Advance Computer Network

IMRAN SHAIKH

Computer Engineering | Networking | 2023

Chapter 5 Application Layer Protocols (20 marks)

 World Wide Web and HTTP

 File Transfer: FTP and TFTP
 Electronic Mail:
 Architecture, Web-Based Mail. Email Security-
o SMTP, POP, IMAP.
 MIME
 SNMP.
 Concept of Domain name space, DNS operation.
 DHCP — Static and Dynamic Allocation, DHCP Operation.
 Remote Login: TELNET and SSH.

PAGE 1
World Wide Web (WWW)
 WWW is a repository of information linked together from points all over
the world.
 The WWW has a unique combination of flexibility, portability, and user-
friendly features that distinguish it from other services provided by the
Internet.

WWW Architecture
The WWW today is a distributed client/server service, in which a client using
a browser can access a service using a server. However, the service provided
is distributed over many locations called sites.

Fig. 5.1 Architecture of WWW

Web Client - Browser

o Each site holds one or more documents, referred to as Web pages. The pages
can be retrieved and viewed by using browsers.
o The pages can be retrieved and viewed by using browsers.
o The controller receives input from the keyboard or the mouse and uses the
client programs to access the document. After the document has been
accessed, the controller uses one of the interpreters to display the document
on the screen.
o The client protocol can be one of the protocols described previously such as
FTP or HTTP (described later in the chapter). The interpreter can be HTML,
Java, or JavaScript, depending on the type of document.

PAGE 2
 Fig. 5.2 Web Client - Browser

Web Server
The Web page is stored at the server. Each time a client request arrives, the
corresponding document is sent to the client.

Uniform Resource Locator (URL)

o The uniform resource locator (URL) is a standard for specifying any kind of
information on the Internet.
o The URL defines four things: protocol, host computer, port, and path.
o The protocol is the client/server program used to retrieve the document.
Many different protocols can retrieve a document; among them are FTP or
HTTP. The most common today is HTTP.
o The host is the computer on which the information is located, although the
name of the computer can be an alias.
o Port is inserted between the host and the path, and it is separated from the
host by a colon. Default port for HTTP is port 80. Port field is optional.
o Path is the pathname of the file where the information is located.

Fig. 5.3 URL

PAGE 3
Cookie

World Wide Web was originally designed as a stateless entity - does not
remember information about the clients.
However, today the Web has other functions that need to remember some
information about the clients. To fulfill purpose, the cookie mechanism was
developed.

Cookies are the strings or files created by web server (while client user is
browsing) and placed it at client user’s browser, to save client user behavior.

How cookies created?

 When a website’s server gets a request from a user’s browser, it gathers
information about the user, like the website name, user details (name,
ID, etc.), and the time.

 The server then sends this information back to the user's browser as a
cookie.
 The browser stores the cookie, organizing it based on the website’s
name, so the website can use it again later.

Application of Cookies in a scenario in which the server uses Cookies

for advertisement:

 Advertising agencies use cookies to track users.

 They place banner ads on popular websites, but instead of sending the
actual ad, they provide a link to their own server.
 When a user clicks on the ad, the server sends the banner along with
a cookie that contains the user's ID.
 This cookie helps the agency track the user's web activity and build a
profile of their interests over time.
 The agency can then sell this data to other companies.
 This kind of tracking has raised privacy concerns, and new rules may
be needed to protect user privacy.

PAGE 4
Application of Cookies

PAGE 5
Hyper Text Transfer Protocol (HTTP)
 The Hypertext Transfer Protocol (HTTP) is a Application layer protocol
used mainly to access data on the World Wide Web.
 HTTP uses the services of TCP on well-known port 80.

HTTP Transaction
HTTP Transaction Figure 5.5 illustrates the HTTP transaction between the
client and server. The client initializes the transaction by sending a request
message. The server replies by sending a response.

