Guide to TCP/IP, Second Edition

standguideΔίκτυα και Επικοινωνίες

26 Οκτ 2013 (πριν από 3 χρόνια και 7 μήνες)

73 εμφανίσεις

Guide to TCP/IP, Second Edition

1

Guide To TCP/IP, Second Edition

Chapter 6


Basic TCP/IP Services


Guide to TCP/IP, Second Edition

2

Objectives


Understand how TCP/IP Application layer protocols and
services work


Explain the capabilities, message types, and request/reply
architectures for a variety of basic TCP/IP services,
including FTP, Telnet, SMTP, and HTTP


Understand the operations of other basic TCP/IP services,
including Echo, Whois, TFTP, Finger, Remote Procedure
Call (RPC), NetBIOS services over TCP/IP (also known as
NBT), and SNMP

Guide to TCP/IP, Second Edition

3

Objectives (cont.)


Explain how to decode packets that contain
Application layer protocols, and how to relate
message types or other similar information to the
kinds of requests and replies moving between a
client and a server (or between hosts in general)

Guide to TCP/IP, Second Edition

4

How Application Layer IP Protocols
Work And Behave


Conventions and behaviors


Specifications for the message structures that the
protocol or service supports


Definition of a well
-
known port address (or addresses)
on which servers listen for service requests


Availability of appropriate software components that
implement the various roles that hosts can play in
requesting or providing such services

Guide to TCP/IP, Second Edition

5

How Application Layer IP Protocols
Work And Behave (cont.)


Request/reply messages


Client/server architecture


Peer
-
to
-
peer services


Server
-
to
-
server traffic


Load balancing


Replication


Pull


Push


Push
-
pull

Guide to TCP/IP, Second Edition

6

Understanding FTP


FTP User Interface (UI)


Protocol Interpreter (PI)


FTP Commands


Data Transfer Process (DTP)


File System

Guide to TCP/IP, Second Edition

7

Understanding FTP (cont.)


TCP Transport


TCP
-
based Command Connection


TCP
-
based Data Transfer Connection

Guide to TCP/IP, Second Edition

8

Understanding FTP (cont.)


Guide to TCP/IP, Second Edition

9

Understanding FTP (cont.)


Guide to TCP/IP, Second Edition

10

Understanding FTP (cont.)


Guide to TCP/IP, Second Edition

11

Understanding FTP (cont.)


Guide to TCP/IP, Second Edition

12

Sample FTP Communications


Guide to TCP/IP, Second Edition

13

Sample FTP Communications (cont.)


Guide to TCP/IP, Second Edition

14

Sample FTP Communications (cont.)


Guide to TCP/IP, Second Edition

15

Sample FTP Communications (cont.)


Guide to TCP/IP, Second Edition

16

Understanding Telnet


Bidirectional byte
-
oriented communication


Terminal Access


Well
-
known Port 23 server side


Dynamic port number client side

Guide to TCP/IP, Second Edition

17

Sample Telnet Communications


Guide to TCP/IP, Second Edition

18

Packet
-
By
-
Packet Sequence


Guide to TCP/IP, Second Edition

19

Packet
-
By
-
Packet Sequence (cont.)


Guide to TCP/IP, Second Edition

20

Understanding SMTP


SMTP elements


Sender
-
SMTP and Receiver
-
SMTP


SMTP commands and extensions


SMTP reply codes

Guide to TCP/IP, Second Edition

21

Understanding SMTP (cont.)


Guide to TCP/IP, Second Edition

22

Sample SMTP Communications


Guide to TCP/IP, Second Edition

23

Sample SMTP Communications (cont.)


Guide to TCP/IP, Second Edition

24

Understanding HTTP


Http elements


URIs


Uniform Resource Locator (URL)


Uniform Resource Name (URN)


HTTP methods


Status codes

Guide to TCP/IP, Second Edition

25

Understanding HTTP (cont.)


Guide to TCP/IP, Second Edition

26

Understanding HTTP (cont.)


Guide to TCP/IP, Second Edition

27

Sample HTTP Communications


Guide to TCP/IP, Second Edition

28

Packet
-
By
-
Packet Sequence


Guide to TCP/IP, Second Edition

29

Packet
-
By
-
Packet Sequence (cont.)


Guide to TCP/IP, Second Edition

30

Other Common IP
-
based Services


Echo (TCP and UDP)


Whois


Trivial File Transfer Protocol (TFTP)

Guide to TCP/IP, Second Edition

31

Decoding Application Layer Protocols


Decoding TCP/IP Application layer traffic
largely depends on two separate but
simultaneous forms of analysis


Understanding request/reply messages,
recognize related headers and payload
information


Assemble multiple lower
-
layer packets to
reconstitute Application layer messages

Guide to TCP/IP, Second Edition

32

Decoding Application Layer Protocols (cont.)


Guide to TCP/IP, Second Edition

33

Decoding Application Layer Protocols (cont.)


Guide to TCP/IP, Second Edition

34

Other Common IP
-
based Services (cont.)


Finger


Remote Procedure Call (RPC)


Simple Network Management Protocol
(SNMP)


NetBIOS over TCP/IP

Guide to TCP/IP, Second Edition

35

Chapter Summary


The foundation upon which all TCP/IP
Application layer services rest is a request/reply
message architecture, in which clients send
requests and servers issue corresponding replies


When the client and server roles are clearly
distinct and separate, such services may be called
client/server services; when a client can also act as
a server and vice versa, such services may be
called peer
-
to
-
peer services

Guide to TCP/IP, Second Edition

36

Chapter Summary (cont.)


Among its hundreds of Application layer services,
the TCP/IP protocol suite includes many instances
of both kinds


Certain client/server Application layer services
also involve server
-
to
-
server traffic, in which
multiple servers cooperate to share common data


The sharing process is called replication and may
occur as a push operation, in which the sending
server initiates data transfer, or as a pull operation,
in which the receiving server initiates data transfer

Guide to TCP/IP, Second Edition

37

Chapter Summary (cont.)


Some TCP/IP Application layer services even use push
-
pull replication, so that a server whose data was changed
can immediately push its data to replication partners after
the change is completed, but other servers can also request
replication at regular intervals to make sure their copies of
data are as current as possible


FTP is a file transfer service that permits a local host to
connect to a remote host, navigate and manage files on the
remote system, and transfer files to and from that remote
host


Although FTP is an old TCP/IP service, it remains useful
today

Guide to TCP/IP, Second Edition

38

Chapter Summary (cont.)


Telnet provides a method to log on and access the
command line on a remote computer using TCP/IP, a
technique known as terminal emulation (because it makes


the local host behave as if it were a terminal attached to the
remote host)


Because Telnet provides a convenient way to operate on a
remote host across a network, it too remains useful to this
day


Security problems with Telnet (especially moving account
and password information as clear text) prompted
development and widespread adoption of Secure Telnet
implementations in many organizations

Guide to TCP/IP, Second Edition

39

Chapter Summary (cont.)


SMTP provides store and forward services for e
-
mail messages, and manages how e
-
mail is routed
from its sender to its designated receiver(s)


SMTP makes global e
-
mail possible on today’s
Internet, and continues to deliver one of the most
useful and valuable networking services around

Guide to TCP/IP, Second Edition

40

Chapter Summary (cont.)


HTTP provides the underpinnings for the leading service
and protocol used on today’s Internet

namely the World
Wide Web


HTTP’s rich collection of message types, and its ability to
invoke other protocols (including e
-
mail, news, and FTP),
make it a powerful tool for general remote data access


Its hyperlinking abilities make it easy for users to move
rapidly through huge information spaces and explain why
the Web is so compelling and appealing to most Internet
users

Guide to TCP/IP, Second Edition

41

Chapter Summary (cont.)


Other common TCP/IP Application layer
services include Echo (which echoes the
data delivered to a receiver back to the
sender), TFTP, Finger, Remote Procedure
Call (RPC), NetBIOS over TCP/IP (also
known as NBT), and SNMP

Guide to TCP/IP, Second Edition

42

Chapter Summary (cont.)


Understanding how to decode Application layer
protocols means learning how to identify and
interpret request and reply messages related to
such protocols, and how to reassemble related
payloads, when necessary


Fortunately, many modern protocol analyzers (for
example, Ethereal) are able to assist with this task