Application Protocols: SMTP and Others Electronic Mail

Total Page:16

File Type:pdf, Size:1020Kb

Application Protocols: SMTP and Others Electronic Mail Electronic Mail 4: Application Protocols: SMTP and others Last Modified: 2/3/2003 8:07:08 PM 2: Application Layer 1 2: Application Layer 2 outgoing Electronic Mail message queue Electronic Mail: mail servers user mailbox Three major components: user Mail Servers user agent agent ❒ user agents ❒ mailbox contains incoming mail mail ❒ user user mail servers server messages (yet to be read) server agent agent ❒ simple mail transfer for user SMTP ❒ protocol: smtp mail message queue of outgoing SMTP mail server user (to be sent) mail messages server user User Agent SMTP agent (if message cannot be agent delivered will stay in queue) SMTP ❒ a.k.a. “mail reader” ❒ smtp protocol between mail ❒ composing, editing, reading SMTP SMTP mail user servers to send email user mail messages agent mail server messages server agent ❒ e.g., Eudora, Outlook, elm, ❍ Mail server is an SMTP Netscape Messenger user client when sending mail user ❒ outgoing, incoming messages agent ❍ Mail server is an SMTP agent stored on server user user agent server” when receiving agent mail 2: Application Layer 3 2: Application Layer 4 Electronic Mail: smtp [RFC 2821] SMTP History ❒ Uses tcp to reliably transfer email msg from ❒ SMTP has been around a long time client to server, port 25 ❒ direct transfer: sending server to receiving ❍ RFC done in 1982 server ❍ In use well before that ❒ three phases of transfer ❒ ❍ handshaking (greeting) Messages must be in 7-bit ASCII ❍ transfer of messages (made sense in text-based early days) ❍ closure ❒ Requires encoding for binary data ❒ command/response interaction ❍ commands: ASCII text (jpegs, etc.) in 7-bit ASCII (yuck!) ❍ response: status code and phrase ❍ Much like HTTP 2: Application Layer 5 2: Application Layer 6 1 try smtp interaction for yourself: Sample smtp interaction S: 220 hamburger.edu C: HELO crepes.fr ❒ telnet servername 25 S: 250 Hello crepes.fr, pleased to meet you ❒ C: MAIL FROM: <[email protected]> see 220 reply from server S: 250 [email protected]... Sender ok ❒ enter HELO, MAIL FROM, RCPT TO, DATA, QUIT C: RCPT TO: <[email protected]> commands S: 250 [email protected] ... Recipient ok C: DATA above lets you send email without using email client S: 354 Enter mail, end with "." on a line by itself (reader) C: Do you like ketchup? C: How about pickles? ❒ How do you know the right server name? C: . S: 250 Message accepted for delivery Trace it – does your mail data go in the C: QUIT clear? S: 221 hamburger.edu closing connection 2: Application Layer 7 2: Application Layer 8 What is missing? Mail message format SMTP Data ❒ Some commands processed by SMTP protocol smtp: protocol for exchanging mirror mail headers we are used to seeing in our email msgs Message headers blank email messages (To, From, …), but are not the RFC 2822: standard for text message format (format of line same things data from smtp ❒ Email headers (To, From, CC, Subject, Date, ..) are perspective) considered part of the data by SMTP and are not ❒ header lines, e.g., Message body processed SMTP server at all! ❍ To: ❒ Email headers are processed by the mail reader ❍ CC: ❍ software and ignored by SMTP Subject: different from SMTP ❍ How is Bcc implemented? commands! ❒ Another example of “protocol” layering (like HTML ❒ body and