Fig. 5.5 HTTP transaction

HTTP Request Message

Request Line
The Request-Line begins with a Request type (method), followed by the Request-
URL and the protocol version.

Fig. 5.6 HTTP Request Message

PAGE 6
Headers
 General Header
 Request Header
 Entity Header

General Header

The general header gives general information about the message and can be
present in both a request and a response.

E.g.

Cache-control: to specify information about caching.

Date: to specify current date.

Request Header

It specifies the client's configuration and the client's preferred document

format.

E.g.

Accept: to specify format the client can accept.

Accept-charset: to specify character set the client can handle.

Entity Header

The entity header gives information about the body of the document.

E.g.

Accept: to specify format the client can accept.

Accept-charset: to specify character set the client can handle.

Body of the document

It contains the data that can be sent.

PAGE 7
HTTP Response Message
Status Line
The status-Line begins with a protocol version, then status code and status phrase.

Fig. 5.7 HTTP Response Message

Headers
 General Header
 Response Header
 Entity Header

General Header

The general header gives general information about the message and can be
present in both a request and a response.

E.g.

Cache-control: to specify information about caching.

Date: to specify current date.

Response Header

It specifies the server's configuration and special information about the

request.

E.g.

Server: to specify server name and version number.

PAGE 8
 Entity Header

The entity header gives information about the body of the document.

E.g.

Accept: to specify format the client can accept.

Accept-charset: to specify character set the client can handle.

Body of the document

It contains the data that can be sent.

File Transfer Protocol

 FTP uses the services of TCP. It needs two TCP connections.
 The well-known port 21 is used for the control connection and the well-known
port 20 for the data connection.
 The control connection remains connected during the entire interactive FTP
session.
 The data connection is opened and then closed for each file transferred.
 Control connection is there between client & server Control processes.
 Data connection is there between client & server Data transfer processes.

Fig. 5.8 File Transfer Protocol (FTP)

PAGE 9
Communication over FTP Control Connection
 It uses the 7-bit ASCII character set (see Figure).
 Communication is achieved through commands and responses.
 Each command or response is only one short line, so we need not worry about
file format or file structure.

Fig. 5.9 FTP Control Connection

Communication over FTP Data Connection

 The purpose of the data connection is different from that of the control
connection. It is used to transfer files.
 One of problem is that file structure at client and server may be differ, known
as heterogeneity problem.
 The heterogeneity problem is resolved by defining three attributes of
communication: file type, data structure, and transmission mode.

5.9 FTP Data Connection

PAGE 10
FTP Commands
get [filename]: Downloads a file from the FTP server to your local
directory.

mget [file1 file2 ...]: Downloads multiple files from the server.

put [filename]: Uploads a file from your local machine to the FTP server.

mput [file1 file2 ...]: Uploads multiple files to the FTP server.

delete [filename]: Deletes a file from the FTP server.

rename [oldname] [newname]: Renames a file on the server.

mkdir [directory]: Creates a new directory on the FTP server.

rmdir [directory]: Removes an empty directory on the FTP server.

Main differences between FTP and TFTP are

1. FTP uses TCP port numbers 20 and 21, TFTP uses UDP port number 69.
2. FTP is a complete, session-oriented, general purpose file transfer protocol. TFTP is
used as a special purpose file transfer protocol.
3. FTP can be used interactively. TFTP allows only unidirectional transfer of files.
4. FTP depends on TCP, is connection oriented, and provides reliable control. TFTP
depends on UDP, requires less overhead, and provides virtually no control.
5. FTP provides user authentication. TFTP does not.

NOTE: Kindly explain TFTP by using above comparison points.

PAGE 11
Electronic Mail
Email Architecture
To explain the architecture of e-mail, we give four scenarios.

First Scenario

When the sender and the receiver of an e-mail are on the same mail server,
we need only two user agents.

Second Scenario

When the sender and the receiver of an e-mail are on different mail servers,
we need two UAs and a pair of MTAs (client and server).

