Kozupon.com    
 
 POP3のプロトコル解析!


別にPOP3でなくてもプロトコルで有れば何でも良かったんだけど、まあ、POPが簡素で解りやすいのでtelnetを使った各種プロトコルのアクションで、POP3プロトコルを非常に優秀なパケットキャプチャソフト Wireshark でプロトコルシーケンス図を作って解析してみたい。
通常、能書きは解ったとしても実際のプロトコルの構造がどのようなタイミングなのか?また、コマンドを発行してAckを貰うのもどのようなタイミングなのかというのも目に見えない事なのでシーケンス図というのはとても心強い武器だ。俺は、特に初心者が通信時のデータのやりとりを理解するにはシーケンス図を見ながら理解するのが一番の近道だと思っている。と言うわけで、ここではPOP3プロトコルのコマンド及びプロトコルシーケンス図の説明などしてみたい。

解析用メールサーバ:mail.xxxxxxxxxxxxxxx.co.jp
MTA:Postfix
POP3モジュール:Qpopper


1.定番のtelnetでPOP3ポートへ通信

1)telnetコマンドでPOP3ポートへアクセス
以下のシーケンスは、telnetコマンドでPOP3ポートにアクセスして、メールアカウント及びパスワードを入力してユーザメールボックスをチェックしてメールがなかったので、そのままログアウトした状態を示す。

mity@tommy:~/tmp$ telnet mail.xxxxxxxxxxxxxxx.co.jp pop3
Trying xxx.xxx.xxx.xxx...
Connected to mail.xxxxxxxxxxxxxxx.co.jp.
Escape character is '^]'.
+OK Qpopper (version 4.0.5) at mail.xxxxxxxxxxxxxxx.co.jp starting.
USER hogehoge
+OK Password required for hogehoge.
PASS ********
+OK hogehoge has 0 visible messages (0 hidden) in 0 octets.
LIST
+OK 0 visible messages (0 octets)
.
quit
+OK Pop server at mail.xxxxxxxxxxxxxxx.co.jp signing off.
Connection closed by foreign host.

2)コマンド解説

@ USER : 後に続くユーザ名を送る
A PASS : 後に続くパスワードを送る
B STAT : サーバのステータス(状態:メール数とか総データのさいずとか)をビュー
C LIST : 受信メール一覧ビュー
D RTER : 後に続く数のメールを要求し内容をビューする
E DELE : 後に続く数のメールに削除マーキングする
F NOOP : 何もしない
G RSET : DELEで付けた削除マーキングを外す
H QUIT : アップデート(更新を反映)もしくはセッションクローズ


2.Wiresharkでパケットキャプチャ
インストールとキャプチャ方法は、ここ を参照。
1項のシーケンスのキャプチャ結果が以下である。

No. Time Source Destination Protocol Info
12 12.920439 192.168.3.16 192.168.0.4 DNS Standard query AAAA mail.xxxxxxxxxxxxxxx.co.jp

Frame 12 (84 bytes on wire, 84 bytes captured)
Ethernet II, Src: Megahert_43:c5:67 (00:00:86:43:c5:67), Dst: 3com_7a:9b:b5 (00:50:04:7a:9b:b5)
Internet Protocol, Src: 192.168.3.16 (192.168.3.16), Dst: 192.168.0.4 (192.168.0.4)
User Datagram Protocol, Src Port: 1275 (1275), Dst Port: domain (53)
Domain Name System (query)

No. Time Source Destination Protocol Info
13 12.920717 192.168.0.4 192.168.3.16 DNS Standard query response

Frame 13 (131 bytes on wire, 131 bytes captured)
Ethernet II, Src: 3com_7a:9b:b5 (00:50:04:7a:9b:b5), Dst: Megahert_43:c5:67 (00:00:86:43:c5:67)
Internet Protocol, Src: 192.168.0.4 (192.168.0.4), Dst: 192.168.3.16 (192.168.3.16)
User Datagram Protocol, Src Port: domain (53), Dst Port: 1275 (1275)
Domain Name System (response)

No. Time Source Destination Protocol Info
14 12.977490 192.168.3.16 192.168.0.4 DNS Standard query AAAA mail.xxxxxxxxxxxxxxx.co.jp.xxxxxxxxxxxxxxx.co.jp

