程序代写代做代考 database flex DHCP cache dns Application_Part2_nn

Application_Part2_nn

Application Layer (Email, DNS)

Computer Networks and Applications

Week 3
COMP 3331/COMP 9331

Reading Guide: Chapter 2, Sections 2.3, 2.4

Application Layer: outline

2.1 principles of network
applications
§ app architectures
§ app requirements

2.2 Web and HTTP
2.3 electronic mail

§ SMTP, POP3, IMAP
2.4 DNS

2.5 P2P applications
2.6 video streaming and

content distribution
networks (CDNs)

2.7 socket programming
with UDP and TCP

2

Self study

Electronic mail

Three major components:
v user agents
v mail servers
v simple mail transfer

protocol: SMTP

User Agent
v a.k.a. “mail reader”
v composing, editing, reading

mail messages
v e.g., Outlook, Thunderbird,

iPhone mail client
v outgoing, incoming

messages stored on server

user mailbox

outgoing
message queue

mail
server

mail
server

mail
server

SMTP

SMTP

SMTP

user
agent

user
agent

user
agent

user
agent

user
agent

user
agent

3

Electronic mail: mail servers

mail servers:
v mailbox contains incoming

messages for user
v message queue of outgoing

(to be sent) mail messages
v SMTP protocol between

mail servers to send email
messages
§ client: sending mail

server
§ “server”: receiving mail

server

mail
server

mail
server

mail
server

SMTP

SMTP

SMTP

user
agent

user
agent

user
agent

user
agent

user
agent

user
agent

4

Electronic Mail: SMTP [RFC 2821]

v uses TCP to reliably transfer email message from
client to server, port 25

v direct transfer: sending server to receiving
server

v three phases of transfer
§ handshaking (greeting)
§ transfer of messages
§ closure

v command/response interaction (like HTTP, FTP)
§ commands: ASCII text
§ response: status code and phrase

v messages must be in 7-bit ASCII
5

user
agent

Scenario: Alice sends message to Bob

1) Alice uses UA to compose
message “to”
bob@someschool.edu

2) Alice’s UA sends message
to her mail server; message
placed in message queue

3) client side of SMTP opens
TCP connection with Bob’s
mail server

4) SMTP client sends Alice’s
message over the TCP
connection

5) Bob’s mail server places the
message in Bob’s mailbox

6) Bob invokes his user agent
to read message

mail
server

mail
server

1

2 3 4
5

6

Alice’s mail server Bob’s mail server

user
agent

6

Sample SMTP interaction
S: 220 hamburger.edu
C: HELO crepes.fr
S: 250 Hello crepes.fr, pleased to meet you
C: MAIL FROM:
S: 250 alice@crepes.fr… Sender ok
C: RCPT TO:
S: 250 bob@hamburger.edu … Recipient ok
C: DATA
S: 354 Enter mail, end with “.” on a line by itself
C: Do you like ketchup?
C: How about pickles?
C: .
S: 250 Message accepted for delivery
C: QUIT
S: 221 hamburger.edu closing connection 7

How to tell a fake email?

Examine Long Headers or Raw Source

Further reading: http://www.millersmiles.co.uk/identitytheft/spoofemail-060603.htm
8

Phishing

v Spear phishing
§ Phishing attempts directed at specific individuals or companies
§ Attackers may gather personal information (social

engineering) about their targets to increase their probability of
success

§ Most popular and accounts for over 90% of attacks

v Clone phishing
§ A type of phishing attack whereby a legitimate, and previously

delivered email containing an attachment or link has had its
content and recipient address(es) taken and used to create an
almost identical or cloned email.

§ The attachment or link within the email is replaced with a
malicious version and then sent from an email address
spoofed to appear to come from the original sender.

9

SMTP: final words

v SMTP uses persistent
connections

v SMTP requires message
(header & body) to be in
7-bit ASCII

v SMTP server uses
CRLF.CRLF to
determine end of message

comparison with HTTP:
v HTTP: pull
v SMTP: push

v both have ASCII
command/response
interaction, status codes

v HTTP: each object
encapsulated in its own
response msg

v SMTP: multiple objects
sent in multipart msg

10

Mail message format

SMTP: protocol for
exchanging email msgs

RFC 5322 (822,2822):
standard for text message
format (Internet Message
Format, IMF):

v header lines, e.g.,
§ To:
§ From:
§ Subject:
different from SMTP MAIL

FROM, RCPT TO:
commands!

v Body: the “message”
§ ASCII characters only

header

body

blank
line

11

12

Quiz: SMTP

Why do we have Sender’s mail server?
Ø User agent can directly connect with recipient mail server

without the need of sender’s mail server? What’s the catch?

Why do we have a separate Receiver’s mail server?
Ø Can’t the recipient run the mail server on own end system?

v IF SMTP only allows 7-bit ASCII, how do we send
pictures/videos/files via email?

A: We use a different protocol instead of SMTP

B: We encode these objects as 7-bit ASCII

C: We’re really sending links to the objects, rather than
the objects themselves

D: Like HTTP, we can send these in binary

13

Quiz: E-mail attachments?

Mail access protocols

v SMTP: delivery/storage to receiver’s server
v mail access protocol: retrieval from server

§ POP: Post Office Protocol [RFC 1939]: authorization,
download

§ IMAP: Internet Mail Access Protocol [RFC 1730]: more
features, including manipulation of stored msgs on
server

§ HTTP(S): Gmail, Yahoo! Mail, etc.

sender’s mail
server

SMTP SMTP
mail access

protocol

receiver’s mail
server

(e.g., POP,
IMAP)

user
agent

user
agent

14

v Which of the following is not true?

A. HTTP is pull-based, SMTP is push-based

B. HTTP uses a separate header for each object, SMTP
uses a multipart message format

C. SMTP uses persistent connections

D. HTTP uses client-server communication but SMTP
does not

15

Quiz: HTTP vs SMTP

2. Application Layer: outline

2.1 principles of network
applications
§ app architectures
§ app requirements

2.2 Web and HTTP
2.3 electronic mail

§ SMTP, POP3, IMAP
2.4 DNS

2.5 P2P applications
2.6 video streaming and

content distribution
networks (CDNs)

2.7 socket programming
with UDP and TCP

A nice overview: https://webhostinggeeks.com/guides/dns/

16

DNS: domain name system

people: many identifiers:
§ TFN, name, passport #

Internet hosts, routers:
§ IP address (32 bit) –

used for addressing
datagrams

§ “name”, e.g.,
www.yahoo.com –
used by humans

Q: how to map between IP
address and name, and
vice versa ?

Domain Name System:
v distributed database

implemented in hierarchy of
many name servers

v application-layer protocol: hosts,
name servers communicate to
resolve names (address/name
translation)
§ note: core Internet function,

implemented as application-
layer protocol

§ complexity at network’s
“edge”

17

DNS: History
v Initially all host-address mappings were in a hosts.txt file (in

/etc/hosts):
§ Maintained by the Stanford Research Institute (SRI)
§ Changes were submitted to SRI by email
§ New versions of hosts.txt periodically FTP’d from SRI
§ An administrator could pick names at their discretion

v As the Internet grew this system broke down:
§ SRI couldn’t handle the load; names were not unique; hosts had inaccurate

copies of hosts.txt

v The Domain Name System (DNS) was invented to fix this

18

Jon Postel

http://www.wired.com/2012/10/joe-postel/

DNS: services, structure
why not centralize DNS?
v single point of failure
v traffic volume
v distant centralized database
v maintenance

DNS services
v hostname to IP address

translation
v host aliasing

§ canonical, alias names
v mail server aliasing
v load distribution

§ replicated Web servers:
many IP addresses
correspond to one name

§ Content Distribution
Networks: use IP address
of requesting host to find
best suitable server

• Example: closest, least-
loaded, etc

A: doesn’t scale!

