CS2910 Week 7, Lab Today SMTP lab Tuesday (Either today or yesterday) Extra office hour at 11 am (right after lab) Friday Office hour cancelled SE-2811.

Slides:



Advertisements
Similar presentations
Securing Bruce Maggs. Separate Suites of Protocols Protocols for retrieving POP, IMAP, MAPI (Microsoft Exchange) Protocols for sending
Advertisements

J. Wang. Computer Network Security Theory and Practice. Springer 2009 Chapter 5 Network Security Protocols in Practice Part II.
Week 8, Class 3: Model-View-Controller Model-View-Controller Why? What? How? Example: Barnyard Simon for the Web Question: Where should we use the command.
SMTP – Simple Mail Transfer Protocol
How does a simple protocol like the protocol SMTP work 1. Open telnet connection Do remote login to the system you want to send to Note: You.
CPSC 441: FTP & SMTP1 Application Layer: FTP & Instructor: Carey Williamson Office: ICT Class.
EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Simple Mail Transfer Protocol (SMTP) CS-328 Dick Steflik.
Implementing Application Protocols. Overview An application protocol facilitates communication between applications. For example, an client uses.
POP3 Post Office Protocol v.3. Intro The Post Office Protocol (POP) is currently the most popular TCP/IP access and retrieval protocol. It implements.
Introduction 1 Lecture 7 Application Layer (FTP, ) slides are modified from J. Kurose & K. Ross University of Nevada – Reno Computer Science & Engineering.
SIMPLE MAIL TRANSFER PROTOCOL SECURITY Guided By Prof : Richard Sinn Bhavesh Jadav Mayur Mulani.
2: Application Layer1 Chapter 2 Application Layer These slides derived from Computer Networking: A Top Down Approach, 6 th edition. Jim Kurose, Keith Ross.
SMTP, POP3, IMAP.
1 Application Layer Lecture 5 Imran Ahmed University of Management & Technology.
Mail Services.
Intro to Computer Networks Bob Bradley The University of Tennessee at Martin.
Lecturer: Maxim Podlesny Sep CSE 473 File Transfer and Electronic in Internet.
Sending and Receiving Mails
FTP (File Transfer Protocol) & Telnet
Simple Mail Transfer Protocol (SMTP)
©2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn, and Nick Cercone 1 IPSI 2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn,
569 Semantic Web. Dr. J. Lu University of windsor, Project Presentation Encrypted Web service application Encrypted Web Application Presented by:
File Transfer Protocol (FTP)
SE-2840 Dr. Mark L. Hornick1 Web Application Security.
1 SMTP - Simple Mail Transfer Protocol –RFC 821 POP - Post Office Protocol –RFC 1939 Also: –RFC 822 Standard for the Format of ARPA Internet Text.
Data Encryption using SSL Topic 5, Chapter 15 Network Programming Kansas State University at Salina.
Data Communications and Computer Networks Chapter 2 CS 3830 Lecture 8 Omar Meqdadi Department of Computer Science and Software Engineering University of.
Responsible Submitter An SMTP Service Extension IETF 60 San Diego, CA Harry Katz Microsoft Corp. 8/4/2004.
Securing Bruce Maggs. Separate Suites of Protocols Protocols for retrieving POP, IMAP, MAPI (Microsoft Exchange) Protocols for sending
SIMPLE MAIL TRANSFER PROTOCOL. Introduction Simple Mail Transfer Protocol is the standard protocol on the Internet and part of the TCP/IP protocol.
CS2910 Week 1, Class 2 Today Announce Prof. Michael Vieau’s S-341 6p Thurs Wk 2 Assignment for tomorrow Data Encoding, Part 1 Parsing Data Muddiest Point.
CS2910 Week 1, Class 1 Today Introductions Class/Lab Layout Safety Review - Note about Lab Safety Review Announce Prof. Michael Vieau’s S-341 6p Thurs.
SIMPLE MAIL TRANSFER PROTOCOL PRADEEP KOLLIPARA SANDEEP PINNAMANENI.
