5 th ed: Chapter 17 4 th ed: Chapter 21

Slides:



Advertisements
Similar presentations
Hypertext Transfer PROTOCOL ----HTTP Sen Wang CSE5232 Network Programming.
Advertisements

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
HTTP HyperText Transfer Protocol. HTTP Uses TCP as its underlying transport protocol Uses port 80 Stateless protocol (i.e. HTTP Server maintains no information.
Web basics HTTP – – URI/L/Ns – HTML –
IST 535 Week 1 Class Orientation / Review of Web Basics.
16-Jun-15 HTTP Hypertext Transfer Protocol. 2 HTTP messages HTTP is the language that web clients and web servers use to talk to each other HTTP is largely.
HTTP Hypertext Transfer Protocol. HTTP messages HTTP is the language that web clients and web servers use to talk to each other –HTTP is largely “under.
How the web works: HTTP and CGI explained
Web architecture Dr Jim Briggs Web architecture.
HTTP Exercise 01. Three Internet Protocols IP TCP HTTP Routes messages thru “Inter-network “ 2-way Connection between programs on 2 computers So they.
The World Wide Web and the Internet Dr Jim Briggs 1WUCM1.
Definitions, Definitions, Definitions Lead to Understanding.
2/9/2004 Web and HTTP February 9, /9/2004 Assignments Due – Reading and Warmup Work on Message of the Day.
Hypertext Transport Protocol CS Dick Steflik.
Client, Server, HTTP, IP Address, Domain Name. Client-Server Model Client Bob Yahoo Server yahoo.com/finance.html A text file named finance.html.
 What is it ? What is it ?  URI,URN,URL URI,URN,URL  HTTP – methods HTTP – methods  HTTP Request Packets HTTP Request Packets  HTTP Request Headers.
APACHE SERVER By Innovationframes.com »
Web technologies and programming cse hypermedia and multimedia technology Fanis Tsandilas April 3, 2007.
Web Server Design Week 5 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 2/10/10.
COMP3016 Web Technologies Introduction and Discussion What is the Web?
1 HTML and CGI Scripting CSC8304 – Computing Environments for Bioinformatics - Lecture 10.
HTTP Protocol Specification
Computers: Information Technology in Perspective By Long and Long Copyright 2002 Prentice Hall, Inc. Going Online Chapter Jaana Holvikivi.
FTP (File Transfer Protocol) & Telnet
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
Simple Web Services. Internet Basics The Internet is based on a communication protocol named TCP (Transmission Control Protocol) TCP allows programs running.
Mail (smtp), VoIP (sip, rtp)
HyperText Transfer Protocol (HTTP).  HTTP is the protocol that supports communication between web browsers and web servers.  A “Web Server” is a HTTP.
CSC 2720 Building Web Applications Getting and Setting HTTP Headers (With PHP Examples)
CP476 Internet Computing Lecture 5 : HTTP, WWW and URL 1 Lecture 5. WWW, HTTP and URL Objective: to review the concepts of WWW to understand how HTTP works.
TCP/IP Protocol Suite 1 Chapter 22 Upon completion you will be able to: World Wide Web: HTTP Understand the components of a browser and a server Understand.
2: Application Layer1 CS 4244: Internet Software Development Dr. Eli Tilevich.
Application Layer 2 Figures from Kurose and Ross
Rensselaer Polytechnic Institute Shivkumar Kalvanaraman, Biplab Sikdar 1 The Web: the http protocol http: hypertext transfer protocol Web’s application.
HTTP & Security (Some of the slides in this file were adapted from Oppliger’s online slides at
Maryam Elahi University of Calgary – CPSC 441.  HTTP stands for Hypertext Transfer Protocol.  Used to deliver virtually all files and other data (collectively.
Copyright (c) 2010, Dr. Kuanchin Chen1 The Client-Server Architecture of the WWW Dr. Kuanchin Chen.
Tools for Web Applications. Overview of TCP/IP Link Layer Network Layer Transport Layer Application Layer.