HTTP) ❍ the “message”, ASCII characters only 2: Application Layer 9 2: Application Layer 10 Sample smtp interaction SMTP format S: 220 hamburger.edu C: HELO crepes.fr ❒ SMTP requires that message (header & body) be S: 250 Hello crepes.fr, pleased to meet you C: MAIL FROM: <[email protected]> in 7-bit ascii S: 250 [email protected]... Sender ok ❒ Certain character strings are not permitted in C: RCPT TO: <[email protected]> S: 250 [email protected] ... Recipient ok message (e.g., CRLF.CRLF). Thus message has to C: DATA be encoded (usually into either base-64 or S: 354 Enter mail, end with "." on a line by itself quoted printable) C: To: [email protected] C: Subject: dinner preferences ❒ SMTP server uses CRLF.CRLF to determine end C: From: [email protected] of message C: C: Do you like ketchup? C: How about pickles? C: . S: 250 Message accepted for delivery C: QUIT S: 221 hamburger.edu closing connection 2: Application Layer 11 2: Application Layer 12 2 What about sending pictures and other MIME types: Extensible binary data? Content-Type: type/subtype; parameters ❒ Don’t try this by hand ☺ ❒ MIME: multimedia mail extension, RFC 2045, 2056 Text Video ❒ ❒ example subtypes: plain, ❒ example subtypes: mpeg, additional lines in msg header declare MIME content html type quicktime From: [email protected] MIME version To: [email protected] Image ❒ Application Subject: Picture of yummy crepe. example subtypes: jpeg, ❒ method used MIME-Version: 1.0 gif other data that must be to encode data Content-Transfer-Encoding: base64 processed by reader Content-Type: image/jpeg before “viewable” multimedia data Audio ❒ type, subtype, ❒ example subtypes: basic example subtypes: base64 encoded data ..... msword, octet-stream parameter declaration ......................... (8-bit mu-law encoded), ......base64 encoded data 32kadpcm (32 kbps encoded data coding) 2: Application Layer 13 2: Application Layer 14 Multipart Type From: [email protected] To: [email protected] Spam/forged mail Subject: Picture of yummy crepe. MIME-Version: 1.0 Content-Type: multipart/mixed; boundary=98766789 ❒ “Received:” and “MessageID” headers are --98766789 part of the data Content-Transfer-Encoding: quoted-printable Content-Type: text/plain ❍ Accurate and helpful from legitimate servers Dear Bob, and user agents Please find a picture of a crepe. ❒ --98766789 Start with a legitimate server you trust Content-Transfer-Encoding: base64 ❍ Content-Type: image/jpeg Don’t relay messages from a site outside your domain to another host outside your domain base64 encoded data ..... ❍ ......................... Verify the Mail From field (resolvable domain ......base64 encoded data and matching IP address) --98766789-- ❍ Refuse traffic from known spammers 2: Application Layer 15 2: Application Layer 16 Sample Spam Tracking and Reporting Spam From [email protected] Sat Sep 4 16:55:41 1999 Received: from cs2.CS.Berkeley.EDU (cs2.CS.Berkeley.EDU [169.229.60.56]) ❒ by mnemosyne.CS.Berkeley.EDU (8.9.1a/) with ESMTP id QAA20836 for <[email protected]>; Record IP address of sender and time and Sat, 4 Sep 1999 16:55:38 -0700 (PDT) date of message transfer Received: from mail.everfaster.com (mail.everfaster.com [197.46.220.4]) by cs2.CS.Berkeley.EDU (8.9.1a/8.6.6.Beta11) with ESMTP id LAA18735 for <[email protected]>; Sat, 4 ❒ Sep 1999 16:55:04 -0700 (PDT) Spamcop uses a combination of tools like Received: from gate.hypermoon.com (pool37.qs4w.longlink.net [217.6.1.7]) dig, nslookup and finger to cross-check all by mail.everfaster.com (8.8.7/8.8.7) with SMTP id PAA20074; Sat, 4 Sep 1999 19:54:21 -0400 (EDT) Received: from fritz.hotdogcity.com (fritz.hotdogcity.com [221.88.9.16]) the information in an email header and find by server.big-hello.com (8.8.8/8.8.8) with SMTP id RAA04617; Sat, 4 Sep 1999 19:53:33 -0400 (EDT) the email address of the system Received: by fritz.hotdogcity.com with Internet Mail Service (5.5.248.0) id Q19G494F; Sat, 4 Sep 1999 19:53:25 -0400 (EDT) Date: Sat, 4 Sep 1999 19:53:23 -0400 (EDT) From: Charles Lewis <[email protected]> administrator responsible for the network To: [email protected] Subject: You'll never believe this! from which the mail was sent Message-ID: <[email protected]> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii ❒ postmaster@domain or abuse@domain You won't believe this, but some company just paid me to surf the web! Check out... 2: Application Layer 17 2: Application Layer 18 3 Multiple recipients Email viruses ❒ When you send mail to your outgoing mail ❒ Often attachments which once opened run server, transfer one copy of message with the users full privileges and corrupt regardless of how many recipients the system on which mail is read ❍ Great for spammers ❒ Viruses tend to target Windows as it is the ❒ Mail servers could play the same trick platform used by the majority of people ❍ Look at RCPT to list ❍ If more than one recipient per destination mail server then transfer just one mail ❒ Could also send one copy per recipient ❍ Recommended configuration? 2: Application Layer 19 2: Application Layer 20 SMTP vs HTTP Outgoing Mail Server? ❒ Why not just SMTP server on local ❒ Smtp: persistent connections like HTTP 1.1 machine? ❒ “Push not pull” means your PC must be ❒ Both have ASCII command/response interaction, status codes constantly on to accept “push” ❒ http: each object is encapsulated in its own response message ❒ smtp: multiple objects message sent in a multipart message ❒ http: pull; smtp: push 2: Application Layer 21 2: Application Layer 22 SMTP = outgoing Incoming mail? SMTP SMTP ❒ POP3 or user Notice we didn’t see any SMTP commands user agent to “get” or “retrieve” mail agent IMAP ❒ SMTP is for outgoing mail only sender’s mail receiver’s mail ❒ How do we get mail? server server ❒ Mailbox file ❍ Early days: log on to server and read mail from ❒ POP: Post Office Protocol [RFC 1939] authorization (agent <- a mailbox = file on server ->server) and download ❍ How many people still read mail that way? (I do ❒ IMAP: Internet Mail Access Protocol [RFC 1730] more ☺) features (more complex) manipulation of stored messages ❍ Today many people read mail on their PC on server ❒ HTTP: Hotmail , Yahoo! Mail, etc. ❍ How do they get their mail from the mail ❍ Why not use HTTP to transfer random things like email? server? ❍ Convenient – don’t need mail reader just the ubiquitous web browser ❒ 2: Application Layer 23 Other? 2: Application Layer 24 4 try POP interaction for yourself: POP3 protocol S: +OK POP3 server ready C: user alice authorization phase S: +OK ❒ C: pass hungry telnet servername 110 ❒ client commands: S: +OK user successfully logged on ❒ see “OK POP3 server ready” reply from server ❍ user: declare username ❒ ❍ pass: password C: list enter user, pass, list, retr, dele commands ❒ S: 1 498 server responses S: 2 912 ❍ +OK S: .