Frame 14 (106 bytes on wire, 106 bytes captured)
Ethernet II, Src: Megahert_43:c5:67 (00:00:86:43:c5:67), Dst: 3com_7a:9b:b5 (00:50:04:7a:9b:b5)
Internet Protocol, Src: 192.168.3.16 (192.168.3.16), Dst: 192.168.0.4 (192.168.0.4)
User Datagram Protocol, Src Port: 1275 (1275), Dst Port: domain (53)
Domain Name System (query)

No. Time Source Destination Protocol Info
15 12.977767 192.168.0.4 192.168.3.16 DNS Standard query response, No such name

Frame 15 (153 bytes on wire, 153 bytes captured)
Ethernet II, Src: 3com_7a:9b:b5 (00:50:04:7a:9b:b5), Dst: Megahert_43:c5:67 (00:00:86:43:c5:67)
Internet Protocol, Src: 192.168.0.4 (192.168.0.4), Dst: 192.168.3.16 (192.168.3.16)
User Datagram Protocol, Src Port: domain (53), Dst Port: 1275 (1275)
Domain Name System (response)

No. Time Source Destination Protocol Info
16 12.977927 192.168.3.16 192.168.0.4 DNS Standard query A mail.xxxxxxxxxxxxxxx.co.jp

Frame 16 (84 bytes on wire, 84 bytes captured)
Ethernet II, Src: Megahert_43:c5:67 (00:00:86:43:c5:67), Dst: 3com_7a:9b:b5 (00:50:04:7a:9b:b5)
Internet Protocol, Src: 192.168.3.16 (192.168.3.16), Dst: 192.168.0.4 (192.168.0.4)
User Datagram Protocol, Src Port: 1275 (1275), Dst Port: domain (53)
Domain Name System (query)

No. Time Source Destination Protocol Info
17 12.978175 192.168.0.4 192.168.3.16 DNS Standard query response A xxx.xxx.xxx.xxx

Frame 17 (136 bytes on wire, 136 bytes captured)
Ethernet II, Src: 3com_7a:9b:b5 (00:50:04:7a:9b:b5), Dst: Megahert_43:c5:67 (00:00:86:43:c5:67)
Internet Protocol, Src: 192.168.0.4 (192.168.0.4), Dst: 192.168.3.16 (192.168.3.16)
User Datagram Protocol, Src Port: domain (53), Dst Port: 1275 (1275)
Domain Name System (response)

No. Time Source Destination Protocol Info
18 12.978810 192.168.3.16 xxx.xxx.xxx.xxx TCP 3665 > pop3 [SYN] Seq=0 Len=0 MSS=1460 TSV=7874117 TSER=0 WS=2

Frame 18 (74 bytes on wire, 74 bytes captured)
Ethernet II, Src: Megahert_43:c5:67 (00:00:86:43:c5:67), Dst: 3com_7a:9b:b5 (00:50:04:7a:9b:b5)
Internet Protocol, Src: 192.168.3.16 (192.168.3.16), Dst: xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx)
Transmission Control Protocol, Src Port: 3665 (3665), Dst Port: pop3 (110), Seq: 0, Len: 0

No. Time Source Destination Protocol Info
19 13.001785 xxx.xxx.xxx.xxx 192.168.3.16 TCP pop3 > 3665 [SYN, ACK] Seq=0 Ack=1 Win=5792 Len=0 MSS=1414 TSV=19788419 TSER=7874117 WS=0

Frame 19 (74 bytes on wire, 74 bytes captured)
Ethernet II, Src: 3com_7a:9b:b5 (00:50:04:7a:9b:b5), Dst: Megahert_43:c5:67 (00:00:86:43:c5:67)
Internet Protocol, Src: xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx), Dst: 192.168.3.16 (192.168.3.16)
Transmission Control Protocol, Src Port: pop3 (110), Dst Port: 3665 (3665), Seq: 0, Ack: 1, Len: 0

No. Time Source Destination Protocol Info
20 13.001873 192.168.3.16 xxx.xxx.xxx.xxx TCP 3665 > pop3 [ACK] Seq=1 Ack=1 Win=5840 Len=0 TSV=7874123 TSER=19788419