Browser Web Server Users DB 2a. Redirect to login page plugin 1. access a protected page Login Web Server (https) aislogin.cern.ch edh.cern.ch 3a. Set.
1 Introductory material. This module illustrates the interactions of the protocols of the TCP/IP protocol suite with the help of an example. The example.
1 Securing Data and Communication. 2 Module - Securing Data and Communication ♦ Overview Data and communication over public networks like Internet can.
Proxy Lab Recitation I Monday Nov 20, 2006.
HTTP1 Hypertext Transfer Protocol (HTTP) After this lecture, you should be able to:  Know how Web Browsers and Web Servers communicate via HTTP Protocol.
1-1 HTTP request message GET /somedir/page.html HTTP/1.1 Host: User-agent: Mozilla/4.0 Connection: close Accept-language:fr request.
CS 4244: Internet Programming Security 1.0. Introduction Client identification and cookies Basic Authentication Digest Authentication Secure HTTP.
WWW: an Internet application Bill Chu. © Bei-Tseng Chu Aug 2000 WWW Web and HTTP WWW web is an interconnected information servers each server maintains.
Operating Systems Lesson 12. HTTP vs HTML HTML: hypertext markup language ◦ Definitions of tags that are added to Web documents to control their appearance.
2: Application Layer 1 Chapter 2: Application layer r 2.1 Principles of network applications  app architectures  app requirements r 2.2 Web and HTTP.
CITA 310 Section 2 HTTP (Selected Topics from Textbook Chapter 6)
ECMM6018 Enterprise Networking for Electronic Commerce Tutorial 7
The Basics of HTTP Jason Dean
Web Technologies Lecture 1 The Internet and HTTP.
HTTP Here, we examine the hypertext transfer protocol (http) – originally introduced around 1990 but not standardized until 1997 (version 1.0) – protocol.
Web Services. 2 Internet Collection of physically interconnected computers. Messages decomposed into packets. Packets transmitted from source to destination.
Summer 2007 Florida Atlantic University Department of Computer Science & Engineering COP 4814 – Web Services Dr. Roy Levow Part 1 – Introducing Ajax.
Overview of Servlets and JSP
PHP Security Ryan Dunn Jason Pack. Outline PHP Overview PHP Overview Common Security Issues Common Security Issues Advanced Security Issues Advanced Security.
LURP Details. LURP Lab Details  1.Given a GET … call a proxy CGI script in the same way you would for a normal CGI request  2.This UDP perl.
Data Communications and Computer Networks Chapter 2 CS 3830 Lecture 7 Omar Meqdadi Department of Computer Science and Software Engineering University of.
COMP2322 Lab 2 HTTP Steven Lee Jan. 29, HTTP Hypertext Transfer Protocol Web’s application layer protocol Client/server model – Client (browser):
Week 11: Application Layer 1 Web and HTTP r Web page consists of objects r Object can be HTML file, JPEG image, Java applet, audio file,… r Web page consists.
WEB1P webarch1 Web architecture Dr Jim Briggs. WEB1P webarch2 What is the web? Distributed system Client-server system Characteristics of clients and.
Simple Web Services. Internet Basics The Internet is based on a communication protocol named TCP (Transmission Control Protocol) TCP allows programs running.
Web Programming Week 1 Old Dominion University Department of Computer Science CS 418/518 Fall 2007 Michael L. Nelson 8/27/07.
© Janice Regan, CMPT 128, Jan 2007 CMPT 371 Data Communications and Networking HTTP 0.
Web Server Design Week 6 Old Dominion University Department of Computer Science CS 495/595 Spring 2006 Michael L. Nelson 2/13/06.
The Hypertext Transfer Protocol
COMP2322 Lab 2 HTTP Steven Lee Feb. 8, 2017.
HTTP Protocol.
CSCI-351 Data communication and Networks
Presentation transcript:

5 th ed: Chapter 17 4 th ed: Chapter SY306 Web and Databases for Cyber Operations

Outline HTTP HTTPS Superfish

Client / Server Big Picture ClientServer Language for these communications?