Recommended publications
  • Ipsec, SSL, Firewall, Wireless Security
    IPSec 1 Outline • Internet Protocol – IPv6 • IPSec – Security Association (SA) – IPSec Base Protocol (AH, ESP) – Encapsulation Mode (transport, tunnel) 2 IPv6 Header • Initial motivation: – 32-bit address space soon to be completely allocated. – Expands addresses to 128 bits • 430,000,000,000,000,000,000 for every square inch of earth’s surface! • Solves IPv4 problem of insufficient address space • Additional motivation: – header format helps speedy processing/forwarding – header changes to facilitate QoS IPv6 datagram format: – fixed-length 40 byte header – no fragmentation allowed 3 IPv6 Header (Cont) Priority: identify priority among datagrams in flow Flow Label: identify datagrams in same “flow.” (concept of“flow” not well defined). Next header: identify upper layer protocol for data 4 Other Changes from IPv4 • Checksum: removed entirely to reduce processing time at each hop • Options: allowed, but outside of header, indicated by “Next Header” field • ICMPv6: new version of ICMP – additional message types, e.g. “Packet Too Big” – multicast group management functions 5 IPv6 Security – IPsec mandated • IPsec is mandated in IPv6 – This means that all implementations (i.e. hosts, routers, etc) must have IPsec capability to be considered as IPv6-conformant • When (If?) IPv6 is in widespread use, this means that IPsec will be installed everywhere – At the moment, IPsec is more common in network devices (routers, etc) than user hosts, but this would change with IPsec • All hosts having IPsec => real end-to-end security possible 6 IPv6 Security • Enough IP addrs for every imaginable device + Real end-to-end security = Ability to securely communicate from anything to anything 7 IPv6 Security – harder to scan networks • With IPv4, it is easy to scan a network – With tools like nmap, can scan a typical subnet in a few minutes see: http://www.insecure.org/nmap/ – Returning list of active hosts and open ports – Many worms also operate by scanning • e.g.
    [Show full text]
  • SMTP (Simple Mail Transfer Protocol)
    P1: JsY JWBS001A-60.tex WL041/Bidgoli WL041-Bidgoli.cls May 12, 2005 3:27 Char Count= 0 SMTP (Simple Mail Transfer Protocol) Vladimir V. Riabov, Rivier College Introduction 1 SMTP Security Issues 12 SMTP Fundamentals 1 SMTP Vulnerabilities 12 SMTP Model and Protocol 2 SMTP Server Buffer Overflow Vulnerability 15 User Agent 4 Mail Relaying SMTP Vulnerability 15 Sending e-Mail 4 Mail Relaying SMTP Vulnerability in Microsoft Mail Header Format 4 Windows 2000 15 Receiving e-Mail 4 Encapsulated SMTP Address Vulnerability 15 The SMTP Destination Address 4 Malformed Request Denial of Service 16 Delayed Delivery 4 Extended Verb Request Handling Flaw 16 Aliases 5 Reverse DNS Response Buffer Overflow 16 Mail Transfer Agent 5 Firewall SMTP Filtering Vulnerability 16 SMTP Mail Transaction Flow 5 Spoofing 16 SMTP Commands 6 Bounce Attack 16 Mail Service Types 6 Restricting Access to an Outgoing Mail SMTP Service Extensions 8 Server 17 SMTP Responses 8 Mail Encryption 17 SMTP Server 8 Bastille Hardening System 17 On-Demand Mail Relay 8 POP and IMAP Vulnerabilities 17 Multipurpose Internet Mail Extensions Standards, Organizations, and (MIME) 8 Associations 18 MIME-Version 10 Internet Assigned Numbers Authority 18 Content-Type 10 Internet Engineering Task Force Working Content-Transfer-Encoding 10 Groups 18 Content-Id 11 Internet Mail Consortium 18 Content-Description 11 Mitre Corporation 18 Security Scheme for MIME 11 Conclusion 18 Mail Transmission Types 11 Glossary 18 Mail Access Modes 11 Cross References 19 Mail Access Protocols 11 References 19 POP3 11 Further Reading 22 IMAP4 12 INTRODUCTION and IMAP4), SMTP software, vulnerability and security issues, standards, associations, and organizations.
    [Show full text]
  • SILC-A SECURED INTERNET CHAT PROTOCOL Anindita Sinha1, Saugata Sinha2 Asst
    ISSN (Print) : 2320 – 3765 ISSN (Online): 2278 – 8875 International Journal of Advanced Research in Electrical, Electronics and Instrumentation Engineering Vol. 2, Issue 5, May 2013 SILC-A SECURED INTERNET CHAT PROTOCOL Anindita Sinha1, Saugata Sinha2 Asst. Prof, Dept. of ECE, Siliguri Institute of Technology, Sukna, Siliguri, West Bengal, India 1 Network Engineer, Network Dept, Ericsson Global India Ltd, India2 Abstract:-. The Secure Internet Live Conferencing (SILC) protocol, a new generation chat protocol provides full featured conferencing services, compared to any other chat protocol. Its main interesting point is security which has been described all through the paper. We have studied how encryption and authentication of the messages in the network achieves security. The security has been the primary goal of the SILC protocol and the protocol has been designed from the day one security in mind. In this paper we have studied about different keys which have been used to achieve security in the SILC protocol. The main function of SILC is to achieve SECURITY which is most important in any chat protocol. We also have studied different command for communication in chat protocols. Keywords: SILC protocol, IM, MIME, security I.INTRODUCTION SILC stands for “SECURE INTERNET LIVE CONFERENCING”. SILC is a secure communication platform, looks similar to IRC, first protocol & quickly gained the status of being the most popular chat on the net. The security is important feature in applications & protocols in contemporary network environment. It is not anymore enough to just provide services; they need to be secure services. The SILC protocol is a new generation chat protocol which provides full featured conferencing services; additionally it provides security by encrypting & authenticating the messages in the network.
    [Show full text]
  • Secure Shell Encrypt and Authenticate Remote Connections to Secure Applications and Data Across Open Networks
    Product overview OpenText Secure Shell Encrypt and authenticate remote connections to secure applications and data across open networks Comprehensive Data security is an ongoing concern for organizations. Sensitive, security across proprietary information must always be protected—at rest and networks in motion. The challenge for organizations that provide access to applications and data on host systems is keeping the data Support for Secure Shell (SSH) secure while enabling access from remote computers and devices, whether in a local or wide-area network. ™ Strong SSL/TLS OpenText Secure Shell is a comprehensive security solution that safeguards network ® encryption traffic, including internet communication, between host systems (mainframes, UNIX ™ servers and X Window System applications) and remote PCs and web browsers. When ™ ™ ™ ™ Powerful Kerberos included with OpenText Exceed or OpenText HostExplorer , it provides Secure Shell 2 (SSH-2), Secure Sockets Layer (SSL), LIPKEY and Kerberos security mechanisms to ensure authentication security for communication types, such as X11, NFS, terminal emulation (Telnet), FTP support and any TCP/IP protocol. Secure Shell encrypts data to meet the toughest standards and requirements, such as FIPS 140-2. ™ Secure Shell is an add-on product in the OpenText Connectivity suite, which encrypts application traffic across networks. It helps organizations achieve security compliance by providing Secure Shell (SSH) capabilities. Moreover, seamless integration with other products in the Connectivity suite means zero disruption to the users who remotely access data and applications from web browsers and desktop computers. Secure Shell provides support for the following standards-based security protocols: Secure Shell (SSH)—A transport protocol that allows users to log on to other computers over a network, execute commands on remote machines and securely move files from one machine to another.