Frame 20 (66 bytes on wire, 66 bytes captured)
Ethernet II, Src: Megahert_43:c5:67 (00:00:86:43:c5:67), Dst: 3com_7a:9b:b5 (00:50:04:7a:9b:b5)
Internet Protocol, Src: 192.168.3.16 (192.168.3.16), Dst: xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx)
Transmission Control Protocol, Src Port: 3665 (3665), Dst Port: pop3 (110), Seq: 1, Ack: 1, Len: 0

No. Time Source Destination Protocol Info
21 13.110123 xxx.xxx.xxx.xxx 192.168.3.16 POP Response: +OK Qpopper (version 4.0.5) at mail.xxxxxxxxxxxxxxx.co.jp starting.

Frame 21 (135 bytes on wire, 135 bytes captured)
Ethernet II, Src: 3com_7a:9b:b5 (00:50:04:7a:9b:b5), Dst: Megahert_43:c5:67 (00:00:86:43:c5:67)
Internet Protocol, Src: xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx), Dst: 192.168.3.16 (192.168.3.16)
Transmission Control Protocol, Src Port: pop3 (110), Dst Port: 3665 (3665), Seq: 1, Ack: 1, Len: 69
Post Office Protocol

No. Time Source Destination Protocol Info
22 13.110199 192.168.3.16 xxx.xxx.xxx.xxx TCP 3665 > pop3 [ACK] Seq=1 Ack=70 Win=5840 Len=0 TSV=7874150 TSER=19788429

Frame 22 (66 bytes on wire, 66 bytes captured)
Ethernet II, Src: Megahert_43:c5:67 (00:00:86:43:c5:67), Dst: 3com_7a:9b:b5 (00:50:04:7a:9b:b5)
Internet Protocol, Src: 192.168.3.16 (192.168.3.16), Dst: xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx)
Transmission Control Protocol, Src Port: 3665 (3665), Dst Port: pop3 (110), Seq: 1, Ack: 70, Len: 0


Frame 37 (60 bytes on wire, 60 bytes captured)
Ethernet II, Src: Intel_06:e3:1f (00:11:11:06:e3:1f), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Address Resolution Protocol (request)

No. Time Source Destination Protocol Info
38 19.745082 192.168.3.16 xxx.xxx.xxx.xxx POP Request: USER hogehoge

Frame 38 (80 bytes on wire, 80 bytes captured)
Ethernet II, Src: Megahert_43:c5:67 (00:00:86:43:c5:67), Dst: 3com_7a:9b:b5 (00:50:04:7a:9b:b5)
Internet Protocol, Src: 192.168.3.16 (192.168.3.16), Dst: xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx)
Transmission Control Protocol, Src Port: 3665 (3665), Dst Port: pop3 (110), Seq: 1, Ack: 70, Len: 14
Post Office Protocol

No. Time Source Destination Protocol Info
39 19.767762 xxx.xxx.xxx.xxx 192.168.3.16 TCP pop3 > 3665 [ACK] Seq=70 Ack=15 Win=5792 Len=0 TSV=19789095 TSER=7875809

Frame 39 (66 bytes on wire, 66 bytes captured)
Ethernet II, Src: 3com_7a:9b:b5 (00:50:04:7a:9b:b5), Dst: Megahert_43:c5:67 (00:00:86:43:c5:67)
Internet Protocol, Src: xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx), Dst: 192.168.3.16 (192.168.3.16)
Transmission Control Protocol, Src Port: pop3 (110), Dst Port: 3665 (3665), Seq: 70, Ack: 15, Len: 0

No. Time Source Destination Protocol Info
40 19.768290 xxx.xxx.xxx.xxx 192.168.3.16 POP Response: +OK Password required for hogehoge.