HTTP Protocol Stack HTTPFTP… TCP IP Various

What does HTTP request look like? User enters URL: Browser sends request to GET / HTTP/1.0 User-Agent: Mozilla/3.0 (compatible; Opera/3.0; Windows 95/NT4) Accept: */* What would GET line be if URL were…

What does HTTP response look like? If okay, server sends back response: HTTP/ OK content-length: 4303 accept-ranges: bytes server: Apache/ (Unix) PHP/5.0.4 last-modified: Tue, 13 Aug :18:07 GMT connection: close etag: "328f-10cf-1c8181c0" x-pad: avoid browser bug date: Wed, 14 Aug :58:32 GMT content-type: text/html …

Lab Exercise How does the HTTP request look like for ? ssh into zee.academy.usna.edu Use netcat (nc) to request the page above –nc 80www.usna.edu –[The HTTP request here + 1 empty row] What is the answer?

Variants of the HTTP request HEAD / HTTP/1.0 GET /cgi-bin/query.pl?str=dogs&lang=en HTTP/1.0 POST /cgi-bin/query.pl HTTP/1.0 Content-Type: application/x-www-form-urlencoded Content-Length: 16 str=dogs&lang=en GET /img1.jpg HTTP/1.1 Host: GET /img6.jpg HTTP/1.1 Host: Connection: close More details:

Variants of the HTTP response Status codes 200 OK 301 Moved permanently 400 Bad request 403 Forbidden 404 Not found 500 Internal server error 503 Service unavailable

Exercise: How do the HTTP request and response look like? welcome.py #!/usr/bin/env python3 from http import cookies import urllib.parse import cgi #get parameters params = cgi.FieldStorage() username = params.getvalue("username") cookie = cookies.SimpleCookie() cookie["Username"] = urllib.parse.quote(username) print (cookie) print( "Content-type:text/html\n"); print ( Storing cookies with Python """) print (" Welcome "+ username + " "); print(" ");

Lab Exercise: 1. On your W drive, in public_html, create welcome.py with the code below 2. How do the HTTP request and response look like? Use nc to verify! #!/usr/bin/env python3 from http import cookies import urllib.parse import cgi #get parameters params = cgi.FieldStorage() username = params.getvalue("username") cookie = cookies.SimpleCookie() cookie["Username"] = urllib.parse.quote(username) print (cookie) print( "Content-type:text/html\n"); print ( Storing cookies with Python """) print (" Welcome "+ username + " "); print(" ");

Lab Exercise Open Chrome  Tools  Developer Tools  Network tab Type in the address bar (XXXXXX –your alpha) –What http request is made? –Check the content of the request by right-clicking on the path in the list and choose “Copy the request headers” – paste it into Notepad++ Type in the address barwww.google.com –What http requests are made? Why? Type in the address barwww.amazon.com –How many requests are made?

HTTPS: HTTP over SSL HTTPFTP… SSL TCP IP Various

Encryption Encode / decode the data Need: –algorithm –key Symmetric encryption Asymmetric encryption –Interesting property: you can switch encryption and decryption key and get the same results `

SSL Protocol Highlights Browser connects to SSL-enabled server Computers agree on encryption method Server sends its digital certificate (contains the public key) Browser and server generate session key Further communications are encrypted using the session key

HTTP over SSL: How to use it? Example: need to submit login information securely; script to execute is login.py Secure invocation:

Digital Certificates Bob got a public key from Amazon. Is it really Amazon’s key?

Superfish pcs-ship-with-man-in-the-middle-adware-that- breaks-https-connections/ pcs-ship-with-man-in-the-middle-adware-that- breaks-https-connections/ superfish-certificate.html#.VQmM0OEkU2Shttp://blog.erratasec.com/2015/02/extracting- superfish-certificate.html#.VQmM0OEkU2S Installs transparent proxy to intercept browser connections Installs root CA certificate in Windows – all certificates signed by Superfish will be trusted Same private-public key pair for all certificates – private key was reversed engineered

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.