    [Show full text]
  • Secure Telnet
    The following paper was originally published in the Proceedings of the Fifth USENIX UNIX Security Symposium Salt Lake City, Utah, June 1995. STEL: Secure TELnet David Vincenzetti, Stefano Taino, and Fabio Bolognesi Computer Emergency Resource Team Italy Department of Computer Science University of Milan, Italy For more information about USENIX Association contact: 1. Phone: 510 528-8649 2. FAX: 510 548-5738 3. Email: [email protected] 4. WWW URL: http://www.usenix.org STEL Secure TELnet David Vincenzetti Stefano Taino Fabio Bolognesi fvince k taino k b ologdsiunimiit CERTIT Computer Emergency Response Team ITaly Department of Computer Science University of Milan ITALY June Abstract Eavesdropping is b ecoming rampant on the Internet We as CERTIT have recorded a great numb er of sning attacks in the Italian community In fact sning is the most p opular hackers attack technique all over the Internet This pap er presents a secure telnet implementation whichhas b een designed by the Italian CERT to makeeavesdropping ineective to remote terminal sessions It is not to b e considered as a denitive solution but rather as a bandaid solution to deal with one of the most serious security threats of the moment Intro duction STEL stands for Secure TELnet We started developing STEL at the University of Milan when we realized that eavesdropping was a very serious problem and we did not like the freeware solutions that were available at that time It was ab out three years ago Still as far as we know e tapping problem and there are no really satisfying
    [Show full text]
  • Telnet Client 5.11 Ssh Support
    TELNET CLIENT 5.11 SSH SUPPORT This document provides This document describes how to install and configure SSH support in Wavelink Telnet Client 5.11. information on the SSH support available in Telnet Client 5.11 OVERVIEW OF SSH SUPPORT Secure Shell (SSH) is a protocol developed for transmitting private information over the Internet. SSH OVERVIEW encrypts data that is transferred over the Telnet session. • Overview of SSH The Telnet Client supports SSH version 1 and 2 and will automatically select the most secure protocol Support that the SSH server supports. • Installing Windows SSH Support This document describes the following: • Configuring the host • Installing Windows SSH support utility profile for SSH • Configuring the host profile for SSH support support • Deploying Windows • Deploying Windows SSH support to the device through Avalanche or ActiveSync SSH Support • Revision History INSTALLING WINDOWS SSH SUPPORT Installing SSH support is a two-step process. First, install SSH support on the PC from which you will deploy Telnet. Once you install SSH support on the PC, use Avalanche or ActiveSync to deploy the utility to the device. To install SSH support on your PC: 1. Obtain the installation executable for SSH support. NOTE: To obtain the Wavelink SSH support utility install, go to http://www.wavelink.com/downloads/ files/sshagreement.aspx. 2. Install SSH support on the PC from which you will deploy the Telnet Client. CONFIGURING THE HOST PROFILE FOR SSH SUPPORT SSH support is configured from the Host Profiles window of the configuration utility. NOTE: SSH is only an active option if SSH support has been installed on the PC running the Telnet Client configuration utility.
    [Show full text]
  • Cheat Sheet – Common Ports (PDF)
    COMMON PORTS packetlife.net TCP/UDP Port Numbers 7 Echo 554 RTSP 2745 Bagle.H 6891-6901 Windows Live 19 Chargen 546-547 DHCPv6 2967 Symantec AV 6970 Quicktime 20-21 FTP 560 rmonitor 3050 Interbase DB 7212 GhostSurf 22 SSH/SCP 563 NNTP over SSL 3074 XBOX Live 7648-7649 CU-SeeMe 23 Telnet 587 SMTP 3124 HTTP Proxy 8000 Internet Radio 25 SMTP 591 FileMaker 3127 MyDoom 8080 HTTP Proxy 42 WINS Replication 593 Microsoft DCOM 3128 HTTP Proxy 8086-8087 Kaspersky AV 43 WHOIS 631 Internet Printing 3222 GLBP 8118 Privoxy 49 TACACS 636 LDAP over SSL 3260 iSCSI Target 8200 VMware Server 53 DNS 639 MSDP (PIM) 3306 MySQL 8500 Adobe ColdFusion 67-68 DHCP/BOOTP 646 LDP (MPLS) 3389 Terminal Server 8767 TeamSpeak 69 TFTP 691 MS Exchange 3689 iTunes 8866 Bagle.B 70 Gopher 860 iSCSI 3690 Subversion 9100 HP JetDirect 79 Finger 873 rsync 3724 World of Warcraft 9101-9103 Bacula 80 HTTP 902 VMware Server 3784-3785 Ventrilo 9119 MXit 88 Kerberos 989-990 FTP over SSL 4333 mSQL 9800 WebDAV 102 MS Exchange 993 IMAP4 over SSL 4444 Blaster 9898 Dabber 110 POP3 995 POP3 over SSL 4664 Google Desktop 9988 Rbot/Spybot 113 Ident 1025 Microsoft RPC 4672 eMule 9999 Urchin 119 NNTP (Usenet) 1026-1029 Windows Messenger 4899 Radmin 10000 Webmin 123 NTP 1080 SOCKS Proxy 5000 UPnP 10000 BackupExec 135 Microsoft RPC 1080 MyDoom 5001 Slingbox 10113-10116 NetIQ 137-139 NetBIOS 1194 OpenVPN 5001 iperf 11371 OpenPGP 143 IMAP4 1214 Kazaa 5004-5005 RTP 12035-12036 Second Life 161-162 SNMP 1241 Nessus 5050 Yahoo! Messenger 12345 NetBus 177 XDMCP 1311 Dell OpenManage 5060 SIP 13720-13721
