chapter 26 remote logging & ftp 1. introduction 2 the main task of the internet is to provide...
TRANSCRIPT
CHAPTER 26REMOTE LOGGING &
FTP1
2
Introduction
The main task of the Internet is to provide services for users.
Among the most popular applications are: remote logging electronic mail file transfer
3
REMOTE LOGGING
In the Internet, users may want to run application programs at a remote site and create results that can be transferred to their local site.
One way to satisfy that demand is to create a client/server application program for each desired service.
The better solution is a general-purpose client/server program that lets a user access any application program on a remote computer;
4
TELNET
TELNET is a general-purpose client/server application program.
TELNET is an abbreviation for TErminaL NETwork.
It is the standard TCP/IP protocol for virtual terminal service as.
proposed by the International Organization for Standards (ISO).
It’s enable the establishment of a connection to a remote .
5
Timesharing Environment
TELNET was designed at a time when most operating systems, were operating in a timesharing environment such as UNIX
In this environment, a large computer supports multiple users.
The interaction between a user and the computer occurs through a terminal (a combination of keyboard, monitor, and mouse).
Even a microcomputer can simulate a terminal with a terminal emulator.
6
Logging
users are part of the system with some right to access resources.
Each authorized user has an identification and password.
The user identification defines the user as part of the system.
To access the system, the user logs into the system with a user id or log-in name and password. to prevent an unauthorized user from accessing
the resources.
7
Local log-in
8
remote log-in
9
Network Virtual Terminal
We are dealing with heterogeneous systems.
If we want to access any remote computer in the world, we must first know what type of computer we will be connected to.
we must also install the specific terminal emulator used by that computer.
TELNET solves this problem by defining a universal interface called the network virtual terminal (NVT) character set.
10
Concept of NVT
11
Network Virtual Terminal
the client TELNET translates characters (data or commands) into NVT form and delivers them to the network.
The server TELNET, on the other hand, translates data and commands from NVT form into the form acceptable by the remote computer.
12
Mode of Operation
Most TELNET implementations operate in one of three modes: default mode. character mode. line mode.
13
Mode of Operation default mode
This mode is used if no other modes are invoked through option negotiation.
In this mode, the echoing is done by the client.
The user types a character, and the client echoes the character on the screen (or printer) but does not send it until a whole line is completed.
14
Mode of Operation character mode
In this mode, each character typed is sent by the client to the server.
The server normally echoes the character back to be displayed on the client screen.
In this mode the echoing of the character can be delayed if the transmission time is long.
It also creates overhead (traffic) for the network because three TCP segments must be sent for each character of data.
15
Mode of Operation line mode
A new mode has been proposed to compensate for the deficiencies of the default mode and the character mode.
In this mode, called the line mode, line editing (echoing, character erasing, line erasing, and so on) is done by the client.
The client then sends the whole line to the server.
16
Security Issue
TELNET suffers from security problems. Although TELNET requires a login name
and password (when exchanging text), often this is not enough.
A microcomputer connected to a broadcast LAN can easily eavesdrop using snooper software and capture a login name and the corresponding password (even if it is encrypted).
17
FILE TRANSFER
File Transfer Protocol (FTP) is the standard mechanism provided by TCP/IP for copying a file from one host to another.
Although transferring files from one system to another seems simple and straightforward.
Before transferring, some problems must be dealt with first, such as: two systems may use different file name conventions. Two systems may have different ways to represent text and
data. Two systems may have different directory structures.
All of these problems have been solved by FTP in a very simple and elegant approach.
18
FILE TRANSFER FTP differs from other client-server
applications in that it establishes two connections between the hosts.
One connection is used for data transfer, the other for control information (commands and responses).
Separation of commands and data transfer makes FTP more efficient.
We need to transfer only a line of command or a line of response at a time.
19
FILE TRANSFER The control connection uses very simple
rules of communication. The data connection, on the other hand,
needs more complex rules due to the variety of data types transferred.
FTP uses two well-known TCP ports: Port 21 is used for the control connection, port 20 is used for the data connection.
20
FTP
21
Control Connection
There are two steps:1. The server issues a passive open on the well-
known port 21 and waits for a client.2. The client uses an ephemeral port and issues an
active open. The connection remains open during the entire
process. The service type, used by the IP protocol, is
minimize delay because this is an interactive connection between a user (human) and a server.
The user types commands and expects to receive responses without significant delay.
22
Opening the control connection
23
Data Connection
The data connection uses the well-known port 20 at the server site.
The following shows how FTP creates a data connection:
1. The client, not the server, issues a passive open using an ephemeral port.
2. The client sends this port number to the server using the PORT command.
3. The server receives the port number and issues an active open using the well known port 20 and the received ephemeral port number.
24
Creating the data connection
25
Data Connection
The data connection is opened and then closed for each file transferred.
It opens each time commands that involve transferring files are used, and it closes when the file is transferred.
While the control connection is open, the data connection can be opened and closed multiple times if several files are transferred.
