CS 337 Computer Networks
Assignment 1: The Finger User Information Protocol
Due on paper, Monday, 1/10/00.
For this assignment, your
main goal is to understand how a simple client and simple
server communicate using a formally specified communication
protocol. To do so, you'll need to read the specification
and try using it to communicate with real servers.
This sort
of experimentation with existing networks is one of the
best ways to learn about networking in general. But it can
also lead you into potentially dangerous ground with respect
to computer security. Whenever you perform an experiment
on a network, you need to think ahead about ethical
complications, if any.
For example, you should ask yourself
whether your experiments with finger are likely to invade
anyone's privacy, give you unauthorized access to computer
systems, annoy other users, etc. It is not sufficient to
assume that the people who wrote the network software have all
security holes filled. You need to make explicit ethical
judgements and take responsibility for the actions you take.
If you have an experiment
you want to perform, but you think it might cause trouble
of some kind, talk first to me and Mike Tie. In most
cases, we'll either give you the go-ahead, or we'll try
to set up controlled circumstances in which you can perform
your experiment without breaching security.
We'll talk more about ethical issues in computing in the next few days.
To get started, read
RFC 1288: The Finger User Information Protocol. Then, answer the
questions listed below.
You're going to need to experiment with the raw messages
that finger clients and servers send to each other. To do so,
you will use the UNIX command telnet as your
client. To connect to a finger server, type
"telnet hostname 79" at a UNIX prompt where "hostname" is any
Internet host. If a finger server is running on the host in
question, you will now be able to type a finger request, after
which the finger server will send you a response.
Please feel free to work together (groups of two or three people
are okay) on this assignment.
The Questions
- Is finger a Standards-Track protocol? What is its current
standards status?
- How many versions of finger have been published as
RFCs? Two versions of finger are in RFC 1194 and RFC 1196,
published one month apart. What problems made it necessary
for 1194 to give way so quickly to 1196?
Why didn't they just make the corrections directly to 1194?
- What combination of font size and page dimensions enable you to
print out RFCs so that the page breaks occur at the correct places?
(Please use Print Preview rather than actual printing to answer this
question.)
- What's an RUIP?
- One of the following is not a legal finger query.
Which one, and why? For each of the legal queries, explain
the intent of the query--that is, what is each query asking for?
- <CRLF>
- jondich<CRLF>
- /W<CRLF>
- /Wjondich<CRLF>
- @carleton.edu@stolaf.edu<CRLF>
- Let's pretend that the finger server on
atanasoff.mathcs.carleton.edu has forwarding enabled.
Suppose I make a finger connection to
atanasoff and send it the request "@carleton.edu@stolaf.edu@macalester.edu<CRLF>".
Atanasoff's finger server will make a finger connection
to some other machine and send it a request.
- To what machine will atanasoff try to connect, and what
request will it send once connected?
- What am I really asking atanasoff's finger server
to do for me?
- Is forwarding actually enabled on atanasoff?
- What is the "/W" in finger queries for? Does
"/W" have any effect on atanasoff's finger server?
- Is atansoff's finger server
compliant with RFC 1288? Explain your answer.
- At the end of section 2.3, Zimmerman says "As with anything
in the IP protocol suite, `be liberal in what you accept.'" What
does "be liberal in what you accept" mean in this context? "Be liberal
in what you accept" is half of a common networking rule of thumb--what
do you think the other half is?
- In section 3.3, Zimmerman talks about people committing "dastardly
or confusing deeds" using finger. Explain who would be
the victim of such dastardly deeds, who would be the perpetrator,
and how the deeds would be done. How does Zimmerman recommend
these deeds be prevented?
Jeff Ondich,
Department of Mathematics and Computer Science,
Carleton College, Northfield, MN
55057,
(507) 646-4364,
jondich@carleton.edu