19

Goals

v No naming conflicts (uniqueness)
v Scalable

§ many names
§ (secondary) frequent updates

v Distributed, autonomous administration
§ Ability to update my own (machines’) names
§ Don’t have to track everybody’s updates

v Highly available
v Lookups should be fast

20

Key idea: Hierarchy

Three intertwined hierarchies
§ Hierarchical namespace

• As opposed to original flat namespace

§ Hierarchically administered
• As opposed to centralised

§ (Distributed) hierarchy of servers
• As opposed to centralised storage

21

Hierarchical Namespace

v “Top Level Domains” are at the top
v Domains are sub-trees

§ E.g: .edu, berkeley.edu, eecs.berkeley.edu
v Name is leaf-to-root path

§ instr.eecs.berkeley.edu
v Depth of tree is arbitrary (limit 128)
v Name collisions trivially avoided

§ each domain is responsible

root

edu com gov mil org net uk fr

berkeley ucla

eecs sims

instr

22

23

Hierarchical Administration

root

edu com gov mil org net uk fr

berkeley ucla

eecs sims

instr

root

edu com gov mil org net uk fr

berkeley

eecs sims
§ A zone corresponds to an administrative authority that

is responsible for that portion of the hierarchy

§ E.g., UCB controls names: *.berkeley.edu and
*.sims.berkeley.edu

v E.g., EECS controls names: *.eecs.berkeley.edu

Authoritative NS

Server Hierarchy

v Top of hierarchy: Root servers
§ Location hardwired into other servers

v Next Level: Top-level domain (TLD) servers
§ .com, .edu, etc.
§ Managed professionally

v Bottom Level: Authoritative DNS servers
§ Actually store the name-to-address mapping
§ Maintained by the corresponding administrative authority

24

Server Hierarchy

v Each server stores a (small!) subset of the total DNS database

v An authoritative DNS server stores “resource records” for all
DNS names in the domain that it has authority for

v Each server needs to know other servers that are responsible
for the other portions of the hierarchy
§ Every server knows the root
§ Root server knows about all top-level domains

25

26

DNS: a distributed, hierarchical database

… …

.edu

TLDs = Top Level Domains
NS

Root NS

Authoritative NS

Local NS

au

edu

unsw

Titanium
washington.edu

Local NS

robot.cs.washington.edu

cse

Credits: Prof David Wetherall, UoW

pk

DNS Root
v Located in Virginia, USA
v How do we make the root scale?

Verisign, Dulles, VA

27

DNS Root Servers
v 13 root servers (labeled A-M; see http://www.root-servers.org/)

B USC-ISI Marina del Rey, CA
L ICANN Los Angeles, CA

E NASA Mt View, CA
F Internet Software

Consortium
Palo Alto, CA

I Autonomica, Stockholm

K RIPE London

M WIDE Tokyo

A Verisign, Dulles, VA
C Cogent, Herndon, VA
D U Maryland College Park, MD
G US DoD Vienna, VA
H ARL Aberdeen, MD
J Verisign

28

DNS Root Servers

B USC-ISI Marina del Rey, CA
L ICANN Los Angeles, CA

E NASA Mt View, CA
F Internet Software

Consortium,
Palo Alto, CA
(and 37 other locations)

I Autonomica, Stockholm
(plus 29 other locations)

K RIPE London (plus 16 other locations)

M WIDE Tokyo
plus Seoul, Paris,
San Francisco

A Verisign, Dulles, VA
C Cogent, Herndon, VA (also Los Angeles, NY, Chicago)
D U Maryland College Park, MD
G US DoD Vienna, VA
H ARL Aberdeen, MD
J Verisign (21 locations)

l 13 root servers (labeled A-M; see http://www.root-servers.org/)
l Replicated via any-casting

