2. OBJECTIVES:
To discuss FTP and two connections used in this protocol:
control connection and data connection.
To discuss six classes of commands sent by the client to establish
communication with the server.
To explain three types of file transfer transferred by FTP.
To show some user-friendly commands used by some FTP
interfaces.
To discuss anonymous FTP and its application.
To discuss how file transfer can be done using a secure channel.
To discuss TFTP as a simple file transfer protocol without the
complexities and sophistication of FTP.
2
TCP/IP Protocol Suite
3. OBJECTIVES (continued):
To discuss five types of TFTP messages and their applications.
To discuss the sorcerer’s apprentice bug related to TFTP’s flow-
and error-control mechanisms.
To show how TFTP can be used in conjunction with DHCP to
initialize devices by downloading configuration files.
3
TCP/IP Protocol Suite
5. 21-1 FTP
File Transfer Protocol (FTP) is the standard mechanism
provided by TCP/IP for copying a file from one host to
another. Although transferring files from one system to
another seems simple and straightforward, some
problems must be dealt with first. For example, two
systems may use different file name conventions. Two
systems may have different ways to represent text and
data. Two systems may have different directory
structures. All of these problems have been solved by
FTP in a very simple and elegant approach.
5
TCP/IP Protocol Suite
6. Topics Discussed in the Section
Connections
Communication
Command Processing
File Transfer
Anonymous FTP
Security for FTP
The sftp Program
6
TCP/IP Protocol Suite
7. FTP uses the services of TCP.
It needs two TCP connections. The well-
known port 21 is used for the control
connection and the well-known
port 20 for the data connection.
Note
7
TCP/IP Protocol Suite
23. Figure 21.8 shows an example of using FTP for retrieving a list of
items in a directory.
Example 21.1
23
TCP/IP Protocol Suite
24. Figure 21.8 Example 21.1
220 (Service ready)
USER forouzan
LIST /usr/user/forouzan/reports
PASS xxxxxx
125 (Data connection OK)
331 (User name OK. Password?)
PORT 8888
150 (Data connection opens shortly)
230 (User login OK)
1
2
3
4
5
6
7
8
9
List of files or directories
List of files or directories
10
11
QUIT
226 (Closing data connection)
221 (Service closing)
12
13
14
DATA
TRANSFER
24
TCP/IP Protocol Suite
25. The following shows an actual FTP session that parallels Example
21.1. The colored lines show the responses from the server control
connection; the black lines show the commands sent by the client.
The lines in white with black background show data transfer.
Example 21.2
25
TCP/IP Protocol Suite
26. Figure 21.9 shows an example of how an image (binary) file is
stored.
Example 21.3
26
TCP/IP Protocol Suite
27. Figure 21.9 Example 21.3
220 (Service ready)
USER forouzan
TYPE EBCDIC
STRU R
STOR/usr/user/forouzan/reports/file1
PASS xxxxxx
200 (OK)
200 (OK)
250 (OK)
331 (User name OK. Password?)
PORT 1267
150 (Data connection opens shortly)
230 (User login OK)
1
2
3
4
5
6
7
8
9
10
11
12
13
DATA
TRANSFER
Records of file ..........
Records of file ..........
15
14
QUIT
226 (Closing data connection)
221 (Service closing)
16
17
18
27
TCP/IP Protocol Suite
28. We show an example of anonymous FTP. We assume that some
public data are available at internic.net.
Example 21.4
28
TCP/IP Protocol Suite
29. 21-2 TFTP
There are occasions when we need to simply copy a
file without the need for all of the features of the FTP
protocol. For example, when a diskless workstation or a
router is booted, we need to download the bootstrap
and configuration files. Here we do not need all of the
sophistication provided in FTP. We just need a protocol
that quickly copies the files.
29
TCP/IP Protocol Suite
30. Topics Discussed in the Section
Messages
Connection
Data Transfer
UDP Ports
TFTP Example
TFTP Options
Security
Applications
30
TCP/IP Protocol Suite
31. TFTP uses the services of UDP on the
well-known port 69.
Note
31
TCP/IP Protocol Suite
45. OBJECTIVES:
To discuss the architecture of WWW and describe the concepts
of hypertext and hypermedia.
To describe Web clients and Web servers and their components.
To define URL as a tool to identify a Web server.