Third Scenario

When the sender is connected to the mail server via a LAN or a WAN, we
need two UAs and two pairs of MTAs (client and server).

PAGE 12
Fourth Scenario

When both sender and receiver are connected to the mail server via a LAN
or a WAN, we need two UAs, two pairs of MTAs (client and server), and a
pair of MAAs (client and server).

Fig. 5.10 Email Architecture (Common Scenario)

1. Sender runs a UA program to prepare the message and send it to its own
mail server(step 1,2); message is stored in pool at sender’s mail
server(step 3). (Communication between MTA Client at Senders PC and
MTA server at senders mail server)

PAGE 13
 2. Sender mail server now sent the message to receivers mail server. (step
4,5).(Communication between MTA Client at Senders mail server and
MTA server at receivers mail server).
3. MTA server at Receivers mail server stores messages in to mail boxes
(step 6).
4. When receiver PC request for any message from mail box, it act as a
MAA client to request message and receivers mail server as a MAA
server to serve that message to receivers PC (MAA client).

NOTE:

Kindly explain only fourth scenario for question asking for ‘Email
Architecture’.

Email Components

o User Agent
o Mail Transfer Agent
o Mail Access Agent

User Agent (UA)

 The first component of an electronic mail system is the user agent (UA).
 It provides service to the user to make the process of sending and receiving a
message easier.
 Some examples of GUI-based user agents are Eudora, Outlook, And Netscape.
 UA provide following services as shown in figure.

Fig. 5.11 User Agent Services

Message Transfer Agent (MTA)

 The actual mail transfer is done through message transfer agents (MTAs).

PAGE 14
  To send mail, a system must have the client MTA, and to receive mail, a system
must have a server MTA.
 The formal protocol that defines the MTA client and server in the Internet is
called Simple Mail Transfer Protocol (SMTP).

Message Access Agent (MAA)

 It is responsible for retrieving messages from the receivers mail server and
making them available for reading by the user.
 The MAA does not send emails; it only retrieves and manages the emails stored
on the server.

Simple Mail Transfer Protocol (SMTP)

 SMTP work as a Message Transfer Agent (MTA) in Email Technology.
 SMTP works on port no 25.
 SMTP can transfer only 7 bit ASCII data.
 SMTP transfer the mails from Senders PC to Senders mail server and from
Senders mail server to Receivers mail server as shown in figure.

Fig. 5.12 SMTP

SMTP Working

SMTP works in three steps

 Connection establishment
 Message data transfer
 Connection Termination

PAGE 15
 Fig. 5.13 SMTP working

SMTP Commands

HELO [domain] or EHLO [domain]:

Initiates the conversation with the SMTP server. EHLO is the extended
version and is preferred for modern servers.

Example: EHLO example.com

MAIL FROM:<[email protected]>:

Specifies the sender's email address.

Example: MAIL FROM:<[email protected]>

RCPT TO:<[email protected]>:

Specifies the recipient's email address. You can issue multiple RCPT TO
commands if there are multiple recipients.

PAGE 16
 Example: RCPT TO:[email protected]

DATA:

Signals the server that message content is about to be sent. After issuing
this command, you type the message body and end with a single period . on
a line by itself.

QUIT:

Ends the SMTP session and disconnects from the server.

Post Office Protocol 3 (POP3)

POP3 is a standard protocol used for retrieving emails from a remote server to a
local client. It is designed to enable users to download their emails from a mail
server so they can be read locally on a device.

POP3 working

 Connection Establishment
 Retrieving Emails
 Ending the Session

Fig. 5.14 POP3 working

PAGE 17
Internet Message Access Protocol (IMAP)
IMAP is a protocol used for retrieving emails from a mail server to a local client,
such as a computer or mobile device.

It allows users to access and manage their emails directly on the server, making it
particularly useful for accessing email from multiple devices.