How does a simple protocol like the protocol SMTP work 1. open telnet & do remote login in to the system you want to send to.
CS2910 Week 5, Class 2 Today DNS Muddy Points More HTTP Headers Review for Midterm Exam This coming Monday: Midterm Exam SE-2811 Slide design: Dr. Mark.
1 Kerberos n Part of project Athena (MIT). n Trusted 3rd party authentication scheme. n Assumes that hosts are not trustworthy. n Requires that each client.
CS2910 Week 2, Class 1 Today Return Lab 1 Muddiest Points Quiz Parsing Data in Python SE-2811 Slide design: Dr. Mark L. Hornick Content: Dr. Hornick Errors:
SMTP - Simple Mail Transfer Protocol RFC 821
CS440 Computer Networks 1 Neil Tang 12/01/2008.
CS2910 Week 10, Class 1 Today Modular Arithmetic RSA Week 10, Monday Quiz: Potential topics TCP window size & header format Public/private key encryption.
Slides based on Carey Williamson’s: FTP & SMTP1 File Transfer Protocol (FTP) r FTP client contacts FTP server at port 21, specifying TCP as transport protocol.
CS2852 Week 7, Class 1 Today Binary Search Tree Implementing add Implementing find Return Quiz 4 (second attempt) Both sections are graded SE-2811 Slide.
Implementing Secure IRC App with Elgamal By Hyungki Choi ID : Date :
CS2910 Week 4, Class 1 Today Encoding in Python – Review Quiz – Encoding in Python Introduction to HTTP SE-2811 Slide design: Dr. Mark L. Hornick Content:
COMP 431 Internet Services & Protocols
CS2910 Week 7, Class 2 Today Quiz on encodings IMAP Encoding "Internet Messages" Tomorrow Office hour cancelled Monday Quiz on IMAP SE-2811 Slide design:
CS2910 Week 4, Class 2 Today Sit by someone you have not yet worked with this quarter. Learn his/her name if unknown. Turn on your laptop and start Wireshark.
CS2910 Week 3, Class 1 Today What is a protocol? Using TCP in Python Defining methods in Python Long procedure design SE-2811 Slide design: Dr. Mark L.
CS2910 Week 8, Class 2 Today Return Quiz Look at Schedule TCP implementation! Week 8, Monday Quiz on SMTP May include some questions requiring you to interpret.
CS2910 Week 7, Class 1 Today Capturing SMTP with Thunderbird Tomorrow Extra office hour at 11 am (right after lab) Friday Office hour cancelled SE-2811.
CS2910 Week 6, Lab Today Dictionaries in Python SE-2811 Slide design: Dr. Mark L. Hornick Content: Dr. Hornick Errors: Dr. Yoder 1.
Spring 2006 CPE : Application Layer_ 1 Special Topics in Computer Engineering Application layer: Some of these Slides are Based on Slides.
CS2911 Week 6, Lab Today Quiz 3 Review Muddiest Point Finish Lab 6 Start Lab 7 Muddiest Point This week, Lab: Quiz at start of lab Week 7, Monday: Half-Exam.
CS2911 Week 6, Class 2 Today Return Quiz 3 Review Muddiest Point Internet Message ( ) format SMTP IMAP Muddiest Point Week 7, Monday: Half-Exam 2 1.
SMTP - Simple Mail Transfer Protocol POP - Post Office Protocol
CS2911 Week 6, Class 1 Today Map (dict) objects in Python
CS2911 Week 6, Class 1 Today This week, Lab: Quiz at start of lab
Slide design: Dr. Mark L. Hornick
CS2911 Week 6, Class 1 Today Map (dict) objects in Python
Chapter 2: Application layer
Ram Narula For presentation at APNIC 20 in Hanoi
Protocols 2 Key Revision Points.
Kerberos Part of project Athena (MIT).
Slide design: Dr. Mark L. Hornick
CS2911 Week 6, Class 1 Today Map (dict) objects in Python
Slide design: Dr. Mark L. Hornick
Chapter 2 Application Layer
CS2911 Week 8, Class 1 Today Week 8, Lab period Muddiest Point
Presentation transcript:

CS2910 Week 7, Lab Today SMTP lab Tuesday (Either today or yesterday) Extra office hour at 11 am (right after lab) Friday Office hour cancelled SE-2811 Slide design: Dr. Mark L. Hornick Content: Dr. Hornick Errors: Dr. Yoder 1