To introduce three different Web documents: static document,
dynamic document, and active document.
To discuss HTTP and its transactions.
To define and list the fields in a request message.
45
TCP/IP Protocol Suite
46. OBJECTIVES (continued):
To define non-persistent and persistent connections in HTTP.
To introduce cookies and their applications in HTTP.
To discuss Web caching, its application, and the method used to
update the cache.
46
TCP/IP Protocol Suite
48. 22-1 ARCHITECTURE
The WWW today is a distributed client-server service,
in which a client using a browser can access a service
using a server. However, the service provided is
distributed over many locations called sites. Each site
holds one or more documents, referred to as Web
pages. Each Web page, however, can contain some links
to other Web pages in the same or other sites. In other
words, a Web page can be simple or composite.
48
TCP/IP Protocol Suite
49. Topics Discussed in the Section
Hypertext and Hypermedia
Web Client (Browser)
Web Server
Uniform Resource Locator (URL)
49
TCP/IP Protocol Suite
50. Assume we need to retrieve a Web page that contains the
biography of a famous character with some pictures, which are
embedded in the page itself. Since the pictures are not stored as
separate files, the whole document is a simple Web page. It can be
retrieved using one single request/ response transaction, as shown
in Figure 22.1.
Example 22.1
50
TCP/IP Protocol Suite
52. Now assume we need to retrieve a scientific document that
contains one reference to another text file and one reference to a
large image. Figure 22.2 shows the situation. The main document
and the image are stored in two separate files in the same site (file
A and file B); the referenced text file is stored in another site (file
C). Since we are dealing with three different files, we need three
transactions if we want to see the whole document. The first
transaction (request/response) retrieves a copy of the main
document (file A), which has a reference (pointer) to the second
and the third files.
Example 22.2
52
TCP/IP Protocol Suite
54. A very important point we need to remember is that file A, file B,
and file C in Example 22.2 are independent Web pages, each with
independent names and addresses. Although references to file B or
C are included in file A, it does not mean that each of these files
cannot be retrieved independently. A second user can retrieve file
B with one transaction. A third user can retrieve file C with one
transaction.
Example 22.3
54
TCP/IP Protocol Suite
57. 22-2 WEB DOCUMENTS
The documents in the WWW can be grouped into three
broad categories: static, dynamic, and active. The
category is based on the time the contents of the
document are determined.
57
TCP/IP Protocol Suite
58. Topics Discussed in the Section
Static Documents
Dynamic Documents
Active Documents
58
TCP/IP Protocol Suite
60. HTML, XML, XSL, and XHTML are
discussed in Appendix E.
Note
60
TCP/IP Protocol Suite
61. Figure 22.6 Dynamic document using CGI
Request
1
Dynamic document
2
61
TCP/IP Protocol Suite
62. Figure 22.7 Dynamic document using server-site script
Request
1
Dynamic document
2
62
TCP/IP Protocol Suite
63. Dynamic documents are sometimes
referred to as server-site dynamic
documents.
Note
63
TCP/IP Protocol Suite
64. Figure 22.8 Active document using Java applet
Request
1
Result
Run the applet
to get the result
Active document
2
Applet
64
TCP/IP Protocol Suite
65. Figure 22.9 Active document using client-site script
Request
1
Run the JavaScript
(JS) to get the result
Result
2
JavaScript
JS
65
TCP/IP Protocol Suite
66. Active documents are sometimes
referred to as client-site dynamic
documents.
Note
66
TCP/IP Protocol Suite
67. 22-3 HTTP
The Hypertext Transfer Protocol (HTTP) is a protocol
used mainly to access data on the World Wide Web.
HTTP functions like a combination of FTP (Chapter 21)
and SMTP (Chapter 23). It is similar to FTP because it
transfers files and uses the services of TCP. However,
it is much simpler than FTP because it uses only one
TCP connection. There is no separate control
connection; only data are transferred between the
client and the server.
67
TCP/IP Protocol Suite
68. Topics Discussed in the Section
HTTP Transaction
Conditional Request
Persistence
Cookies
Web Caching: Proxy Server
HTTP Security
68
TCP/IP Protocol Suite
69. HTTP uses the services of TCP on well-
known port 80.
