Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS2910 Week 7, Lab Today SMTP lab Tuesday (Either today or yesterday) Extra office hour at 11 am (right after lab) Friday Office hour cancelled SE-2811.

Published byMadeleine Harper Modified over 8 years ago

Similar presentations

Presentation on theme: "CS2910 Week 7, Lab Today SMTP lab Tuesday (Either today or yesterday) Extra office hour at 11 am (right after lab) Friday Office hour cancelled SE-2811."— Presentation transcript:

1 CS2910 Week 7, Lab Today SMTP lab Tuesday (Either today or yesterday) Extra office hour at 11 am (right after lab) Friday Office hour cancelled SE-2811 Slide design: Dr. Mark L. Hornick Content: Dr. Hornick Errors: Dr. Yoder 1

2 Muddiest Points what protocol does smtp use to establish an encrypted socket? SSL/TLS What exactly is STARTTLS encryption? SSL/TLS How does the server know when you choose to encrypt the socket? STARTTLS Why does it look like the server is talking so much more then the client in the secure channel SSL/TLS Could we talk a bit more about what encryption is/does? SSL/TLS So, to create an encypted socket, you first create a normal socket, then plug that socket in to the ssl.wrap_socket() method? Python SSL/TLS None Question C - What messages are missing in your wireshark trace? and why? Wireshark SSL/TLS 2 Key: bold – discussed this class; italics – discussed at start; underline – discussed in lecture

3 Looking Forward Cryptography Videos: (From Week 9) Cryptography in network protocols Public key cryptography Modular arithmetic RSA encryption Encryption: Plaintext -> Ciphertext Decryption: Ciphertext -> Plaintext Both require a "key" SE-2811 Dr.Yoder 3

4 Unencrypted SMTP without Authentication S: 220 aol.com Simple Mail Transfer Service Ready C: EHLO msoe.edu S: 250-aol.com greets msoe.edu S: 250-8BITMIME S: 250-SIZE S: 250-DSN S: 250 HELP C: MAIL FROM: smith@msoe.edu S: 250 OK SE-2811 Dr.Yoder 4

5 Unencrypted SMTP without Authentication (cont.) C: RCPT TO: S: 250 OK C: RCPT TO: frank@aol.com S: 550 No such user here C: DATA S: 354 Start email input; end with. C: Here's my message C: It's a long one C: Now I'm done. But does the server know it? C:. S: 250 OK C: QUIT S: 221 aol.com Service closing transmission channel SE-2811 Dr.Yoder 5

6 SMTP with STARTTLS and AUTH LOGIN (1) S: 220 aol.com ESMTP MAIL Service ready … C: EHLO msoe.edu S: 250-aol.com Hello [10.10.10.10] S: 250-PIPELINING S: 250-DSN S: 250-ENHANCEDSTATUSCODES S: 250-STARTTLS S: 250-8BITMIME S: 250 CHUNKING SE-2811 Dr.Yoder 6

7 SMTP with STARTTLS and AUTH LOGIN (2) C: STARTTLS S: 220 2.0.0 SMTP server ready ---- Everything beyond this point is sent encrypted ---- C: EHLO msoe.edu S: 250-aol.com Hello [10.10.10.10] S: 250-PIPELINING S: 250-DSN S: 250-ENHANCEDSTATUSCODES S: 250-AUTH LOGIN S: 250-8BITMIME S: 250 CHUNKING SE-2811 Dr.Yoder 7

8 SMTP with STARTTLS with AUTH LOGIN (3) C: AUTH LOGIN S: 334 VXN1cm5hbWU6 C: c3R1ZGVudEBtc291LmVkdQ== S: 334 UGFzc3dvcmQ6 C: bW9ua2V5 S: 235 2.7.0 Authentication successful C: MAIL FROM: student@msoe.edu … (The rest is the same as unencrypted) SE-2811 Dr.Yoder 8 "Username:" "student@msoe.edu" "Password:" "monkey"

9 Base64 encoding https://tools.ietf.org/html/rfc4648#section-4 Use the base64 package, already imported in the lab template. Use RFC 4648 base-64 encoding, as specified in the latest AUTH LOGIN RFC, RFC 4954. This is the same as the base-64 encoding defined in RFC 3548.RFC 4954 SE-2811 Dr.Yoder 9

10 Sending/Receiving Encrypted Data in Python encrypted_socket = ssl.wrap_socket(socket, ssl_version=ssl.PROTOCOL_SSLv23) # Do use this version (SSLv23) SE-2811 Dr.Yoder 10

11 Sending/Receiving Encrypted Data in Python Some errors if you accidentally receive/send raw/encrypted text when you should send the other: ssl.SSLZeroReturnError: TLS/SSL connection has been closed (EOF) (_ssl.c:590) ssl.SSLError: [SSL: UNKNOWN_PROTOCOL] unknown protocol (_ssl.c:590) ssl.SSLError: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:590) Some errors if you use the wrong protocol: ssl.SSLZeroReturnError: TLS/SSL connection has been closed (EOF) (_ssl.c:590) ssl.SSLEOFError: EOF occurred in violation of protocol (_ssl.c:590) SE-2811 Dr.Yoder 11

12 SE-2811 Dr. Josiah Yoder 12

Download ppt "CS2910 Week 7, Lab Today SMTP lab Tuesday (Either today or yesterday) Extra office hour at 11 am (right after lab) Friday Office hour cancelled SE-2811."