IMAP operates at the application layer of the TCP/IP model.

It uses TCP for reliable communication, typically over port 143 for unencrypted
communication and port 993 for IMAPS (IMAP over SSL/TLS).

IMAP4 provides the following extra functions as compare to POP

 A user can check the e-mail header prior to downloading.

 A user can search the contents of the e-mail for a specific string of
characters prior to downloading.
 A user can partially download e-mail. This is especially useful if bandwidth
is limited and the email contains multimedia with high bandwidth
requirements.
 A user can create, delete, or rename mailboxes on the mail server.
 A user can create a hierarchy of mailboxes in a folder for e-mail storage.

Difference between POP3 and IMAP

Parameter POP3 IMAP

POP3 client downloads IMAP client Synchronize with
messages from server and server, allows users to access and
Functionality
then deleted them from manage their emails directly on
server. the server
Less storage required at Server need high storage
Storage
server. capacity.
Offline Access Yes No
Email No cannot manage mails on Yes, emails can be stored in
Management server. folders.
Uses Suitable for Single device use. Suitable for multiple device use.
Port No 110 143

PAGE 18
Difference between SMTP and POP3

Parameter SMTP POP3

Purpose Sending emails Receiving emails
Direction Outgoing Incoming
Connection Persistent Temporary
Port 25 110
Email Storage Does not store emails Download to client.

Multipurpose Internet Mail Extension

In today’s world, emails are not only used to transfer plain text data but also we can
transfer images, audio files, video files as well, more we need to transfer mails in other
languages other than English. To encode complex type of content, email system need
Non ASCII data. However, the problem is that SMTP cannot transfer Non ASCII data.
To solve it MIME protocol is introduced which converts Non ASCII data into 7bit ASCII
data that can be transfer by SMTP.

MIME is a standard protocol that support SMTP to transfer Non ASCII data.

Fig. 5.15 Role of MIME

MIME extends the basic SMTP (Simple Mail Transfer Protocol) used for email by adding
headers to indicate the nature of the content within the email. These headers help the
receiving email client understand how to process and display the message.

PAGE 19
MIME Header

MIME-Version:

Indicates the version of MIME being used. Typically, this is MIME-Version: 1.0.

Content-Type:

Describes the type of content in the message, such as text/plain, text/html,

image/jpeg, application/pdf, etc.

Single-Part Message: If an email contains only one type of content (e.g., just
plain text), it can have a single part with a Content-Type header.

Multipart Message: For emails with attachments or multiple content types,

Content-Type is set to multipart/mixed, multipart/alternative, or other
multipart types. Each part is separated by a boundary marker.

Content-Transfer-Encoding:

Specifies how the content is encoded for transmission. Common methods include
base64 and quoted-printable, which ensure that binary data can be safely
transmitted over text-based email systems.

Content-Description:

Extual explanation of non-textual contents

Fig. 5.16 MIME Header

PAGE 20
MIME Content Transfer Encoding
Base64
It divides the input data into groups of 3 bytes (24 bits) and splits them into 4 groups
of 6 bits each.

Decimal value of each 6-bit group is then mapped to a character from a Base64 table.

Fig. 5.17 Base64 Conversion process

table. Base64 converting table (No need to present in theory paper)

PAGE 21
Quoted Printable
 It keeps 7bit ASCII characters (like A-Z, a-z, 0-9, and common punctuation) as
they are.
 Non-ASCII characters (characters with byte values greater than 127) are
converted to the = sign followed by two hex digits, as shown in diagram.

Fig. 5.18 Quoted Printable

PAGE 22
Question:

Describe Email security over non-secure channel.

Answer:

Email security over a non-secure channel involves protecting email content and data
when it is transmitted over networks that don't inherently provide encryption or
confidentiality.

Since email protocols like SMTP (Simple Mail Transfer Protocol) do not encrypt data
by default, several methods and tools are used to secure email communications, even
when sent over non-secure channels.