Note
69
TCP/IP Protocol Suite
70. Figure 22.10 HTTP transaction
1
Request message
Request line
Headers
Body
A blank line
2
Response message
Status line
Headers
Body
A blank line
70
TCP/IP Protocol Suite
77. This example retrieves a document (see Figure 22.13). We use the
GET method to retrieve an image with the path /usr/bin/image1.
The request line shows the method (GET), the URL, and the HTTP
version (1.1). The header has two lines that show that the client
can accept images in the GIF or JPEG format. The request does
not have a body. The response message contains the status line
and four lines of header. The header lines define the date, server,
MIME version, and length of the document. The body of the
document follows the header.
Example 22.4
77
TCP/IP Protocol Suite
79. In this example, the client wants to send data to the server. We
use the POST method. The request line shows the method
(POST), URL, and HTTP version (1.1). There are four lines of
headers. The request body contains the input information. The
response message contains the status line and four lines of
headers. The created document, which is a CGI document, is
included as the body (see Figure 22.14).
Example 22.5
79
TCP/IP Protocol Suite
81. HTTP uses ASCII characters. The following shows how a client can
directly connect to a server using TELNET, which logs into port 80.
Example 22.6
81
TCP/IP Protocol Suite
82. The following shows how a client imposes the modification data
and time condition on a request.
Example 22.7
The status line in the responds shows the file is not modified after
the defined point of time. The body of the response message is
also empty.
82
TCP/IP Protocol Suite
83. Figure 22.15 shows an example of a nonpersistent connection. The
client needs to access a file that contains two links to images. The
text file and images are located on the same server.
Example 22.8
83
TCP/IP Protocol Suite
88. Figure 22.17 shows a scenario in which an electronic store can
benefit from the use of cookies. Assume a shopper wants to buy a
toy from an electronic store named BestToys. The shopper
browser (client) sends a request to the BestToys server.
Example 22.10
88
TCP/IP Protocol Suite
89. Figure 22.17 Example 22.10
A customer file is
created with ID: 12343
Request
GET BestToys.com HTTP/1.1
1
Response
HTTP/1.1 200 OK
Set-Cookie: 12343
Page Representing the Toys
2
A vendor file is created
with cookie: 12343
Update
3
Request
GET image HTTP/1.1
Response
Cookie: 12343
Cookie
4
HTTP/1.1 200 OK
Page Representing the price
Update
5
Request
GET image HTTP/1.1
Cookie: 12343
Information about the payment
Cookie
6
Response
HTTP/1.1 200 OK
Order confirmation
Update
89
TCP/IP Protocol Suite
91. OBJECTIVES:
To explain the architecture of electronic mail using four
scenarios.
To explain the user agent (UA), services provided by it, and two
types of user agents.
To explain the mechanism of sending and receiving e-mails.
To introduce the role of a message transfer agent and Simple
Mail
Transfer Protocol (SMTP) as the formal protocol that handles
MTA.
To explain e-mail transfer phases.
To discuss two message access agents (MAAs): POP and IMAP.
91
TCP/IP Protocol Suite
92. OBJECTIVES (continued):
To discuss MIME as a set of software functions that transforms
non-ASCII data to ASCII data and vice versa.
To discuss the idea of Web-based e-mail.
To explain the security of the e-mail system.
92
TCP/IP Protocol Suite
93. Chapter
Outline
23.1 Architecture
23.2 User Agent
23.3 Message Transfer Agent
23.4 Message Access Agent
23.5 MIME
23.6 Web-Based Mail
23.7 Electronic Mail Security
93
TCP/IP Protocol Suite
94. 23-1 ARCHITECTURE
To explain the architecture of e-mail, we give four
scenarios. We begin with the simplest situation and add
complexity as we proceed. The fourth scenario is the
most common in the exchange of e-mail.
94
TCP/IP Protocol Suite
95. Topics Discussed in the Section
First Scenario
Second Scenario
Third Scenario
Fourth Scenario
95
TCP/IP Protocol Suite
99. When the sender and the receiver of an
e-mail are on different mail servers,
we need two UAs and a pair of MTAs
(client and server).
Note
99
TCP/IP Protocol Suite
101. When the sender is connected to the
mail server via a LAN or a WAN, we
need two UAs and two pairs of MTAs
(client and server).
