Software Security Chapter 15. Internet Services and Email ( This question needs

Question

Software Security

Chapter 15. Internet Services and Email

(This question needs Wireshark). Locate a series of packets that retrieve an email message from a mailbox. To answer this question, install Wireshark (https://www.wireshark.org/download.html) and run the attached Wireshark capture file c15-1.pcap.

Capture File ( https://www.dropbox.com/s/xkfzekvd9re7cd5/c15-1.pcap?dl=0 )

a. What frame numbers perform the 3-way handshake to open the connection?

b. What mailbox protocol does the mail program use?

c. What is the host name and/or IP address of the email server?

d. Is there a password or other authentication measure used? If so, identify the frame number, or numbers, and describe what happens.

e. Identify the frame number of the first packet that retrieves an email message.

Explanation / Answer

a. To establish a connection, each device must send a SYN and receive an ACK for it from the other device. Thus, conceptually, we need to have four control messages pass between the devices. However, it's inefficient to send a SYN and an ACK in separate messages when one could communicate both simultaneously. Thus, in the normal sequence of events in connection establishment, one of the SYNs and one of the ACKs is sent together by setting both of the relevant bits (a message sometimes called a SYN+ACK). This makes a total of three messages, and for this reason the connection procedure is called a three-way handshake.

b. A mail server is a computer that sends, receives and stores e-mail for users. Almost every Internet Service Provider (ISP) includes at least one mailbox on their mail server as part of their basic service. Each mailbox on the server has a unique name which is usually, but not always, the logon name you use to connect to your ISP. Each mailbox also is associated with a unique e-mail address which usually consists of your logon name combined with the ISP's domain name in the form logon-name@example.com. To access mail on a server, you use a computer program called a mail client, or mail reader, such as Outlook Express.

c.  POP & IMAP servers are used to retrieve your email from Hushmail. If your email software asks you to choose between POP or IMAP, we recommend choosing IMAP.

IMAP server

Server hostname: imap.hushmail.com
Port number: 993

you can verify the IP address of your mail server by executing ping mail.your_domainname.com command in the command prompt. The command will return IP address of your mail server.

d. A password is a word or string of characters used for user authentication to prove identity or access approval to gain access to a resource. Most people now access all the important areas of their life—banking, shopping, insurance, medical records, and so on—simply by sitting at their computer and typing a username and password into a website. Getting access to something this way is called one-factor authentication, because you need to know only one thing to get into the system.

e. Transmission Control Protocol (TCP) makes sure all packets arrive safely, retransmitting them if necessary. An alternative to TCP is the User Datagram Protocol (UDP), which is an unreliable but fast protocol that is often used for data transfer.

The Internet architecture is made up of five layers that work together. These five layers are, from high to low:

Related Questions

Navigate

• Browse (All)
• Browse S
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.