serverHost at cis.poly.eduwants IP address forgaia.cs.umass.edu234TLD DNS server5local DNS serverdns.poly.edu18requesting host76authoritative DNS uCMSC 332: Computer Networks23
Recursive queriesroot DNS serverrecursive query: puts burden of nameresolution oncontacted name server heavy load?iterated query: contacted serverreplies with name ofserver to contact “I don’t know thisname, but ask thisserver”2376TLD DNS serverlocal DNS serverdns.poly.edu1548requesting hostauthoritative DNS uCMSC 332: Computer Networks24
DNS: caching and updating records once (any) name server learns mapping, it caches the mapping‣cache entries timeout (disappear) after some time‣TLD servers typically cached in local name servers Thus root name servers not often visited update/notify mechanisms‣RFC 2136, arter.htmlCMSC 332: Computer Networks25
DNS recordsDNS: distributed db storing resource records (RR)RR format: Type A‣name is hostname‣value is IP address Type NS‣name is domain (e.g.foo.com)‣value is hostname ofauthoritative nameserver for this domainCMSC 332: Computer Networks(name, value, type, ttl) Type CNAME‣name is alias name for some“canonical” (the real) namewww.ibm.com is reallyservereast.backup2.ibm.com‣value is canonical name Type MX‣value is name of mailserverassociated with name26
DNS protocol, messagesDNS protocol : query and reply messages, both with same message formatmsg header identification: 16 bit # forquery, reply to query usessame # flags:‣query or reply‣recursion desired‣recursion available‣reply is authoritativeCMSC 332: Computer Networks27
DNS protocol, messagesName, type fieldsfor a queryRRs in responseto queryrecords forauthoritative serversadditional “helpful”info that may be usedCMSC 332: Computer Networks28
Viewing DNS Queries Text recommends nslookupI use digCMSC 332: Computer Networks29
Inserting records into DNS Example: just created startup “Network Utopia”name networkuptopia.com at a registrar (e.g., RegisterNetwork Solutions)‣Need to provide registrar with names and IP addresses of yourauthoritative name server (primary and secondary)‣Registrar inserts two RRs into the com TLD server:(networkutopia.com, dns1.networkutopia.com, NS)(dns1.networkutopia.com, 212.212.212.1, A)in authoritative server Type A record for Putwww.networkuptopia.com and Type MX record fornetworkutopia.com How do people get the IP address of your Web site?CMSC 332: Computer Networks30
DNS Security Issues Given that so many different servers can respond toyour request, how do you know that what you get back iscorrect?‣ Are you sure that you spoke to the resolver you think youspoke to?What happens if you manage to give a resolver falselook-up information?CMSC 332: Computer Networks31
DNS Cache www.neighborhoodbank.comVictimnameserverevil clientClientCMSC 332: Computer Networks32
DNS Cache www.neighborhoodbank.comVictimnameserverevil clientIP for www.ne 0ighborhoodbank.comClientCMSC 332: Computer Networks32
DNS Cache Poisoningneighborhoodbank.comRootServers1QID 599IP for bank.comVictimnameserverevil clientIP for www.ne 0ighborhoodbank.comClientCMSC 332: Computer Networks32
DNS Cache om2QID 599referral to neighborhoodbank.com1QID 599IP for imnameserverevil clientIP for www.ne 0ighborhoodbank.comClientCMSC 332: Computer Networks32
DNS Cache Poisoning2QID 599referral to neighborhoodbank.com1QID 599IP for www.neighborhoodbank.comRootServers3QID 600IP for ake!www.neighborhoodbank.comVictimnameserverevil clientIP for www.ne 0ighborhoodbank.comClientCMSC 332: Computer Networks32
DNS Cache Poisoning4QID 600IP: 192.168.1.1002QID 599referral to neighborhoodbank.com1QID 599IP for www.neighborhoodbank.comRootServers3QID 600IP for ake!www.neighborhoodbank.comVictimnameserverevil clientIP for www.ne 0ighborhoodbank.comClientCMSC 332: Computer Networks32
DNS Cache Poisoning4QID 600IP: 192.168.1.1002QID 599referral to neighborhoodbank.com1QID 599IP for www.neighborhoodbank.comRootServers3QID 600IP for a - IP: 192.188.42.18QID il clientIP for www.ne 0ighborhoodbank.comClientCMSC 332: Computer Networks32
DNS Cache Poisoning4QID 600IP: 192.168.1.1002QID 599referral to neighborhoodbank.com1QID 599IP for www.neighborhoodbank.comRootServers3QID 600IP for .neighborhoodbank.comevil.net1a - IP: 192.188.42.18QID 599VictimnameserverQID 600IP for mevil clientw.ne 0ighborhoodbank.comClientCMSC 332: Computer Networks32
DNS Cache Poisoning4QID 600IP: 192.168.1.1002QID 599referral to neighborhoodbank.com1QID 599IP for www.neighborhoodbank.comRootServers3QID 600IP for .neighborhoodbank.comevil.net1a - IP: 192.188.42.18QID 599VictimnameserverQID 600QID 601IP for mevil clientw.ne 0ighborhoodbank.comClientCMSC 332: Computer Networks32
DNS Cache om4QID 600IP: 192.168.1.1002QID 599referral to neighborhoodbank.com1QID 599IP for www.neighborhoodbank.comRootServers3QID 600IP for il.netfake!www.neighborhoodbank.com1a - IP: 192.188.42.18QID 599VictimnameserverQID 600QID 601IP for www.ne 0ighborhoodbank.comClientCMSC 332: Computer Networksevil client5Transaction32
DNS Attacks - Real? Golden Shield Project Kaminsky Attack Others?‣Why is it difficult to know?CMSC 332: Computer Networks33
Same Bat Time. Peer-to-Peer architectures/applications‣ Read Section 2.6Socket Programming‣The book uses Java, we are goingto use C‣If you haven’t already done so, look at the PocketSockets Guide.CMSC 332: Computer Networks34
SMTP requires message (header & body) to be in 7-bit ASCII SMTP server uses CRLF.CRLF to determine end of message Comparison with HTTP: !HTTP: pull !SMTP: push !both have ASCII command/ response interaction, status codes !HTTP: each object encapsulated in its own response msg !