Frame 40 (102 bytes on wire, 102 bytes captured)
Ethernet II, Src: 3com_7a:9b:b5 (00:50:04:7a:9b:b5), Dst: Megahert_43:c5:67 (00:00:86:43:c5:67)
Internet Protocol, Src: xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx), Dst: 192.168.3.16 (192.168.3.16)
Transmission Control Protocol, Src Port: pop3 (110), Dst Port: 3665 (3665), Seq: 70, Ack: 15, Len: 36

No. Time Source Destination Protocol Info
50 29.315388 192.168.3.16 xxx.xxx.xxx.xxx POP Request: PASS ********

Frame 50 (81 bytes on wire, 81 bytes captured)
Ethernet II, Src: Megahert_43:c5:67 (00:00:86:43:c5:67), Dst: 3com_7a:9b:b5 (00:50:04:7a:9b:b5)
Internet Protocol, Src: 192.168.3.16 (192.168.3.16), Dst: xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx)
Transmission Control Protocol, Src Port: 3665 (3665), Dst Port: pop3 (110), Seq: 15, Ack: 106, Len: 15
Post Office Protocol

No. Time Source Destination Protocol Info
51 29.371109 xxx.xxx.xxx.xxx 192.168.3.16 TCP pop3 > 3665 [ACK] Seq=106 Ack=30 Win=5792 Len=0 TSV=19790056 TSER=7878201

Frame 51 (66 bytes on wire, 66 bytes captured)
Ethernet II, Src: 3com_7a:9b:b5 (00:50:04:7a:9b:b5), Dst: Megahert_43:c5:67 (00:00:86:43:c5:67)
Internet Protocol, Src: xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx), Dst: 192.168.3.16 (192.168.3.16)
Transmission Control Protocol, Src Port: pop3 (110), Dst Port: 3665 (3665), Seq: 106, Ack: 30, Len: 0

No. Time Source Destination Protocol Info
52 29.374744 xxx.xxx.xxx.xxx 192.168.3.16 POP Response: +OK hogehoge has 0 visible messages (0 hidden) in 0 octets.

Frame 52 (126 bytes on wire, 126 bytes captured)
Ethernet II, Src: 3com_7a:9b:b5 (00:50:04:7a:9b:b5), Dst: Megahert_43:c5:67 (00:00:86:43:c5:67)
Internet Protocol, Src: xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx), Dst: 192.168.3.16 (192.168.3.16)
Transmission Control Protocol, Src Port: pop3 (110), Dst Port: 3665 (3665), Seq: 106, Ack: 30, Len: 60
Post Office Protocol

No. Time Source Destination Protocol Info
53 29.374808 192.168.3.16 xxx.xxx.xxx.xxx TCP 3665 > pop3 [ACK] Seq=30 Ack=166 Win=5840 Len=0 TSV=7878216 TSER=19790056

Frame 55 (60 bytes on wire, 60 bytes captured)
Ethernet II, Src: IntelCor_03:70:9f (00:13:20:03:70:9f), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Address Resolution Protocol (request)

No. Time Source Destination Protocol Info
56 33.212488 192.168.3.16 xxx.xxx.xxx.xxx POP Request: LIST

Frame 56 (72 bytes on wire, 72 bytes captured)
Ethernet II, Src: Megahert_43:c5:67 (00:00:86:43:c5:67), Dst: 3com_7a:9b:b5 (00:50:04:7a:9b:b5)
Internet Protocol, Src: 192.168.3.16 (192.168.3.16), Dst: xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx)
Transmission Control Protocol, Src Port: 3665 (3665), Dst Port: pop3 (110), Seq: 30, Ack: 166, Len: 6
Post Office Protocol

No. Time Source Destination Protocol Info
57 33.235717 xxx.xxx.xxx.xxx 192.168.3.16 TCP pop3 > 3665 [ACK] Seq=166 Ack=36 Win=5792 Len=0 TSV=19790442 TSER=7879175

Frame 57 (66 bytes on wire, 66 bytes captured)
Ethernet II, Src: 3com_7a:9b:b5 (00:50:04:7a:9b:b5), Dst: Megahert_43:c5:67 (00:00:86:43:c5:67)
Internet Protocol, Src: xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx), Dst: 192.168.3.16 (192.168.3.16)
Transmission Control Protocol, Src Port: pop3 (110), Dst Port: 3665 (3665), Seq: 166, Ack: 36, Len: 0

No. Time Source Destination Protocol Info
58 33.235891 xxx.xxx.xxx.xxx 192.168.3.16 POP Response: +OK 0 visible messages (0 octets)

Frame 58 (101 bytes on wire, 101 bytes captured)
Ethernet II, Src: 3com_7a:9b:b5 (00:50:04:7a:9b:b5), Dst: Megahert_43:c5:67 (00:00:86:43:c5:67)
Internet Protocol, Src: xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx), Dst: 192.168.3.16 (192.168.3.16)
Transmission Control Protocol, Src Port: pop3 (110), Dst Port: 3665 (3665), Seq: 166, Ack: 36, Len: 35
Post Office Protocol