    [Show full text]
  • TCP/IP Standard Applications Telnet - SSH - FTP - SMTP - HTTP
    TCP/IP Standard Applications Telnet - SSH - FTP - SMTP - HTTP Virtual Terminal, Secure Shell, File Transfer, Email, WWW Agenda • Telnet (Virtual Terminal) • SSH • FTP (File Transfer) • E-Mail and SMTP • WWW and HTTP © 2016, D.I. Lindner / D.I. Haas Telnet-SSH-FTP-SMTP-HTTP, v6.0 2 What is Telnet? • Telnet is a standard method to communicate with another Internet host • Telnet provides a standard interface for terminal devices and terminal-oriented processes through a network • using the Telnet protocol user on a local host can remote-login and execute commands on another distant host • Telnet employs a client-server model – a Telnet client "looks and feels" like a Terminal on a distant server – even today Telnet provides a text-based user interface © 2016, D.I. Lindner / D.I. Haas Telnet-SSH-FTP-SMTP-HTTP, v6.0 3 Local and Remote Terminals network local terminal workstation Host as remote terminal with Telnet Server with Telnet Client traditional configuration today's demand: remote login © 2016, D.I. Lindner / D.I. Haas Telnet-SSH-FTP-SMTP-HTTP, v6.0 4 About Telnet • Telnet was one of the first Internet applications – since the earliest demand was to connect terminals to hosts across networks • Telnet is one of the most popular Internet applications because – of its flexibility (checking E-Mails, etc.) – it does not waste much network resources – because Telnet clients are integrated in every UNIX environment (and other operating systems) © 2016, D.I. Lindner / D.I. Haas Telnet-SSH-FTP-SMTP-HTTP, v6.0 5 Telnet Basics • Telnet is connection oriented and uses the TCP protocol • clients connect to the "well-known" destination port 23 on the server side • protocol specification: RFC 854 • three main ideas: – concept of Network Virtual Terminals (NVTs) – principle of negotiated options – a symmetric view of terminals and (server-) processes © 2016, D.I.
    [Show full text]
  • Secure Shell- Its Significance in Networking (Ssh)
    International Journal of Application or Innovation in Engineering & Management (IJAIEM) Web Site: www.ijaiem.org Email: [email protected] Volume 4, Issue 3, March 2015 ISSN 2319 - 4847 SECURE SHELL- ITS SIGNIFICANCE IN NETWORKING (SSH) ANOOSHA GARIMELLA , D.RAKESH KUMAR 1. B. TECH, COMPUTER SCIENCE AND ENGINEERING Student, 3rd year-2nd Semester GITAM UNIVERSITY Visakhapatnam, Andhra Pradesh India 2.Assistant Professor Computer Science and Engineering GITAM UNIVERSITY Visakhapatnam, Andhra Pradesh India ABSTRACT This paper is focused on the evolution of SSH, the need for SSH, working of SSH, its major components and features of SSH. As the number of users over the Internet is increasing, there is a greater threat of your data being vulnerable. Secure Shell (SSH) Protocol provides a secure method for remote login and other secure network services over an insecure network. The SSH protocol has been designed to support many features along with proper security. This architecture with the help of its inbuilt layers which are independent of each other provides user authentication, integrity, and confidentiality, connection- oriented end to end delivery, multiplexes encrypted tunnel into several logical channels, provides datagram delivery across multiple networks and may optionally provide compression. Here, we have also described in detail what every layer of the architecture does along with the connection establishment. Some of the threats which Ssh can encounter, applications, advantages and disadvantages have also been mentioned in this document. Keywords: SSH, Cryptography, Port Forwarding, Secure SSH Tunnel, Key Exchange, IP spoofing, Connection- Hijacking. 1. INTRODUCTION SSH Secure Shell was first created in 1995 by Tatu Ylonen with the release of version 1.0 of SSH Secure Shell and the Internet Draft “The SSH Secure Shell Remote Login Protocol”.