26
Communication
The FTP client and server, which run on different computers, must communicate with each other.
These two computers may use: different operating systems different character sets different file structures different file formats
FTP must make this heterogeneity compatible. FTP has two different approaches, one for the
control connection and one for the data connection.
27
Communication over Control Connection
FTP uses the same approach as SMTP to communicate across the control connection.
It uses the 7-bit ASCII character set. Communication is achieved through commands
and responses. Each command or response is only one short
line, so we need not worry about file format or file structure.
Each line is terminated with a two-character (carriage return and line feed) end-of-line token.
28
Using the control connection
29
Communication over Data Connection
File transfer occurs over the data connection under the control of the commands sent over the control connection.
We prepare for transmission through the control connection.
The heterogeneity problem is resolved by defining three attributes of communication before sending the file through the data connection : file type data structure transmission mode
30
Using the data connection
31
File Type
FTP can transfer one of the following file types across the data connection: ASCII file. EBCDIC file image file.
The ASCII file is the default format for transferring text files. Each character is encoded using 7-bit ASCII. The sender transforms the file from its own representation into ASCII
characters, and the receiver transforms the ASCII characters to its own representation.
The EBCDIC file used If one or both ends of the connection use EBCDIC encoding (the file format used by IBM).
The image file is the default format for transferring binary files. The file is sent as continuous streams of bits without any interpretation
or encoding. This is mostly used to transfer binary files such as compiled programs.
32
Data Structure
FTP can transfer a file across the data connection by using one of the following interpretations about the structure of the data: file structure: the file is a continuous stream of
bytes. record structure: the file is divided into records.
This can be used only with text files. page structure: the file is divided into pages, with
each page having a page number and a page header.
The pages can be stored and accessed randomly or sequentially.
33
Transmission Mode
FTP can transfer a file across the data connection using one of the following three transmission modes: Stream mode. Block mode. Compressed mode.
Stream mode: This is the default mode. Data are delivered from FTP to TCP as a
continuous stream of bytes. TCP is responsible for chopping data into segments of appropriate size. If the data is simply a stream of bytes (file structure), no end-of-file is
needed. End-of-file in this case is the closing of the data connection by the sender. If the data are divided into records (record structure), each record will
have a 1-byte end-of-record (EOR) character and the end of the file will have a 1-byte end-of-file (EOF) character.
34
Transmission Mode
Block mode: Data can be delivered from FTP to TCP in blocks. Each block is preceded by a 3-byte header. The first byte is
called the block descriptor; the next two bytes define the size of the block in bytes.
Compressed mode: If the file is big, the data can be compressed. The compression method normally used is run-length
encoding. consecutive appearances of a data unit are replaced by
one occurrence and the number of repetitions. In a text file, this is usually spaces (blanks). In a binary file, null characters are usually compressed.
35
Command Processing
FTP uses the control connection to establish a communication between the client control process and the server control process.
During this communication, the commands are sent from the client to the server and the responses are sent from the server to the client.
36
Commands
Commands are sent from the FTP client control process.
are in the form of ASCII uppercase, which may or may not be followed by an argument.
commands are divided into six groups: access commands file management commands data formatting commands port defining commands file transferring commands miscellaneous commands
37
Responses
Every FTP command generates at least one response.
A response has two parts: a three digit number followed by text.
The numeric part defines the code. The first digit defines the status of the command. The second digit also defines the status of the
command The third digit provides additional information
the text part defines needed parameters or extra explanations.
38
File Transfer
file transfer in FTP means one of three things: Retrieving:
A file is to be copied from the server to the client. It is done under the supervision of the RETR command.
Storing: A file is to be copied from the client to the server. It is done under the supervision of the STOR command.
List: A list of directory or file names is to be sent from the
server to the client. This is done under the supervision of the LIST command. FTP treats a list of directory or file names as a file.
39
File Transfer
40
Example: using FTP for retrieving a list of items in a directory
41
Example: an actual FTP session
42
Example: how an image (binary) file is stored
43
Anonymous FTP
To use FTP, a user needs an account (user name) and a password on the remote server.
Some sites have a set of files available for public access, to enable anonymous FTP.
To access these files, a user does not need to have an account or password.
the user can use anonymous as the user name and guest as the password.
User access to the system is very limited. Some sites allow anonymous users only a subset of commands.
For example, most sites allow the user to copy some files, but do not allow navigation through the directories.
44
Example
45
Security for FTP
The FTP protocol was designed when the security was not a big issue.
FTP requires a password, the password is sent in plaintext (unencrypted), which means it can be intercepted and used by an attacker.
The data transfer connection also transfers data in plaintext, which is insecure.
The solution is by adding a Secure Socket Layer between the FTP application layer and the TCP layer. is called SSL-FTP.
46
The sftp Program
Another way to transfer files using a secure channel is to use another independent protocol called sftp (secure file transfer protocol).
This is actually a program in Unix called sftp that is part of the SSH (Secure Shell)protocol.
When SSH has established a secure connection between an SSH client and an SSH server, sftp can be used.