INTRO TO ICQ
What is ICQ? Well ICQ, standing for I Seek You, is a real time
messaging program. Unlike e-mail, ICQ is a messaging protocol which
is real time. When you send the message, if the corresponding user is
online, he receives it instantly along with a signaling tone. The
person might then choose to respond which and upon clicking send you
would receive his response. ICQ also has numerous other features the
most useful of which are multi-person chat as well as file transfers.
INTRO TO NETWORKING (TCP/IP) -- THE INTERNET
ICQ is a client/server application. In fact each and every copy of
ICQ is a server as well as a client. A server is basically defined as
a program which sits and waits for someone to contact it. A client is
defined as a program which actually makes the connection request.
Sort of like someone waiting for a call is a server, like 1-900-???-
???? and every call to that number is a client. All network programs
are designed in a client server manner. Web browsers are clients, e-
mail clients are obviously clients... ICQ is both (client & server).
The TCP/IP protocol, which the internet is made up of, consists of
two main transport protocols. The TCP (Transport Control Packet) and
UDP (User Datagram Packet). There are advantages and disadvantages to
each. The TCP protocol is a connection oriented error less protocol.
If you create a TCP connection between me and you, I send information
down my end of the pipe -- you will receive it, we do not know how it
is routed over the net but it will get there and it is guaranteed to
do so. UDP is sort of like the mail -- where you send the message but
you are not sure it got to the receipiant. Yes, it usually gets there
but you cannot guarantee it. Therefore you should be able to see that
TCP traffic requires a connection. You dump in one end of the pipe
and TCP/IP automatically addresses the packets, sends them off,
resequences it such that the receipiant receives the exact same
message. UDP stamps each packet and lets it go its merry way. ICQ
uses both protocols for different tasks.
Browsers use the TCP protocol to connect to a web server on port 80
where they transmit some control information and the web server will
return a web page. The connection then terminates. Telnet also uses
TCP protocol, as well as SMTP, POP3 and FTP. Haven't you ever tried
to telnet to port 80 on a web server? Or telnet to port 21 on an FTP
server. You can send fake e-mail by telneting to port 25 on an SMTP!
HOW DOES ICQ WORK?
When you ICQ other users you create a stable TCP connection to that
user's IP address. This connection, even after the message has been
sent, is kept open for the remaining session of ICQ. You can go to
DOS right now and run NETSTAT; it will tell you which connections are
currently open. ICQ more friends and notice the open connections
increase. That is how ICQ messages people, via the TCP protocol. If
you send another message to the same user in the same session of ICQ
(eg you didn't reboot or restart ICQ) the message will use that same,
previously opened, TCP connection to send the data. The chat and file
transfer works the same way.
Now how do these ICQ lists work and what does the icq.mirabilis.com
server have to do with anything? Although peers communicate through
ICQ via the TCP protocol, each ICQ client (the ICQ program)
communicates to icq.mirabilis.com via the UDP protocol. Basically
they sent discrete packets to the server and the server responds with
discrete packets. The minute you go online with ICQ you your entire
user list to icq.mirabilis.com. irc.mirabilis.com then responds
(usually within seconds) telling you whether each user is
online/offline or what. After that icq.mirabilis.com will let you
know if anyone's status changes. In order to decrease the load on the
main ICQ server, they used UDP such that the server would not have to
have thousands upon thousands of TCP connections open, and idle. I
guess they don't care if you PC does that though =).
WHAT IS A PROXY/FIREWALL?
Now I don't claim to know firewalls or proxies all that well but I'll
give you my definition of a proxy, or the most common proxies I've
encountered. You can see how every PC on the internet has the
potention of being a server and malicious hackers can technically
find holes in the security of your personal PC and crash it or what
not. Hence most corporations decide to put up a firewall and use
proxies to get through the firewall. What a firewall or proxy
generally does is they route all the flow of the entire corporation
through one computer (or set of computers) which has access to the
intranet and internet. Let's define intranet. Basically an intranet
is a copy of the internet, just set up and shielded from the PCs in
the real world. The corporation puts a little break in the two
networks (intra and inter) and links them together via a firewall or
proxy. Now any communication between these two separate networks must
occur via those PCs.
Now how do we communicate via this proxy server? Well most people
have web access at work. The web servers on the internet are located
at port 80. So what happens when you are at work and want to talk to
the world outside? You issue a request to communicate to a PC on the
internet, via some software installed on your PC, or you specifying
the actual proxy server in your browser your computer contacts the
proxy and let's it know to issue a TCP oriented connection to port 80
on the computer outside. Some companies seem to let almost any port
through the proxy, 80 for http, 21 for FTP, real video ports, ICQ --
port 4000 and more. Others restrict their employee's access to port
80 and 21 such that they can't do anything else.
Let's just clarify one more thing and inherent proxy with ICQing
through a firewall. You may have noticed in ICQ that sometimes you
have to "send through server". Well ICQ is a client and server
application right? When you send a message (while you are behind a
firewall) to another person on the net. You issue the TCP connection
request to your proxy and establish a connection to the person. You
can send messages without having to see the "send message through
server". Your ICQ program is behaving like a client. But when other
people try to message someone who is behind a firewall, they always
see "send message through server". The reason for this is that in
this case the person behind the firewall is behaving as a server. The
firewall was created to prevent exactly such things. So the only way
to communicate is to send through the server in which case you send a
UDP packet to icq.mirabilis.com and icq.mirabilis.com sends a UDP
packet to the guy behind the firewall. (Actually I am a bit unclear
on how the UDP packet gets through the firewall to you, but in any
case let us assume that the proxy has been configured to act as a UDP
server as well).
This is also the reason why you can't issue a chat with someone
behind a firewall, but if he issues it it works. Because the firewall
will not let any requests through onto the intranet. Now one problem
I've personally had is not being able to have a 3 way chat if one
person is behind a firewall. How does ICQ initiate a 3 way chat?
Well, for 2 people, it creates a TCP connection between then. For 3
people it creates 2 TCP connections for each person! One between each
set of two people. ICQ is configured such that the each connection
person has one client intiated connection and one server initiated
connection. Therefore you can't get a 3 way chat going with someone
behind a firewall.