    [Show full text]
  • Networking Telnet
    IBM i Version 7.2 Networking Telnet IBM Note Before using this information and the product it supports, read the information in “Notices” on page 99. This edition applies to IBM i 7.2 (product number 5770-SS1) and to all subsequent releases and modifications until otherwise indicated in new editions. This version does not run on all reduced instruction set computer (RISC) models nor does it run on CISC models. This document may contain references to Licensed Internal Code. Licensed Internal Code is Machine Code and is licensed to you under the terms of the IBM License Agreement for Machine Code. © Copyright International Business Machines Corporation 1998, 2013. US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents Telnet................................................................................................................... 1 What's new for IBM i 7.2..............................................................................................................................1 PDF file for Telnet........................................................................................................................................ 1 Telnet scenarios...........................................................................................................................................2 Telnet scenario: Telnet server configuration.........................................................................................2 Telnet scenario: Cascaded Telnet
    [Show full text]
  • Table of Contents
    Table of Contents Preface .................................................................................................... xiii Part I: The Web Environment Chapter 1—Designing for a Variety of Browsers ...................... 3 Browsers ................................................................................................. 3 Design Strategies .................................................................................... 9 Writing Good HTML ............................................................................. 11 Knowing Your Audience ..................................................................... 12 Considering Your Site’s Purpose ......................................................... 13 Test! Test! Test! ..................................................................................... 13 Chapter 2—Designing for a Variety of Displays .................... 14 Dealing with Unknown Monitor Resolutions ..................................... 14 Fixed versus Flexible Web Page Design ............................................. 19 Accessibility .......................................................................................... 23 Alternative Displays .............................................................................. 26 Chapter 3—Web Design Principles for Print Designers ...................................................................... 28 Color on the Web ................................................................................. 28 Graphics on the Web ..........................................................................
    [Show full text]
  • Opportunistic Keying As a Countermeasure to Pervasive Monitoring
    Opportunistic Keying as a Countermeasure to Pervasive Monitoring Stephen Kent BBN Technologies Abstract This document was prepared as part of the IETF response to concerns about “pervasive monitoring” (PM) [Farrell-pm]. It begins by exploring terminology that has been used in IETF standards (and in academic publications) to describe encryption and key management techniques, with a focus on authentication and anonymity. Based on this analysis, it propose a new term, “opportunistic keying” to describe a goal for IETF security protocols, in response to PM. It reviews key management mechanisms used in IETF security protocol standards, also with respect to these properties. The document explores possible impediments to and potential adverse effects associated with deployment and use of techniques that would increase the use of encryption, even when keys are distributed in an unauthenticated manner. 1. What’s in a Name (for Encryption)? Recent discussions in the IETF about pervasive monitoring (PM) have suggested a desire to increase use of encryption, even when the encrypted communication is unauthenticated. The term “opportunistic encryption” has been suggested as a term to describe key management techniques in which authenticated encryption is the preferred outcome, unauthenticated encryption is an acceptable fallback, and plaintext (unencrypted) communication is an undesirable (but perhaps necessary) result. This mode of operation differs from the options commonly offered by many IETF security protocols, in which authenticated, encrypted communication is the desired outcome, but plaintext communication is the fallback. The term opportunistic encryption (OE) was coined by Michael Richardson in “Opportunistic Encryption using the Internet Key Exchange (IKE)” an Informational RFC [RFC4322].
    [Show full text]