Stream Control Transmission Protocol (SCTP)
Download
Report
Transcript Stream Control Transmission Protocol (SCTP)
CHAPTER 26
REMOTE LOGGING &
FTP
1
Introduction
2
The main task of the Internet is to provide services
for users.
Among the most popular applications are:
remote logging
electronic mail
file transfer
REMOTE LOGGING
3
In the Internet, users may want to run application
programs at a remote site and create results that
can be transferred to their local site.
One way to satisfy that demand is to create a
client/server application program for each desired
service.
The better solution is a general-purpose
client/server program that lets a user access any
application program on a remote computer;
TELNET
4
TELNET is a general-purpose client/server
application program.
TELNET is an abbreviation for TErminaL NETwork.
It is the standard TCP/IP protocol for virtual terminal
service as.
proposed by the International Organization for
Standards (ISO).
It’s enable the establishment of a connection to a
remote .
Timesharing Environment
5
TELNET was designed at a time when most
operating systems, were operating in a timesharing
environment such as UNIX
In this environment, a large computer supports
multiple users.
The interaction between a user and the computer
occurs through a terminal (a combination of
keyboard, monitor, and mouse).
Even a microcomputer can simulate a terminal with
a terminal emulator.
Logging
6
users are part of the system with some right to
access resources.
Each authorized user has an identification and
password.
The user identification defines the user as part of
the system.
To access the system, the user logs into the system
with a user id or log-in name and password.
to prevent an unauthorized user from accessing the
resources.
Local log-in
7
remote log-in
8
Network Virtual Terminal
9
We are dealing with heterogeneous systems.
If we want to access any remote computer in the
world, we must first know what type of computer we
will be connected to.
we must also install the specific terminal emulator
used by that computer.
TELNET solves this problem by defining a universal
interface called the network virtual terminal (NVT)
character set.
Concept of NVT
10
Network Virtual Terminal
11
the client TELNET translates characters (data or
commands) into NVT form and delivers them to the
network.
The server TELNET, on the other hand, translates
data and commands from NVT form into the form
acceptable by the remote computer.
Mode of Operation
12
Most TELNET implementations operate in one of
three modes:
default mode.
character mode.
line mode.
Mode of Operation
13
default mode
This mode is used if no other modes are invoked
through option negotiation.
In this mode, the echoing is done by the client.
The user types a character, and the client echoes
the character on the screen (or printer) but does not
send it until a whole line is completed.
Mode of Operation
14
character mode
In this mode, each character typed is sent by the
client to the server.
The server normally echoes the character back to
be displayed on the client screen.
In this mode the echoing of the character can be
delayed if the transmission time is long.
It also creates overhead (traffic) for the network
because three TCP segments must be sent for each
character of data.
Mode of Operation
15
line mode
A new mode has been proposed to compensate for
the deficiencies of the default mode and the
character mode.
In this mode, called the line mode, line editing
(echoing, character erasing, line erasing, and so on)
is done by the client.
The client then sends the whole line to the server.
Security Issue
16
TELNET suffers from security problems.
Although TELNET requires a login name and
password (when exchanging text), often this is not
enough.
A microcomputer connected to a broadcast LAN can
easily eavesdrop using snooper software and
capture a login name and the corresponding
password (even if it is encrypted).
FILE TRANSFER
17
File Transfer Protocol (FTP) is the standard mechanism
provided by TCP/IP for copying a file from one host to
another.
Although transferring files from one system to another seems
simple and straightforward.
Before transferring, some problems must be dealt with first,
such as:
two systems may use different file name conventions.
Two systems may have different ways to represent text and data.
Two systems may have different directory structures.
All of these problems have been solved by FTP in a very
simple and elegant approach.
FILE TRANSFER
18
FTP differs from other client-server applications in
that it establishes two connections between the hosts.
One connection is used for data transfer, the other
for control information (commands and responses).
Separation of commands and data transfer makes
FTP more efficient.
We need to transfer only a line of command or a
line of response at a time.
FILE TRANSFER
19
The control connection uses very simple rules of
communication.
The data connection, on the other hand, needs more
complex rules due to the variety of data types
transferred.
FTP uses two well-known TCP ports:
Port 21 is used for the control connection,
port 20 is used for the data connection.
FTP
20
Control Connection
21
There are two steps:
1.
2.
The server issues a passive open on the well-known port
21 and waits for a client.
The client uses an ephemeral port and issues an active
open.
The connection remains open during the entire process.
The service type, used by the IP protocol, is minimize
delay because this is an interactive connection between a
user (human) and a server.
The user types commands and expects to receive
responses without significant delay.
Opening the control connection
22
Data Connection
23
1.
2.
3.
The data connection uses the well-known port 20 at the
server site.
The following shows how FTP creates a data connection:
The client, not the server, issues a passive open using
an ephemeral port.
The client sends this port number to the server using
the PORT command.
The server receives the port number and issues an
active open using the well known port 20 and the
received ephemeral port number.
Creating the data connection
24
Data Connection
25
The data connection is opened and then closed for
each file transferred.
It opens each time commands that involve
transferring files are used, and it closes when the
file is transferred.
While the control connection is open, the data
connection can be opened and closed multiple times
if several files are transferred.