Muddiest Points what protocol does smtp use to establish an encrypted socket? SSL/TLS What exactly is STARTTLS encryption? SSL/TLS How does the server know when you choose to encrypt the socket? STARTTLS Why does it look like the server is talking so much more then the client in the secure channel SSL/TLS Could we talk a bit more about what encryption is/does? SSL/TLS So, to create an encypted socket, you first create a normal socket, then plug that socket in to the ssl.wrap_socket() method? Python SSL/TLS None Question C - What messages are missing in your wireshark trace? and why? Wireshark SSL/TLS 2 Key: bold – discussed this class; italics – discussed at start; underline – discussed in lecture

Looking Forward Cryptography Videos: (From Week 9) Cryptography in network protocols Public key cryptography Modular arithmetic RSA encryption Encryption: Plaintext -> Ciphertext Decryption: Ciphertext -> Plaintext Both require a "key" SE-2811 Dr.Yoder 3

Unencrypted SMTP without Authentication S: 220 aol.com Simple Mail Transfer Service Ready C: EHLO msoe.edu S: 250-aol.com greets msoe.edu S: 250-8BITMIME S: 250-SIZE S: 250-DSN S: 250 HELP C: MAIL FROM: S: 250 OK SE-2811 Dr.Yoder 4

Unencrypted SMTP without Authentication (cont.) C: RCPT TO: S: 250 OK C: RCPT TO: S: 550 No such user here C: DATA S: 354 Start input; end with. C: Here's my message C: It's a long one C: Now I'm done. But does the server know it? C:. S: 250 OK C: QUIT S: 221 aol.com Service closing transmission channel SE-2811 Dr.Yoder 5

SMTP with STARTTLS and AUTH LOGIN (1) S: 220 aol.com ESMTP MAIL Service ready … C: EHLO msoe.edu S: 250-aol.com Hello [ ] S: 250-PIPELINING S: 250-DSN S: 250-ENHANCEDSTATUSCODES S: 250-STARTTLS S: 250-8BITMIME S: 250 CHUNKING SE-2811 Dr.Yoder 6

SMTP with STARTTLS and AUTH LOGIN (2) C: STARTTLS S: SMTP server ready ---- Everything beyond this point is sent encrypted ---- C: EHLO msoe.edu S: 250-aol.com Hello [ ] S: 250-PIPELINING S: 250-DSN S: 250-ENHANCEDSTATUSCODES S: 250-AUTH LOGIN S: 250-8BITMIME S: 250 CHUNKING SE-2811 Dr.Yoder 7

SMTP with STARTTLS with AUTH LOGIN (3) C: AUTH LOGIN S: 334 VXN1cm5hbWU6 C: c3R1ZGVudEBtc291LmVkdQ== S: 334 UGFzc3dvcmQ6 C: bW9ua2V5 S: Authentication successful C: MAIL FROM: … (The rest is the same as unencrypted) SE-2811 Dr.Yoder 8 "Username:" "Password:" "monkey"

Base64 encoding Use the base64 package, already imported in the lab template. Use RFC 4648 base-64 encoding, as specified in the latest AUTH LOGIN RFC, RFC This is the same as the base-64 encoding defined in RFC 3548.RFC 4954 SE-2811 Dr.Yoder 9

Sending/Receiving Encrypted Data in Python encrypted_socket = ssl.wrap_socket(socket, ssl_version=ssl.PROTOCOL_SSLv23) # Do use this version (SSLv23) SE-2811 Dr.Yoder 10

Sending/Receiving Encrypted Data in Python Some errors if you accidentally receive/send raw/encrypted text when you should send the other: ssl.SSLZeroReturnError: TLS/SSL connection has been closed (EOF) (_ssl.c:590) ssl.SSLError: [SSL: UNKNOWN_PROTOCOL] unknown protocol (_ssl.c:590) ssl.SSLError: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:590) Some errors if you use the wrong protocol: ssl.SSLZeroReturnError: TLS/SSL connection has been closed (EOF) (_ssl.c:590) ssl.SSLEOFError: EOF occurred in violation of protocol (_ssl.c:590) SE-2811 Dr.Yoder 11

SE-2811 Dr. Josiah Yoder 12

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.