slides28

Question 1

given FTP aint swag no mo, why is it still used

Answer 1

On the other hand, FTP is still widely implemented (even in Web browsers) as is still often used as it is very efficient at large data transfers

Question 2

wat is envelope in SMTP

Answer 2

HELO gives the name of the client, which can be checked against where the email is actually coming from
MAIL FROM: the sender of the email
RCPT TO: the intended recipient(s) of the email DATA: the start of the message itself

Question 3

talk a bit about SMTP and full stop

Answer 3

The end of the email is indicated by a lone full-stop

Full-stops at the start of lines in the message are stuffed by an extra full-stop

Question 4

why u get people sending emails pretending to be other people

Answer 4

When you receive an email, you have no idea who sent it: the FROM field is useless as it can be anything the sender wants it to be

Question 5

what is checked before sending an email for security

Answer 5

Virus filters: emails are checked for malicious code before they are delivered. These filters need continual updating with the patterns they require to recognise the latest viruses

Question 6

what is checked <b>after <br></br> sending an email for security</b>

Answer 6

Spam filters: emails are checked to see if they are likely to be spam. Spam messages share many distinguishing features as they all have the same purpose: get as many emails to as many people as fast as possible

Question 7

does SSMTP (SMTPS) solve spam

Answer 7

This is SMTP over an encrypted layer SSL/TLS (see later) This gives privacy, but generally not authentication
It makes email secure against being read while in transit, but it does nothing for the spam problem

Question 8

Greylisting

Answer 8

Greylisting is a method of defending e-mail users against spam. A mail transfer agent (MTA) using greylisting will “temporarily reject” any email from a sender it does not recognize. If the mail is legitimate, the originating server will try again after a delay, and if sufficient time has elapsed, the email will be accepted.

Question 9

Realtime Blackhole Lists

Answer 9

Realtime Blackhole Lists (RBLs) list IP addresses whose owners do not stop the proliferation of spam. The RBL usually lists server IP addresses from ISPs whose customers are responsible for the spam and from ISPs whose servers or websites are hijacked for spam sending activities.

Question 10

Sender Policy Framework

Answer 10

Sender Policy Framework (SPF) is an email authentication method designed to detect forged sender addresses in emails (email spoofing), a technique often used in phishing and email spam.

SPF allows the receiver to check that an email claiming to come from a specific domain comes from an IP address authorized by that domain’s administrators.[1] The list of authorized sending hosts and IP addresses for a domain is published in the DNS records for that domain.

Question 11

DomainKeys Identified Mail

Answer 11

DomainKeys Identified Mail (DKIM) is an email authentication method designed to detect forged sender addresses in emails, (email spoofing), a technique often used in phishing and email spam.

DKIM allows the receiver to check that an email claimed to have come from a specific domain was indeed authorized by the owner of that domain.[1] It achieves this by affixing a digital signature, linked to a domain name, to each outgoing email message. The recipient system can verify this by looking up the signer’s public key published in the DNS. A valid signature also guarantees that some parts of the email (possibly including attachments) have not been modified since the signature was affixed.[2] Usually, DKIM signatures are not visible to end-users, and are affixed or verified by the infrastructure rather than the message’s authors and recipients.

Question 12

Network File System

Answer 12

is an approach to providing transparent file sharing
“Transparent” in the sense a user should be unaware whether a particular file is local to the machine or actually somewhere else on the network

Question 13

AFS, InterMezzo, SMB/CIFS

Answer 13

if u gots time look them uppa

Question 14

Remote Procedure Call

Answer 14

The idea of RPC is to make calling a function (procedure) on a remote machine as easy as calling a function on the local machine

networking are hidden from them

Question 15

portmapper

Answer 15

Its purpose is to provide a mapping between RPC services and UDP/TCP port numbers

When NFS starts on the server it registers itself with the portmapper and supplies the portmapper with its port, 2049, say

0. Program number. This tells us which service we want. For example, NFS has assigned number 100003
1. Program version. A service can have several versions, perhaps running different protocols. For example NFS versions 3 and 4 are both commonly used and can be both provided simultaneously
   82/392
2. Procedure number. A service can offer several operations. For example, NFS allows us to create, read, delete, etc., files and this number tells us which operation is required