Communication
26
The FTP client and server, which run on different
computers, must communicate with each other.
These two computers may use:
different operating systems
different character sets
different file structures
different file formats
FTP must make this heterogeneity compatible.
FTP has two different approaches, one for the
control connection and one for the data connection.
Communication over Control Connection
27
FTP uses the same approach as SMTP to
communicate across the control connection.
It uses the 7-bit ASCII character set.
Communication is achieved through commands and
responses.
Each command or response is only one short line, so
we need not worry about file format or file
structure.
Each line is terminated with a two-character
(carriage return and line feed) end-of-line token.
Using the control connection
28
Communication over Data Connection
29
File transfer occurs over the data connection under the
control of the commands sent over the control
connection.
We prepare for transmission through the control
connection.
The heterogeneity problem is resolved by defining
three attributes of communication before sending the
file through the data connection :
file type
data structure
transmission mode
Using the data connection
30
File Type
31
FTP can transfer one of the following file types across the data connection:
ASCII file.
EBCDIC file
image file.
The ASCII file is the default format for transferring text files.
Each character is encoded using 7-bit ASCII.
The sender transforms the file from its own representation into ASCII characters,
and the receiver transforms the ASCII characters to its own representation.
The EBCDIC file used If one or both ends of the connection use EBCDIC encoding
(the file format used by IBM).
The image file is the default format for transferring binary files.
The file is sent as continuous streams of bits without any interpretation or
encoding.
This is mostly used to transfer binary files such as compiled programs.
Data Structure
32
FTP can transfer a file across the data connection
by using one of the following interpretations about
the structure of the data:
file
structure: the file is a continuous stream of bytes.
record structure: the file is divided into records. This
can be used only with text files.
page structure: the file is divided into pages, with each
page having a page number and a page header.
The pages can be stored and accessed randomly or
sequentially.
Transmission Mode
33
FTP can transfer a file across the data connection using one of the following
three transmission modes:
Stream mode.
Block mode.
Compressed mode.
Stream mode:
This is the default mode. Data are delivered from FTP to TCP as a
continuous stream of bytes.
TCP is responsible for chopping data into segments of appropriate size.
If the data is simply a stream of bytes (file structure), no end-of-file is
needed.
End-of-file in this case is the closing of the data connection by the sender.
If the data are divided into records (record structure), each record will
have a 1-byte end-of-record (EOR) character and the end of the file will
have a 1-byte end-of-file (EOF) character.
Transmission Mode
34
Block mode:
Data can be delivered from FTP to TCP in blocks.
Each block is preceded by a 3-byte header. The first byte is called
the block descriptor; the next two bytes define the size of the block
in bytes.
Compressed mode:
If the file is big, the data can be compressed.
The compression method normally used is run-length encoding.
consecutive appearances of a data unit are replaced by one
occurrence and the number of repetitions.
In a text file, this is usually spaces (blanks).
In a binary file, null characters are usually compressed.
Command Processing
35
FTP uses the control connection to establish a
communication between the client control process
and the server control process.
During this communication, the commands are sent
from the client to the server and the responses are
sent from the server to the client.
Commands
36
Commands are sent from the FTP client control process.
are in the form of ASCII uppercase, which may or may
not be followed by an argument.
commands are divided into six groups:
access commands
file management commands
data formatting commands
port defining commands
file transferring commands
miscellaneous commands
Responses
37
Every FTP command generates at least one
response.
A response has two parts: a three digit number
followed by text.
The numeric part defines the code.
The
first digit defines the status of the command.
The second digit also defines the status of the command
The third digit provides additional information
the text part defines needed parameters or extra
explanations.
File Transfer
38
file transfer in FTP means one of three things:
Retrieving:
Storing:
A file is to be copied from the server to the client.
It is done under the supervision of the RETR command.
A file is to be copied from the client to the server.
It is done under the supervision of the STOR command.
List:
A list of directory or file names is to be sent from the server to
the client.
This is done under the supervision of the LIST command.
FTP treats a list of directory or file names as a file.
File Transfer
39
Example: using FTP for retrieving a list of items in a directory
40
Example: an actual FTP session
41
Example: how an image (binary) file is stored
42
Anonymous FTP
43
To use FTP, a user needs an account (user name) and a
password on the remote server.
Some sites have a set of files available for public access, to
enable anonymous FTP.
To access these files, a user does not need to have an
account or password.
the user can use anonymous as the user name and guest as the
password.
User access to the system is very limited. Some sites allow
anonymous users only a subset of commands.
For example, most sites allow the user to copy some files,
but do not allow navigation through the directories.
Example
44
Security for FTP
45
The FTP protocol was designed when the security was
not a big issue.
FTP requires a password, the password is sent in
plaintext (unencrypted), which means it can be
intercepted and used by an attacker.
The data transfer connection also transfers data in
plaintext, which is insecure.
The solution is by adding a Secure Socket Layer
between the FTP application layer and the TCP layer.
is called SSL-FTP.
The sftp Program
46
Another way to transfer files using a secure channel
is to use another independent protocol called sftp
(secure file transfer protocol).
This is actually a program in Unix called sftp that is
part of the SSH (Secure Shell)protocol.
When SSH has established a secure connection
between an SSH client and an SSH server, sftp can
be used.