Note
101
TCP/IP Protocol Suite
103. When both sender and receiver are
connected to the mail server via a LAN
or a WAN, we need two UAs, two pairs of
MTAs (client and server), and a pair of
MAAs (client and server). This is the
most common situation today.
Note
103
TCP/IP Protocol Suite
105. 23-2 USER AGENT
The first component of an electronic mail system is the
user agent (UA). It provides service to the user to
make the process of sending and receiving a message
easier.
105
TCP/IP Protocol Suite
106. Topics Discussed in the Section
Services Provided by a User Agent
User Agent Types
Sending Mail
Receiving Mail
Addresses
Mailing List or Group List
106
TCP/IP Protocol Suite
107. Some examples of command-driven
user agents are mail, pine, and elm.
Note
107
TCP/IP Protocol Suite
108. Some examples of GUI-based user
agents are Eudora, Outlook,
And Netscape.
Note
108
TCP/IP Protocol Suite
111. 23-3 MESSAGE TRANSFER AGENT
The actual mail transfer is done through message
transfer agents (MTAs). To send mail, a system must
have the client MTA, and to receive mail, a system must
have a server MTA. The formal protocol that defines the
MTA client and server in the Internet is called Simple
Mail Transfer Protocol (SMTP). As we said before, two
pairs of MTA client-server programs are used in the
most common situation (fourth scenario). Figure 23.8
shows the range of the SMTP protocol in this scenario.
111
TCP/IP Protocol Suite
112. Topics Discussed in the Section
Commands and Responses
Mail Transfer Phases
112
TCP/IP Protocol Suite
120. Let us see how we can directly use SMTP to send an e-mail and
simulate the commands and responses we described in this
section. We use TELNET to log into port 25 (the well-known port
for SMTP). We then use the commands directly to send an e-mail.
In this example, forouzanb@adelphia.net is sending an e-mail to
himself. The first few lines show TELNET trying to connect to the
adelphia mail server.
Example 23.1
After connection, we can type the SMTP commands and then
receive the responses as shown below. We have shown the
commands in black and the responses in color. Note that we have
added for clarification some comment lines, designated by the “=”
sign. These lines are not part of the e-mail procedure.
120
TCP/IP Protocol Suite
122. 23-4 MESSAGE ACCESS AGENT
The first and the second stages of mail delivery use
SMTP. However, SMTP is not involved in the third
stage because SMTP is a push protocol; it pushes the
message from the client to the server. In other words,
the direction of the bulk data (messages) is from the
client to the server. On the other hand, the third stage
needs a pull protocol; the client must pull messages
from the server. The direction of the bulk data are from
the server to the client. The third stage uses a message
access agent.
122
TCP/IP Protocol Suite
126. 23-5 MIME
Electronic mail has a simple structure. Its simplicity,
however, comes with a price. It can send messages only in
NVT 7-bit ASCII format. In other words, it has some
limitations. Multipurpose Internet Mail Extensions (MIME)
is a supplementary protocol that allows non-ASCII data to
be sent through e-mail. MIME transforms non-ASCII data
at the sender site to NVT ASCII data and delivers it to
the client MTA to be sent through the Internet. The
message at the receiving site is transformed back to the
original data.
126
TCP/IP Protocol Suite
135. 23-6 WEB-BASED MAIL
E-mail is such a common application that some
websites today provide this service to anyone who
accesses the site. Three common sites are Hotmail,
Yahoo, and Google. The idea is very simple. Let us go
through two cases:
135
TCP/IP Protocol Suite
136. Topics Discussed in the Section
Case I
Case II
136
TCP/IP Protocol Suite
137. Figure 23.19 Web-based e-mail, case 1
1
2
3
4
HTTP
transactions
137
TCP/IP Protocol Suite
138. Figure 23.20 Web-based e-mail, case 2
HTTP
transactions
HTTP
transactions
1 2 3
138
TCP/IP Protocol Suite
139. 23-6 E-MAIL SECURITY
The protocol discussed in this chapter does not
provide any security provisions per se. However, e-mail
exchanges can be secured using two application-layer
securities designed in particular for e-mail systems.
Two of these protocols, Pretty Good Privacy (PGP)
and Secure MIME (SMIME) are discussed in Chapter 30
after we have discussed the basic network security.
139
TCP/IP Protocol Suite