Introduction A powerful tool for network troubleshooting but also a potential weakness from an Information Assurance perspective is the ability to communicate directly with an application simply by addressing its well-known port. Unless the protocol being used includes provision for access control or access is restricted externally to the protocol (using a firewall, for example) the remote client can obtain any service specified by the protocol. Two such applications which use human readable protocols are HTTP and SMTP. For this assignment you will use telnet to establish the direct port connection and emulate a client using each of these two protocols. Activities and Deliverables A. Emulating a Web Browser 1. Use Telnet to connect to Google or other commonly available Internet address via port 80. 2. Send an HTTP GET request for the default page. a. If you get a prompt for username and password that probably means you are not telnetting to port 80. 3. Include a copy of up to 25 lines of what is received back with your paper. 4. Answer the following questions in your submitted paper: a. What is the last modified date of the object received? b. What Web server process software is used by the host of the Web site? C. Discussion The protocols for both SMTP and HTTP have been designed as a structured syntactic dialogue, which makes programming and troubleshooting much easier because the protocols are both human- and machine-readable. Use of such a syntax has implications in the area of information assurance and this exercise is partially intended to make you aware of just how easy it is to take advantage of such a design. It is likewise arguable that making these protocols this "simple" is one of the reasons they have become widely adopted and fairly firmly entrenched from a practical viewpoint. D. Written Assignment Prepare a brief paper (suggested length of two to four pages) reporting on your activities in accomplishing these tasks and the level of difficulty you associate with them. Include in your paper a discussion of the plusses and minuses of this structured syntactic dialogue as a means of standardizing a protocol. How many of the negatives that you identify exist for any protocol standardization and not just for this approach? Include an analysis of the security and privacy implications of the "simple" nature of these protocols. What measures can be employed to mitigate the risks posed by the design? This part of your paper should be at least two or three paragraphs in length. Appendix 1: HTTP and Conditional GET Message Syntax Note that when using Telnet to connect to port 80, you must remember that HTTP was designed as a protocol for machine-to-machine communication. Because a carriage return by itself is interpreted as the end of a command stream and the connection is usually set up to close after executing one command stream, sending an extra return will usually terminate your Telnet session. Additionally, characters are.