Methods to secure email

 Transport Layer Security (TLS) Protocol

 Pretty Good Privacy (PGP)
 Secure MIME (S-MIME)

Pretty Good Privacy

Sender Site (Encryption Process):

 The sender generates a random symmetric key (also called a session key) to
encrypt the email using a fast symmetric encryption algorithm (e.g., AES).
 This session key is then encrypted with the recipient's public key using asymmetric
encryption (e.g., RSA).
 Email is hashed and a digest is created, then email digest is encrypted using
private key of sender.
The encrypted session key, Email digest and the encrypted Email are sent to the
recipient.

Receiver Site (Decryption Process)

 The recipient first uses their private key to decrypt the session key.
 The decrypted session key is then used to decrypt the actual email message.
Recipient hash the email message to create email digest at receiver side.
 The recipient decrypt email digest received from sender using public key of sender,
then compare email digest from sender with email digest generated at its own site,
if match is found email is accepted otherwise email is discarded.

PAGE 23
Fig. 5.19 PGP Working (Email Security)

PAGE 24
TELNET
 TELNET is an abbreviation for TErminaL NETwork. It is the standard TCP/IP
protocol for virtual terminal service, which runs at port no 23.
 TELNET enables the establishment of a connection to a remote system in such a
way that the local terminal appears to be a terminal at the remote system.
 There are two parties involved TELNET Client and TELNET server.
 TELNET client, which transforms the characters to a universal character set called
network virtual terminal (NVT) characters and delivers them to the local TCP/IP
protocol stack.

Fig. 5.20 TELNET Working

 The commands or text, in NVT form, travel through the Internet and arrive at the
TCP/IP stack at the remote machine. Here the characters are delivered to the
operating system and passed to the TELNET server, which changes the characters
to the corresponding characters understandable by the remote computer, which is
understandable by OS of remote machine.

Secure Shell (SSH)

 SSH, also known as Secure Shell or Secure Socket Shell, is a network protocol that
provides administrators with a secure way to access a remote computer.
 SSH establishes a cryptographically secured connection between two parties(client
and server), authenticating each side to the other.
 SSH protocol uses symmetric encryption, asymmetric encryption and hashing in
order to secure transmission of information. The SSH connection between the
client and the server happens in three stages:
o Verification of the server by the client.
o Generation of a session key to encrypt all the communication.
o Authentication of the client.

PAGE 25
 Fig. 5.21 SSH Components

Dynamic Host Configuration Protocol (DHCP)

To handle automated address assignment, the IETF has designed a new protocol.
Known as the Dynamic Host Configuration Protocol (DHCP), the new protocol
extends BOOTP in two ways. First, DHCP allows a computer to acquire all the
configuration information it needs, in a single message.
DHCP Operation

DHCP Server
DHCP Client

DISCOVER

OFFER

REQUEST

ACK

Fig. 5.21 DHCP Operation

Message Detail
Discover This is message sent by DHCP client to discover a DHCP server.
Sent by DHCP server to lease unique IP address and other parameters
Offer
needed to client.
Sent by DHCP client asking server to lease parameters listed in Offer
Request
message.
Sent by DHCP server to assign IP address, mask, default router & DNS
Acknowledgement server address to client.

PAGE 26
Simple Network Management Protocol (SNMP)
The Simple Network Management Protocol (SNMP) is a framework for managing
devices in an internet using the TCP-IP protocol suite.
SNMP uses the concept of manager and agent. That is, a manager, usually a host,
controls and monitors a set of agents, usually routers.

Fig. 5.22 SNMP

Management with SNMP is based on three basic ideas:

 A manager checks an agent by requesting information that reflects the
behaviour of the agent.
 A manager forces an agent to perform a task by resetting values in the agent
database.
 An agent contributes to the management process by warning the manager of
an unusual situation.

Management Components

Fig. 5.23 Management Components

PAGE 27