29
Root Server health: https://www.ultratools.com/tools/dnsRootServerSpeed

30

DNS: root name servers

www.root-servers.org

TLD, authoritative servers

top-level domain (TLD) servers:
§ responsible for com, org, net, edu, aero, jobs, museums,

and all top-level country domains, e.g.: uk, fr, ca, jp
§ Network Solutions maintains servers for .com TLD
§ Educause for .edu TLD

authoritative DNS servers:
§ organization’s own DNS server(s), providing

authoritative hostname to IP mappings for organization’s
named hosts

§ can be maintained by organization or service provider

31

Local DNS name server
v does not strictly belong to hierarchy
v each ISP (residential ISP, company, university) has one

§ also called “default name server”
v Hosts configured with local DNS server address (e.g.,

/etc/resolv.conf) or learn server via a host configuration
protocol (e.g., DHCP)

v Client application
§ Obtain DNS name (e.g., from URL)
§ Do gethostbyname() to trigger DNS request to its local DNS server

v when host makes DNS query, query is sent to its
local DNS server
§ has local cache of recent name-to-address translation pairs

(but may be out of date!)
§ acts as proxy, forwards query into hierarchy

32

requesting host
wagner.cse.unsw.edu.au

gaia.cs.umass.edu

root DNS server

local DNS server
cse.unsw.edu.au

1

2
3

4

5

6

authoritative DNS server
dns.cs.umass.edu

7
8

TLD DNS server

DNS name
resolution example

v host at
wagner.cse.unsw.edu.au
wants IP address for
gaia.cs.umass.edu

iterated query:
v contacted server

replies with name of
server to contact

v “I don’t know this
name, but ask this
server”

33

45

6

3

recursive query:
v puts burden of name

resolution on
contacted name
server

requesting host
wagner.cse.unsw.edu.au

gaia.cs.umass.edu

root DNS server

local DNS server
cse.unsw.edu.au

1

2
7

authoritative DNS server
dns.cs.umass.edu

8

DNS name
resolution example

TLD DNS
server

34

DNS: caching, updating records
v once (any) name server learns mapping, it caches

mapping
§ cache entries timeout (disappear) after some time (TTL)
§ TLD servers typically cached in local name servers

• thus root name servers not often visited

v Subsequent requests need not burden DNS
v cached entries may be out-of-date (best effort

name-to-address translation!)
§ if name host changes IP address, may not be known

Internet-wide until all TTLs expire

35

DNS records

DNS: distributed db storing resource records (RR)

type=NS
§ name is domain (e.g.,

foo.com)
§ value is hostname of

authoritative name
server for this domain

RR format: (name, value, type, ttl)

type=A
§ name is hostname
§ value is IP address

type=CNAME
§ name is alias name for some
“canonical” (the real) name

§ www.ibm.com is really
servereast.backup2.ibm.com

§ value is canonical name

type=MX
§ value is name of mailserver

associated with name

36

DNS protocol, messages

v query and reply messages, both with same message
format

msg header
v identification: 16 bit # for

query, reply to query uses
same #

v flags:
§ query or reply
§ recursion desired
§ recursion available
§ reply is authoritative

identification flags

# questions

questions (variable # of questions)

# additional RRs# authority RRs

# answer RRs

answers (variable # of RRs)

authority (variable # of RRs)

additional info (variable # of RRs)

2 bytes 2 bytes

37

name, type fields
for a query

RRs in response
to query

records for
authoritative servers

additional “helpful”
info that may be used

identification flags

# questions

questions (variable # of questions)

# additional RRs# authority RRs

# answer RRs

answers (variable # of RRs)

authority (variable # of RRs)

additional info (variable # of RRs)

DNS protocol, messages

2 bytes 2 bytes

38

39

An Example Try this out
yourself. Part of
one of the lab

Inserting records into DNS

v example: new startup “Network Utopia”
v register name networkutopia.com at DNS registrar

(e.g., Network Solutions)
§ provide names, IP addresses of authoritative name server