No. Time Source Destination Protocol Info
59 33.235944 192.168.3.16 xxx.xxx.xxx.xxx TCP 3665 > pop3 [ACK] Seq=36 Ack=201 Win=5840 Len=0 TSV=7879181 TSER=19790442

Frame 59 (66 bytes on wire, 66 bytes captured)
Ethernet II, Src: Megahert_43:c5:67 (00:00:86:43:c5:67), Dst: 3com_7a:9b:b5 (00:50:04:7a:9b:b5)
Internet Protocol, Src: 192.168.3.16 (192.168.3.16), Dst: xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx)
Transmission Control Protocol, Src Port: 3665 (3665), Dst Port: pop3 (110), Seq: 36, Ack: 201, Len: 0

No. Time Source Destination Protocol Info
60 33.258883 xxx.xxx.xxx.xxx 192.168.3.16 POP Continuation

Frame 60 (69 bytes on wire, 69 bytes captured)
Ethernet II, Src: 3com_7a:9b:b5 (00:50:04:7a:9b:b5), Dst: Megahert_43:c5:67 (00:00:86:43:c5:67)
Internet Protocol, Src: xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx), Dst: 192.168.3.16 (192.168.3.16)
Transmission Control Protocol, Src Port: pop3 (110), Dst Port: 3665 (3665), Seq: 201, Ack: 36, Len: 3
Post Office Protocol

No. Time Source Destination Protocol Info
61 33.258956 192.168.3.16 xxx.xxx.xxx.xxx TCP 3665 > pop3 [ACK] Seq=36 Ack=204 Win=5840 Len=0 TSV=7879187 TSER=19790444

Frame 61 (66 bytes on wire, 66 bytes captured)
Ethernet II, Src: Megahert_43:c5:67 (00:00:86:43:c5:67), Dst: 3com_7a:9b:b5 (00:50:04:7a:9b:b5)
Internet Protocol, Src: 192.168.3.16 (192.168.3.16), Dst: xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx)
Transmission Control Protocol, Src Port: 3665 (3665), Dst Port: pop3 (110), Seq: 36, Ack: 204, Len: 0


No. Time Source Destination Protocol Info
65 40.116528 192.168.3.16 xxx.xxx.xxx.xxx TCP 3665 > pop3 [ACK] Seq=42 Ack=235 Win=5840 Len=0 TSV=7880901 TSER=19791130

Frame 65 (66 bytes on wire, 66 bytes captured)
Ethernet II, Src: Megahert_43:c5:67 (00:00:86:43:c5:67), Dst: 3com_7a:9b:b5 (00:50:04:7a:9b:b5)
Internet Protocol, Src: 192.168.3.16 (192.168.3.16), Dst: xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx)
Transmission Control Protocol, Src Port: 3665 (3665), Dst Port: pop3 (110), Seq: 42, Ack: 235, Len: 0

No. Time Source Destination Protocol Info
79 44.396822 192.168.3.16 xxx.xxx.xxx.xxx POP Request: quit

Frame 79 (72 bytes on wire, 72 bytes captured)
Ethernet II, Src: Megahert_43:c5:67 (00:00:86:43:c5:67), Dst: 3com_7a:9b:b5 (00:50:04:7a:9b:b5)
Internet Protocol, Src: 192.168.3.16 (192.168.3.16), Dst: xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx)
Transmission Control Protocol, Src Port: 3665 (3665), Dst Port: pop3 (110), Seq: 42, Ack: 235, Len: 6
Post Office Protocol

No. Time Source Destination Protocol Info
80 44.419210 xxx.xxx.xxx.xxx 192.168.3.16 POP Response: +OK Pop server at mail.xxxxxxxxxxxxxxx.co.jp signing off.

