The Gopher protocol is a TCP/IP application layer protocol designed for distributing, searching, and retrieving documents over the Internet. The Gopher protocol was strongly oriented towards a menu-document design and presented an alternative to the World Wide Web in its early stages, but ultimately HTTP became the dominant protocol. The Gopher ecosystem is often regarded as the effective predecessor of the World Wide Web.
The Gopher protocol is a TCP/IP application layer protocol designed for distributing, searching, and retrieving documents over the Internet. The Gopher protocol was strongly oriented towards a menu-document design and presented an alternative to the World Wide Web in its early stages, but ultimately HTTP became the dominant protocol. The Gopher ecosystem is often regarded as the effective predecessor of the World Wide Web.
It offers some features not natively supported by the Web and imposes a much stronger hierarchy on information stored on it. Its text menu interface is well-suited to computing environments that rely heavily on remote text-oriented computer terminals, which were still common at the time of its creation in 1991, and the simplicity of its protocol faci
2. GOPHER
• The Gopher protocol is a TCP/IP application
layer protocol designed for distributing,
searching, and retrieving documents over the
Internet. The Gopher protocol was strongly
oriented towards a menu-document design and
presented an alternative to the World Wide
Web in its early stages, but
ultimately HTTP became the dominant protocol.
The Gopher ecosystem is often regarded as the
effective predecessor of the World Wide Web.
• Works on port 70.
3. • It offers some features not natively supported
by the Web and imposes a much stronger
hierarchy on information stored on it. Its text
menu interface is well-suited to computing
environments that rely heavily on remote text-
oriented computer terminals, which were still
common at the time of its creation in 1991,
and the simplicity of its protocol facilitated a
wide variety of client implementations.
4. Goals
• Its central goals were, as stated in RFC 1436
– A file-like hierarchical arrangement that would be
familiar to users.
– A simple syntax.
– A system that can be created quickly and
inexpensively.
– Extending the file system metaphor, such as
searches
5. Search Engines
• A web search engine is a software system that is
designed to search for information on the World
Wide Web. The search results are generally
presented in a line of results often referred to
as search engine results pages (SERPs). The
information may be a mix of web pages, images,
and other types of files. Some search engines
also mine data available in databases or open
directories. Unlike web directories, which are
maintained only by human editors, search
engines also maintain real-time information by
running an algorithm on a web crawler.
6. How web search engines work
• A search engine operates in the following
order:
– Web crawling -A Web crawler is an Internet
bot that systematically browses the WWW,
typically for the purpose of Web indexing. A Web
crawler may also be called a Web spider, an ant,
an automatic indexer.
– Indexing
– Searching
8. Architecture of a Search Engine
The Web
Ad indexes
Web Results 1 - 10 of about 7,310,000 for miele. (0.12 seconds)
Miele, Inc -- Anything else is a compromise
At the heart of your home, Appliances by Miele. ... USA. to miele.com. Residential Appliances.
Vacuum Cleaners. Dishwashers. Cooking Appliances. Steam Oven. Coffee System ...
www.miele.com/ - 20k - Cached - Similar pages
Miele
Welcome to Miele, the home of the very best appliances and kitchens in the world.
www.miele.co.uk/ - 3k - Cached - Similar pages
Miele - Deutscher Hersteller von Einbaugeräten, Hausgeräten ... - [ Translate this
page ]
Das Portal zum Thema Essen & Geniessen online unter www.zu-tisch.de. Miele weltweit
...ein Leben lang. ... Wählen Sie die Miele Vertretung Ihres Landes.
www.miele.de/ - 10k - Cached - Similar pages
Herzlich willkommen bei Miele Österreich - [ Translate this page ]
Herzlich willkommen bei Miele Österreich Wenn Sie nicht automatisch
weitergeleitet werden, klicken Sie bitte hier! HAUSHALTSGERÄTE ...
www.miele.at/ - 3k - Cached - Similar pages
Sponsored Links
CG Appliance Express
Discount Appliances (650) 756-3931
Same Day Certified Installation
www.cgappliance.com
San Francisco-Oakland-San Jose,
CA
Miele Vacuum Cleaners
Miele Vacuums- Complete Selection
Free Shipping!
www.vacuums.com
Miele Vacuum Cleaners
Miele-Free Air shipping!
All models. Helpful advice.
www.best-vacuum.com
Web spider
Indexer
Indexes
Search
User
9. Web Security
• Many sensitive tasks are done through web
– Online banking, online shopping
– Database access
– System administration
• Web applications and web users are targets of
many attacks
– Cross site scripting
– SQL injection
– Cross site request forgery
– Information leakage
– Session hijacking
10. Web Browser and Network
Browser
Network
• Browser sends requests
• Web site sends response pages, which may include code
• Interaction susceptible to network attacks
OS
Hardware
Web
site
request
reply
11. Web Security Issues
• Secure communications between client & server
– HTTPS (HTTP over SSL)
• User authentication & session management
– Cookies & other methods
• Active contents from different websites
– Protecting resources maintained by browsers
• Web application security
• Web site authentication (e.g., anti-phishing)
• Privacy concerns
12. Effect of the Attack
• Attacker can execute arbitrary scripts in browser
• Can manipulate any DOM component on
victim.com
– Control links on page
– Control form fields (e.g. password field) on this page
and linked pages.
• Can infect other users: MySpace.com worm.
13. • More Web Security Issues
– SQL injection
– Side channel information leakage
– Driveby downloads
– Browser extension security
– Cookie privacy issues
14. Web Applications Breach the Perimeter
Internet DMZ
Trusted
Inside
Corporate
Inside
HTTP(S)
Allows HTTP port 80
Allows HTTPS port 443
Firewall only
allows
applications
on the web
server to talk to
application
server.
Firewall only allows
application server to
talk to database
server.
IIS
SunOne
Apache
ASP
.NET
WebSphere
Java
SQL
Oracle
DB2
Browser
15. • Technical Vulnerabilities
– Result of insecure programming techniques
– Mitigation requires code changes
– Detectable by scanners
• Logical Vulnerabilities
– Result of insecure program logic
– Most often to due to poor decisions regarding trust
– Mitigation often requires design/architecture changes
– Detection often requires humans to understand the context
Web Application Vulnerabilities
16. How to Secure Web Applications
• Incorporate security into the lifecycle
– Apply information security principles to all
software development efforts
• Educate
– Issue awareness, Training, etc…
17. How to Secure Web Applications
• Incorporating security into lifecycle
– Integrate security into application
requirements
– Including information security
professionals in software
architecture/design review
– Security APIs & libraries (e.g. ESAPI,
Validator, etc.) when possible
– Threat modeling
– Web application vulnerability assessment
tools