Networking Concepts

1,279 views

Published on

Networking Concepts by Marc Andre @ null Hyderabad Meet in September, 2010

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,279
On SlideShare
0
From Embeds
0
Number of Embeds
62
Actions
Shares
0
Downloads
38
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Networking Concepts

  1. 1. Fundamental Concepts OWASP Hyderabad Oct 10th, 2009 Marc-André Laverdière
  2. 2. Agenda ● Network Basics ● IP, TCP, UDP, DNS ● Internet Architecture ● Static Web architecture ● HTTP features ● REST-based architecture (P.S. All images courtesy of Wikipedia)
  3. 3. Network Basics ● OSI 7 Layer Model
  4. 4. Network Topologies ● Point to point: using a switch or dedicated wiring ● Bus: common wire, like in cable internet ● Star: central hub ● Ring: token ring ● Mesh: redudancies ● Tree: hierarchical
  5. 5. Network Terms ● Client: computer that requests a service ● Server: computer that fulfills the request ● Gateway: point of contact to another network ● Proxy: intermediary for making requests to servers. Often caches resources ● Router: forwards information ● Hub: connects many network segments ● Switch: more efficient hub ● Link: connection between two points
  6. 6. IP ● IP: Internet Protocol ● Used to send packets between point A and point B ● No delivery guarantee ● Two current versions: IPv4 and IPv6
  7. 7. IPv4 vs IPv6 ● IPv6 adds many features to IPv4: – Greater address space – Supports autoconfiguration – Multicast – Mandatory IPSec (encryption, authentication, tunelling) – Removed rare fields, redundant checksum – Larger max packet size (4GB) – Support for mobile devices
  8. 8. NAT ● Network Address Translation, used with IP masquerading ● Used to make one IP address as front-end for many. E.g. Wireless hub+router ● Gateway rewrites the packets so that they look like they all originate from the gateway ● Breaks some applications, like SIP and some peer-to-peer clients
  9. 9. TCP ● Transmission Control Protocol ● Allows reliable transmissions ● Error detection ● Flow/congestion control ● Add concept of port ● Connection-based
  10. 10. UDP ● User Datagram Protocol ● Ports ● Fast ● No integrity checking/resending
  11. 11. DNS ● Domain Name System ● UDP main ● Some TCP ● 13 root clusters
  12. 12. Internet Architecture ● Interconnected computer networks ● TCP/IP ● DNS ● Lots of hardware ● Supports many things – WWW – Email – Usenet – IRC
  13. 13. Static Web Architecture ● Www: portion of the Internet for retrieval of hyperdocuments ● Multiple clients, multiple servers ● All resources are static ● Documents can include or refer to other resources ● Resources are organized under websites ● DNS, HTTP, HTML
  14. 14. HTTP ● HyperText Transfer ● Verbs: Protocol – HEAD: get metadata ● Text-based – GET: get a resource POST: submit data to a ● Binary content must be – resource encoded (often – PUT: upload a resource Base64) – DELETE ● One connection per – TRACE: echo back the request (HTTP 1.0) or request one connection for – OPTIONS: list supported many (HTTP 1.1) methods ● Stateless – CONNECT: create a tunnel
  15. 15. HTTP Request ● User-Agent Opera/9.64 (X11; Linux i686; U; en) Presto/2.1.1 ● Host www.wired.com ● Accept text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 ● Accept-Language en-IN,en;q=0.9 ● Accept-Charset iso-8859-1, utf-8, utf-16, *;q=0.1 ● Accept-Encoding deflate, gzip, x-gzip, identity, *;q=0 ● Cookie [cut] ● Cookie2 $Version=1 ● Proxy-Connection Keep-Alive
  16. 16. HTTP Response Header ● HTTP/1.1 200 OK ● Date: Mon, 23 May 2005 22:38:34 GMT ● Server: Apache/1.3.3.7 (Unix) (Red-Hat/Linux) ● Last-Modified: Wed, 08 Jan 2003 23:11:55 GMT ● Etag: "3f80f-1b6-3e1cb03b" ● Accept-Ranges: bytes ● Content-Length: 438 ● Connection: close ● Content-Type: text/html; charset=UTF-8
  17. 17. Cookies ● Cookies are values determined by the server that are stored by the client ● The client automatically sends the cookie value on every request to the server
  18. 18. REST-Based Architecture ● Problem: what I described is static. We need to execute code to have Web Applications ● Principles: – Everything goes through the resources. Resources are different than the representation given to the clients – Resources can be manipulated through the representation – Each message is self-descriptive – Hypermedia contains the application state
  19. 19. Essentially ● Applications react to queries from the clients only. Nothing happens without a query. ● Resource access is free to trigger any processing

×