Similar presentations

Securing Email Bruce Maggs. Separate Suites of Protocols Protocols for retrieving email: POP, IMAP, MAPI (Microsoft Exchange) Protocols for sending email:

Securing Bruce Maggs. Separate Suites of Protocols Protocols for retrieving POP, IMAP, MAPI (Microsoft Exchange) Protocols for sending
J. Wang. Computer Network Security Theory and Practice. Springer 2009 Chapter 5 Network Security Protocols in Practice Part II.

J. Wang. Computer Network Security Theory and Practice. Springer 2009 Chapter 5 Network Security Protocols in Practice Part II.
Week 8, Class 3: Model-View-Controller Model-View-Controller Why? What? How? Example: Barnyard Simon for the Web Question: Where should we use the command.

Week 8, Class 3: Model-View-Controller Model-View-Controller Why? What? How? Example: Barnyard Simon for the Web Question: Where should we use the command.
SMTP – Simple Mail Transfer Protocol

SMTP – Simple Mail Transfer Protocol
How does a simple protocol like the email protocol SMTP work 1. Open telnet connection Do remote login to the system you want to send email to Note: You.

How does a simple protocol like the protocol SMTP work 1. Open telnet connection Do remote login to the system you want to send to Note: You.
CPSC 441: FTP & SMTP1 Application Layer: FTP & Instructor: Carey Williamson Office: ICT 740 Class.

CPSC 441: FTP & SMTP1 Application Layer: FTP & Instructor: Carey Williamson Office: ICT Class.
EECC694 - Shaaban #1 lec #16 Spring2000 5-4-2000 Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.

EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Simple Mail Transfer Protocol (SMTP) CS-328 Dick Steflik.

Simple Mail Transfer Protocol (SMTP) CS-328 Dick Steflik.
Implementing Application Protocols. Overview An application protocol facilitates communication between applications. For example, an email client uses.

Implementing Application Protocols. Overview An application protocol facilitates communication between applications. For example, an client uses.
POP3 Post Office Protocol v.3. Intro The Post Office Protocol (POP) is currently the most popular TCP/IP e-mail access and retrieval protocol. It implements.

POP3 Post Office Protocol v.3. Intro The Post Office Protocol (POP) is currently the most popular TCP/IP access and retrieval protocol. It implements.
Introduction 1 Lecture 7 Application Layer (FTP, e-mail) slides are modified from J. Kurose & K. Ross University of Nevada – Reno Computer Science & Engineering.

Introduction 1 Lecture 7 Application Layer (FTP, ) slides are modified from J. Kurose & K. Ross University of Nevada – Reno Computer Science & Engineering.
SIMPLE MAIL TRANSFER PROTOCOL SECURITY Guided By Prof : Richard Sinn Bhavesh Jadav Mayur Mulani.

SIMPLE MAIL TRANSFER PROTOCOL SECURITY Guided By Prof : Richard Sinn Bhavesh Jadav Mayur Mulani.
2: Application Layer1 Chapter 2 Application Layer These slides derived from Computer Networking: A Top Down Approach, 6 th edition. Jim Kurose, Keith Ross.

2: Application Layer1 Chapter 2 Application Layer These slides derived from Computer Networking: A Top Down Approach, 6 th edition. Jim Kurose, Keith Ross.
SMTP, POP3, IMAP.

SMTP, POP3, IMAP.
1 Application Layer Lecture 5 Imran Ahmed University of Management & Technology.

1 Application Layer Lecture 5 Imran Ahmed University of Management & Technology.
Mail Services.

Mail Services.
Intro to Computer Networks E-Mail Bob Bradley The University of Tennessee at Martin.

Intro to Computer Networks Bob Bradley The University of Tennessee at Martin.
Lecturer: Maxim Podlesny Sep 29 2008 CSE 473 File Transfer and Electronic Email in Internet.

Lecturer: Maxim Podlesny Sep CSE 473 File Transfer and Electronic in Internet.
Sending and Receiving Mails

Sending and Receiving Mails

Similar presentations

Ads by Google