(primary and secondary)
§ registrar inserts two RRs into .com TLD server:
(networkutopia.com, dns1.networkutopia.com, NS)
(dns1.networkutopia.com, 212.212.212.1, A)

v create authoritative server type A record for
www.networkuptopia.com; type MX record for
networkutopia.com

v Q: Where do you insert these type A and type MX
records?
A: ?? 40

Reliability

v DNS servers are replicated (primary/secondary)
§ Name service available if at least one replica is up
§ Queries can be load-balanced between replicas

v Usually, UDP used for queries
§ Need reliability: must implement this on top of UDP
§ Spec supports TCP too, but not always implemented

v Try alternate servers on timeout
§ Exponential backoff when retrying same server

v Same identifier for all queries
§ Don’t care which server responds

41

DNS provides Indirection

v Addresses can change underneath
§ Move www.cnn.com to 4.125.91.21
§ Humans/Apps should be unaffected

v Name could map to multiple IP addresses
§ Enables

• Load-balancing
• Reducing latency by picking nearby servers

v Multiple names for the same address
§ E.g., many services (mail, www, ftp) on same machine
§ E.g., aliases like www.cnn.com and cnn.com

v But, this flexibility applies only within domain!
42

Reverse DNS

v IP address -> domain name
v Special PTR record type to store reverse DNS

entries
v Where is reverse DNS used?

§ Troubleshooting tools such as traceroute and ping
§ “Received” trace header field in SMTP e-mail
§ SMTP servers for validating IP addresses of originating

servers
§ Internet forums tracking users
§ System logging or monitoring tools
§ Used in load balancing servers/content distribution to

determine location of requester

43

Do you trust your DNS server?

v Censorship

v Logging
§ IP address, websites visited, geolocation data and more
§ E.g., Google DNS:

44

https://developers.google.com/speed/public-dns/privacy

https://wikileaks.org/wiki/Alternative_DNS

Attacking DNS
DDoS attacks
v Bombard root servers

with traffic
§ Not successful to date
§ Traffic Filtering
§ Local DNS servers cache

IPs of TLD servers, allowing
root server to be bypassed

v Bombard TLD servers
§ Potentially more dangerous

Redirect attacks
v Man-in-middle

§ Intercept queries
v DNS poisoning

§ Send bogus replies to DNS
server, which caches

Exploit DNS for DDoS
v Send queries with spoofed

source address: target IP
v Requires amplification

45

Want to dig deeper?
http://www.networkworld.com/article/2886283/security0/top-10-dns-attacks-
likely-to-infiltrate-your-network.html

46

Detailed Report at – http://www.verizonenterprise.com/resources/reports/rp_data-
breach-digest-2017-sneak-peek_xg_en.pdf

DNS Cache Poisoning
v Suppose you are a bad guy and you control the name server

for drevil.com. Your name server receives a request to resolve
www.drevil.com. and you respond as follows:

;; QUESTION SECTION:
;www.drevil.com. IN A

;; ANSWER SECTION:
www.drevil.com 300 IN A 129.45.212.42

;; AUTHORITY SECTION:
drevil.com 86400 IN NS dns1.drevil.com.
drevil.com 86400 IN NS google.com

;; ADDITIONAL SECTION:
google.com 600 IN A 129.45.212.222

v Solution: Do not allow DNS servers to cache IP address mappings
unless they are from authoritative name servers

47

A drevil.com machine, not google.com

Dig deeper?

DNS Cache Poisoning Test
https://www.grc.com/dns/dns.htm

DNSSEC: DNS Security Extensions,
http://www.dnssec.net

48

v If a name server has no clue about where
to find the address for a hostname then

A. Server asks the authoritative name server

B. Server asks its root name server

C. Request is not processed

D. Server asks another name server in its domain

49

Quiz: DNS

v Which of the following is an example of a
Top Level Domain?

A. yoda.jedi.starwars.com

B. jedi.starwars.com

C. starwars.com

D. .com

50

Quiz: DNS

v A web browser needs to contact
www.cse.unsw.edu.au. The minimum
number of DNS requests sent is:

A. 0

B. 1

C. 2

D. 3

51

Quiz: DNS