feb 9

Questions?

Review :

What's TCP/IP ?
What's a port ?
What's an "application layer protocol?"
What a "client/server" protocol?
Give some examples.

Today:

Discuss other application protocols : email, bittorrent
(Homework due Thurs is all related to email.)
... but first discuss ports.

ports

There are *lots* of application protocols; here's a list. Note that some well known ones (like bittorrent) aren't even "registered."

wikipedia: List_of_TCP_and_UDP_port_numbers
http://www.iana.org/assignments/port-numbers
- ports 0 - 1023 are "well known" (and typically need root access)
- ports 1024 - 4915 are "registered"
- ports 49152 - 65535 are "private / dynamic"
port 13 : Daytime RFC867

Daytime protocol example :


thirty$ telnet time-nw.nist.gov 13
Trying 131.107.13.100...
Connected to time-nw.nist.gov.
Escape character is '^]'.
55236 10-02-09 00:24:50 00 0 0 748.3 UTC(NIST) * 
Connection closed by foreign host.

port scanning

Sending something to each port to try to figure out what's running on a given computer is called "port scanning." This is a common security audit (if you're a good guy) or the beginning of a network intrusion (if you're a bad guy).

wikipedia:port scanner
- wikipedia: nmap


thirty$ nmap zonorus.marlboro.edu
Starting Nmap 5.00 ( http://nmap.org ) at 2010-02-08 19:12 EST
Interesting ports on zonorus.marlboro.edu (216.158.162.3):
Not shown: 991 filtered ports
PORT    STATE  SERVICE
20/tcp  closed ftp-data
21/tcp  open   ftp
22/tcp  open   ssh
25/tcp  open   smtp
80/tcp  open   http
110/tcp open   pop3
143/tcp open   imap
993/tcp open   imaps
995/tcp open   pop3s

email

One of the oldest, most prevalent, and problematic internet services is email. It's implemented via a number of protocols these days.

SMTP

wikipedia:simple mail transfer protocol
sending mail only (not reading it)
port 25
- not encrypted
- now used mostly between mail servers
port 465
- encrypted connection with SSL (more on that later)

Here's a sample smtp session.

POP3

wikipedia:post office protocol, version 3
for reading mail
IMAP (internet message access protocol) is another one.
port 110 (negotiated encryption)
port 995 (SSL encryption)

The wikipedia pages give a sample dialog; I may try this in class ... but it's hard to hide the passwords.


$ telnet mail.marlboro.edu 110
Connected to akbar.marlboro.edu.
Escape character is '^]'.
+OK Dovecot ready.
USER mahoney
+OK
PASS *****
+OK Logged in.
LIST
+OK 0 messages:
.
QUIT
+OK Logging out.
Connection closed by foreign host.

For discussion :

When you send and read email through a web browser, say with gmail, which protocols do you think are being used between which computers? Draw some pictures.

spam

Mail has several issues:

little to no authentication
almost no cost ... and no incremental cost

... which has led to an explosion of spam.

wikipedia: e-mail spam
- One estimate quoted there is that 90% of all 2008 email traffic was spam.
- anti-spam techniques: filtering rules, greylists, dns-based lists, ...
Also see
- phishing
- identify theft
- wikipedia:open mail relay
- wikipedia: advance-fee fraud
- http://spam.abuse.net/
anonymizers
- http://www.mailinator.com/ - let them eat spam
- http://mytrashmail.com/

bittorrent

I know that Sean is interested in peer to peer stuff, not just server/client.

One of the best know of those is BitTorrent, so it's worth talking some about how that works.

We'll see how far we get.

wikipedia: bittorrent (protocol)

Terminology:

peers
torrent file
seeder
leecher
tracker
distributed trackers / DHT / peer exchange

One of best known listing sites:

http://thepiratebay.org/

Discuss legality.

http://cs.marlboro.edu/ courses/ spring2010/internet/ notes/ feb_9
last modified Monday February 8 2010 9:29 pm EST

Internet
Technologies

course

navigation

feb 9

ports

port scanning

email

SMTP

POP3

spam

bittorrent

InternetTechnologies

course

navigation

feb 9

ports

port scanning

email

SMTP

POP3

spam

bittorrent

Internet
Technologies