Presentation is loading. Please wait.

Presentation is loading. Please wait.

TELE3118 extras For week 7/8. Presentation example.

Similar presentations

Presentation on theme: "TELE3118 extras For week 7/8. Presentation example."— Presentation transcript:

1 TELE3118 extras For week 7/8

2 Presentation example

3 DNS domain config example: – online viewing of DNS queries & responses: m m chrome://net-internals/#dns

4 Wireshark example: Query J More examples at

5 Wireshark example: Response LW

6 DNS retransmission

7 7 DIY: client software Names of programs: Originally “ nslookup ” (name server lookup) Windows: Still called nslookup Linux: nslookup (deprecated) host, dig (“Domain Internet Groper”) Configuration e.g. specify local domain and default servers Through DHCP, or – Windows: Control Panel -> Network Properties – Linux: /etc/resolv.conf Control of name cache: Windows: ipconfig (e.g. with /displaydns and /flushdns options) Linux: name service cache daemon ( nscd ) 31188O

8 Connection: & Keep-Alive: Give control of HTTP/1.1 persistence “ Connection: Close ”: Indicates desire not to persist (without closing TCP connection, which might disrupt flow?) “ Connection: keep-alive ”: Desire to control persistence, e.g. with “ Keep-Alive: 300 ” Persist for 300 sec, despite server default (15 sec for Apache)

9 Extension material follows DNS for firewalling DNS and search Analytics Cookies

10 The Great fireWall of China Uses several mechanisms to filter access 1 is DNS poisoning: Firewall responds to DNS requests with incorrect information e.g. lookup from within China -> from within China which RIPE reports belongs to Esat Telecommunications in IrelandRIPE ReportsReports of banned names appearing with other domain as suffix (e.g. “”) also return incorrect results rather than DNE error. Presumably to hinder proxies ZO

11 DNS and search “The point of I'm Feeling Lucky was to replace the domain name system for navigation” Page said in Both Page and Brin hoped that instead of guessing what was the address of their web destination, they'd just “go to Google.” - S. Levy: In the plex: how Google thinks, works, and shapes our lives, Simon & Schuster, 2011, p

12 12 Referer: † & analytics Would like to track client’s path through web: How did they reach this web site? What path do they take through this site? => Optimise site design site (e.g. minimise steps to purchase, direct clients on desired path) Which pages have stale links to objects that are Not Found? Referer: = URI of page that links to object being requested Referer: line omitted if object not requested via link, e.g. URL entered in browser address bar Web site analytics businesses/software interprets referral paths – May involve embedding links in pages – e.g. Google AnalyticsGoogle Analytics † The HTTP spec includes a typo (“Referer” not “Referrer”) which implementations must now perpetuate

13 Extract of typical access_log Format: Client [date] Request Status Bytes Referer User-Agent discuss [26/Aug/2009:14:17: ] "GET /~tim/zoo/index.html HTTP/1.1" "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; SLCC1;.NET CLR ; Media Center PC 5.0;.NET CLR ;.NET CLR )" [26/Aug/2009:14:18: ] "GET /~tim/zoo/5d8baf3e.pcap HTTP/1.1" "" "Mozilla…" [26/Aug/2009:14:18: ] "GET /~tim/zoo/5d8baf3e.pcap HTTP/1.1" "" "Mozilla…" - - [26/Aug/2009:14:22: ] "GET /~tim/zoo/index.html HTTP/1.1" " US&q=wireshark+snmp+fragments&aq=f&oq=&aqi=" "Mozilla…" - - [26/Aug/2009:14:23: ] "GET /~tim/zoo/b925588b.pcap HTTP/1.1" "" "Mozilla…" crawl - - [09/Sep/2009:20:33: ] "GET /~tim/zoo/index.html HTTP/1.1" "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +" crawl - - [09/Sep/2009:22:20: ] "GET /~tim/zoo/167e2456.pcap HTTP/1.1" "-" "Mozilla…" crawl - - [09/Sep/2009:22:20: ] "GET /~tim/zoo/ pcap HTTP/1.1" "-" "Mozilla…"

14 14 State info for web access User identity √ “shopping basket” of selected goods √ Site personalisation, values for form fields etc √ registration – have they paid for the service, do we know their address, etc × tracking, e.g. newspaper: what advertisements do people who read this sort of article read? → tune advertising for higher impact can raise privacy concerns Load sharing – direct request to preferred server in server farm

15 15 Cookies † Process: 1.Client requests information from server Server responds, including state information 1.Client stores state information, associates it with server 2.Client includes state information with subsequent requests to server Bottom line: Server doesn’t have to store state info. † So named because like an edible cookie that leaves a trail of crumbs, electronic cookies record a trail of past actions, i.e. record state info. aka “handle”, “transaction ID”, or “token”

16 16 Cookies: keeping “state” (cont.) client server usual http request msg usual http response + Set-cookie: 1678 usual http request msg cookie: 1678 usual http response msg usual http request msg cookie: 1678 usual http response msg cookie- specific action cookie- spectific action server creates ID 1678 for user entry in backend database access Cookie file amazon: 1678 ebay: 8734 Cookie file ebay: 8734 Cookie file amazon: 1678 ebay: 8734 one week later: Slide from Kurose and Ross

17 17 Cookies when buying copies of Stevens POST /shopping/BasketAdd.asp HTTP/1.1\r\n... Cookie: BIGipServerdymocks-http= ; ASPSESSIONIDQQQGGWFC=DHHLDGMCJCIFHDKNOCFEEDHJ\r\n \r\n Data (47 bytes) f f d Product_ID= d e 78 3d HTTP/ Continue\r\n Set-Cookie: BIGipServerdymocks-http= ; expires=Wed, 19- Mar :23:28 GMT; path=/\r\n HTTP/ Object moved\r\n Set-Cookie: MSCSProfile=61E4CECF FD87B9817DA5865CB01E8624F84600C0D... POST /Shopping/BasketAdd.asp HTTP/1.1\r\n Cookie: BIGipServerdymocks-http= ; ASPSESSIONIDQQQGGWFC=DHHLDGMCJCIFHDKNOCFEEDHJ; MSCSProfile=61E4CECF FD87B9817DA5865CB01E8624F84600C0D... Data (33 bytes) f f d Product_ID= d d d 3354X... Add volume 2 (ISBN X) to the shopping basket Add volume 1 (ISBN: ) to the shopping basket Server responds by setting 2 cookies

Download ppt "TELE3118 extras For week 7/8. Presentation example."

Similar presentations

Ads by Google