Frame 80 (123 bytes on wire, 123 bytes captured)
Ethernet II, Src: 3com_7a:9b:b5 (00:50:04:7a:9b:b5), Dst: Megahert_43:c5:67 (00:00:86:43:c5:67)
Internet Protocol, Src: xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx), Dst: 192.168.3.16 (192.168.3.16)
Transmission Control Protocol, Src Port: pop3 (110), Dst Port: 3665 (3665), Seq: 235, Ack: 48, Len: 57
Post Office Protocol

No. Time Source Destination Protocol Info
81 44.419309 192.168.3.16 xxx.xxx.xxx.xxx TCP 3665 > pop3 [ACK] Seq=48 Ack=292 Win=5840 Len=0 TSV=7881977 TSER=19791561

Frame 81 (66 bytes on wire, 66 bytes captured)
Ethernet II, Src: Megahert_43:c5:67 (00:00:86:43:c5:67), Dst: 3com_7a:9b:b5 (00:50:04:7a:9b:b5)
Internet Protocol, Src: 192.168.3.16 (192.168.3.16), Dst: xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx)
Transmission Control Protocol, Src Port: 3665 (3665), Dst Port: pop3 (110), Seq: 48, Ack: 292, Len: 0

No. Time Source Destination Protocol Info
82 44.419301 xxx.xxx.xxx.xxx 192.168.3.16 TCP pop3 > 3665 [FIN, ACK] Seq=292 Ack=48 Win=5792 Len=0 TSV=19791561 TSER=7881971

Frame 82 (66 bytes on wire, 66 bytes captured)
Ethernet II, Src: 3com_7a:9b:b5 (00:50:04:7a:9b:b5), Dst: Megahert_43:c5:67 (00:00:86:43:c5:67)
Internet Protocol, Src: xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx), Dst: 192.168.3.16 (192.168.3.16)
Transmission Control Protocol, Src Port: pop3 (110), Dst Port: 3665 (3665), Seq: 292, Ack: 48, Len: 0

No. Time Source Destination Protocol Info
83 44.439322 192.168.3.16 xxx.xxx.xxx.xxx TCP 3665 > pop3 [FIN, ACK] Seq=48 Ack=293 Win=5840 Len=0 TSV=7881982 TSER=19791561

Frame 83 (66 bytes on wire, 66 bytes captured)
Ethernet II, Src: Megahert_43:c5:67 (00:00:86:43:c5:67), Dst: 3com_7a:9b:b5 (00:50:04:7a:9b:b5)
Internet Protocol, Src: 192.168.3.16 (192.168.3.16), Dst: xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx)
Transmission Control Protocol, Src Port: 3665 (3665), Dst Port: pop3 (110), Seq: 48, Ack: 293, Len: 0

No. Time Source Destination Protocol Info
84 44.462289 xxx.xxx.xxx.xxx 192.168.3.16 TCP pop3 > 3665 [ACK] Seq=293 Ack=49 Win=5792 Len=0 TSV=19791565 TSER=7881982

Frame 84 (66 bytes on wire, 66 bytes captured)
Ethernet II, Src: 3com_7a:9b:b5 (00:50:04:7a:9b:b5), Dst: Megahert_43:c5:67 (00:00:86:43:c5:67)
Internet Protocol, Src: xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx), Dst: 192.168.3.16 (192.168.3.16)
Transmission Control Protocol, Src Port: pop3 (110), Dst Port: 3665 (3665), Seq: 293, Ack: 49, Len: 0

Frame12〜Frame22迄は、DNSクエリーを発行して名前解決要求をしてメールサーバの名前解決を行っている。
Frame38で、USERコマンドを発行。
Frame50で、PASSコマンドを発行。
Frame56で、LISTコマンドを発行。
Frame79で、QUITコマンドを発行して終結している。

尚、このキャプチャテキストは、必要な部分のみを表示している。


3.シーケンス・ラダー図を作ってみる

図1は、2項でキャプチャしたPOP3プロトコルを Wireshark でシーケンスラダー図にしたものだ。


  図1

あ)は、POP3のしょっぱなの接続要求確認だ。Qpopperで有るというレスポンスを返している。
い)は、USERコマンドを発行して、パスワード要求を返している。
う)は、PASSコマンドでパスワードを発行して認証要求している。されに、その認証を受けたレスポンスを返している。
え)は、LISTコマンドを発行して、ユーザメールボックスの中のメール一覧を要求している。
お)は、QUITコマンドを発行してセッションクローズへと移行する。

以上


 
 
 



Copyright 2005 Kozupon.com.