Technologia Internetowe - Ćwiczenia 1

Harmonogram Następne
Temat: Wstęp organizacyjny. Podstawowe wiadomości o internecie. E-mail

Zapoznanie się z zasadami przyjętymi na zajęciach

Zasady można znaleźć tutaj.

Issues to be covered

  1. Internet
  2. IP
  3. Domain, Top-level Domains
  4. DNS
  5. ISP
  6. traceroute
  7. Whois
  8. email protocols
  9. features and security of mail
  10. encryption and signing of messages (OpenPGP)
  11. service providers
  12. End-to-End encryption - ProtonMail.com

Activities

  1. Introduction to the topic of classes, providing teaching materials.
  2. Internet overview: how is it constructed, what is IP, what role Internet domains play, what role ISP plays
  3. traceroute
  4. Whois
  5. DNS configuration

Materials for classes

Introduction tasks

Task 1 - traceroute

  1. Using the traceroute tool, find the route from your computer to the websites onet.pl and kurnik.pl.

    $ tracert onet.pl
$ tracert kurnik.pl

    Compare with mtr on Linux.

  2. Use the site http://www.spy-ip.com/ to check where the IP addresses are located, through which the route passes. Try the tracert command also for other websites. Is the route always the way you expect?

Task 2 - Whois

  1. Using the Whois program (called in cmd) find a contact for administrators/domain owners of: amu.edu.pl, google.com, facebook.com.

    $ whois amu.edu.pl

    Is the information always complete? Try the command also for other sites you know.

Task 3 - configuration of the DNS server

  1. Watch a video showing the configuration of the DNS server. What is DNS?

Materials about e-mail

Introduction tasks

Task 1 - SMTP

  1. Log in to the university mail server using the telnet tool

    $ telnet pp.amu.edu.pl 587

  2. Say hello to the server with the command helo.

    helo pp.amu.edu.pl

  3. Try to send a message as to the address of the teacher

    mail from: <rectorof@amu.edu.pl>
rcpt to: <bikol@amu.edu.pl>
    What is the response from the server?

  4. Since the server rejects our request, let us try to login. For this purpose, we will use the extended SMTP-AUTH protocol. The ehlo command returns a list of options supported by the server.

    ehlo pp.amu.edu.pl
auth plain
AHVzZXIAcGFzcw==

    AHVzZXIAcGFzcw== is a base64 encoded login and password. For example, you can do this in the following way.

    $ echo -n -e '\0user\0pass' | base64

  5. Fortunately, the server will reject our request (regardless of providing correct data). Why?

Task 2 - Gmail

  1. Repeat the procedure for Gmail servers (smtp.gmail.com, port 587). What response we get this time. Does the server offer us AUTH PLAIN authentication?

Task 3 - STARTTLS

  1. Most modern servers require at least basic encryption. We will try to send an e-mail using Gmail servers. We will use the following account for this: (base64 encoded: AGR0aW4uMjAxOGxAZ21haWwuY29tAGR0aW5AdWFt).

  2. We establish an encrypted connection with the Gmail server:

    $ openssl s_client -starttls smtp -crlf -connect smtp.gmail.com:587
  3. Did the result of the ehlo command changed?

  4. We log in to the server

    ehlo smtp.gmail.com
auth plain
AGR0aW4uMjAxOGxAZ21haWwuY29tAGR0aW5AdWFt

  5. Then we send the message to your teacher just like in the original SMTP protocol:

    mail from: <dtin.2018l@gmail.com>
rcpt to: <bikol@wmi.amu.edu.pl>
data

  6. Enter the message (do not forget about the period at the end)

    Date: 30 Jan 18 21:21:21
From: dtin.2018l@gmail.com
To: rmiw@amu.edu.pl
Subject: subject

message
.

  7. We finish the session with the quit command.

Task 4 - Experiments with Gmail

  1. Try to change the data in the message body from the previous task. Is it possible to send a message retrospectively or signed as someone else?

Task 5 - Generating OpenPGP keys

  1. Signing and encrypting email is a very important skill. As part of this task, OpenPGP keys will be generated.

  2. To create an OpenPGP key, use the gpg command. The default values of most parameters are appropriate. Please enter correct data (name, surname and email address) - this will be needed for the homework.

    $ gpg --gen-key

  3. The next step will be to add the generated key to the server (instead of 3303CE03 insert your key id):

    $ gpg --send-keys --keyserver keyserver.ubuntu.com 3303CE03

Assessment tasks

Mandatory

Basic tasks are checked automatically, hence it is important to send to the appropriate address and keep the indicated message title. Email is a completely different email account than (how to check it?).

The results of tasks are available in the text file at http://kino.vm.wmi.amu.edu.pl/dtin/######.txt, where ###### is a six-digit student index number.

Task 2.1 - Fake email

Send an e-mail from a given, non-existent address (test@test.pl) and with a retrospective date (January 1, 2000) to the address bikol@wmi.amu.edu.pl. Message title: “[DTIN] Z2.1 ######”, where ###### is a six-digit student index number.

Task 2.2 - PGP signature

Send a digitally signed e-mail by OpenPGP using the OpenPGP certificate generated during classes to bikol@wmi.amu.edu.pl. Message title: “[DTIN] Z2.2 ######”, where ###### is a six-digit student index number. The signature of the message should be placed in the attachment.

Task 2.3 - PGP encyrption

Send an encrypted by OpenPGP e-mail to bikol@wmi.amu.edu.pl using the certificate with key ID : 3303CE03. Message title: “[DTIN] Z2.3 ######”, where ###### is a six-digit student index number.

Extra

Task D2- Remote computer control via email

You need to write a bash script reading an e-mail (in a student-defined form) from a given mailbox and then executing the message’s content as a Bash shell command. The result of calling these commands should also be sent back as an e-mail. The script should be run regularly, eg every minute using the cron utility. The whole should be implemented on the student virtual machine.

Useful tools: