How our computers connect to facebook

•Download as PPTX, PDF•

0 likes•14 views

1) When a user enters a website address like Facebook into their browser, their computer first looks up the IP address of the domain name using DNS. 2) It then sends an HTTP request over TCP/IP to the web server's IP address through multiple network hops using routing protocols like BGP. 3) The web server receives the request, processes it, and sends an HTTP response back to the user's computer containing the requested content.

Software

How our computers
connect to Facebook(or any other website)
Yi Kuo

How we access Facebook?
What happened in the second?

Language: HTTP HyperText Transfer Protocol

Language: HTTP HyperText Transfer Protocol
GET / HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/7
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: zh-TW,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: fr=1KvAgepb7obISMaDy..Bfrpvm.Ej.AAA.0.0.Bfrpvu.AWVbDWhysOw;
sb=5puuX_hOTwOlynW1kzQxecHh; datr=5puuX83dw4nqdIGZy_rBc_8P; wd=1280x198; dpr=1.5
Upgrade-Insecure-Requests: 1

GET / HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (W
Accept: text/html,applicat
Accept-Language: zh-TW,zh;
Accept-Encoding: gzip, def

GET / HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (W
Accept: text/html,applicat
Accept-Language: zh-TW,zh;
Accept-Encoding: gzip, def
Request Method
Location
https://www.facebook.com/
HTTP Version
Headers
POST

GET /kuokuoyiyi HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (W
Accept: text/html,applicat
Accept-Language: zh-TW,zh;
Accept-Encoding: gzip, def
Request Method
Location
https://www.facebook.com/kuokuoyiyi HTTP Version
Headers

$Language: HTTP HyperText Transfer Protocol HTTP/2 200 OK X-Frame-Options: DENY X-Xss-Protection: 0 ⋮ X-Firefox-Spdy: h2 <!DOCTYPE html> <html lang="zh-Hant" id="facebook" class="no_js"> <head><meta charset="utf-8" /><meta name="referrer" content="origin-when- crossorigin" id="meta_referrer" /><script nonce="oX7Z8G3a">window._cstart=+new Date();</script><script nonce="oX7Z8G3a">function envFlush(a){function b(b){for(var c in a$

HTTP/2 200 OK
X-Frame-Options: DENY
X-Xss-Protection: 0
⋮
X-Firefox-Spdy: h2
<!DOCTYPE html>
Status Code
Response Data

HTTP/2 404 Not Found
X-Frame-Options: DENY
X-Xss-Protection: 0
⋮
X-Firefox-Spdy: h2
<!DOCTYPE html>
Status Code
Response Data

HTTP/2 403 Forbidden
X-Frame-Options: DENY
X-Xss-Protection: 0
⋮
X-Firefox-Spdy: h2
<!DOCTYPE html>
Status Code
Response Data

Connection: TCP Transmission Control Protocol
A
A + B
B

IP Address Internet Protocol Address
140.114.197.101
31.13.87.36
2a03:2880:f12d:83:face:b00c:0:25de
(IPv6)

DNS Domain Name System
www.facebook.com 31.13.87.36
www.google.com 216.58.200.36
yikuo.dev 172.67.169.118

Routing – Sending out to the internet
140.114.197.101
My Computer
@ Dorm Hsin
140.114.197.254
Dorm Hsin
Floor 3 / 4 Gateway
140.114.1.85
NTHU Networking
Center
140.114.1.70
NTHU TANet
Gateway
192.192.61.110
TANet
Taiwan Academic Network
To
31.13.87.36

Routing – BGP
140.114.197.101
My Computer
@ Dorm Hsin
140.114.197.254
Dorm Hsin
Floor 3 / 4 Gateway
140.114.1.85
NTHU Networking Center
140.114.1.70
NTHU TANet Gateway
192.192.61.110
TANet
Taiwan Academic Network
TANet
ISP A
Border Gateway Portocal
ISP B
ISP C
The
Facebook
Network
31.13.*.*
Who can get to
31.13.87.36?
I can in
1 step
I can in
2 steps
Who can get to
31.13.87.36?
I can in
1 step
To
31.13.87.36
Reply from
31.13.87.36

Routing – Sending back to sender
140.114.197.101
My Computer
@ Dorm Hsin
140.114.197.254
Dorm Hsin
Floor 3 / 4 Gateway
140.114.1.85
NTHU Networking
Center
140.114.1.70
NTHU TANet
Gateway
192.192.61.110
TANet
Taiwan Academic Network
Reply from
31.13.87.36

Internet Protocol Suite of HTTP
Physical Connection
Routing
TCP
HTTP

The document provides an overview of web technologies, including: - The basic client-server model of the web where clients (browsers) make HTTP requests to servers, which return data like web pages. - Key aspects of HTTP requests and responses like headers, status codes, and encoding of returned HTML content. - How the client-server communication is repeated for each file that makes up a full web page.

Install debian 5 lenny

Santo Berwibawa

This document provides instructions for installing Debian Lenny 5.0 on a computer. It outlines the steps to choose the language and location during setup, configure the computer hostname and clock, partition the disk for installation, set passwords for the root and regular user accounts, choose standard software selection, and install the GRUB boot loader. The installation process involves answering prompts at each step to complete the configuration.

OPSec for Beginners

kyraadams

This document provides steps and recommendations for conducting anonymous and secure online activities. It recommends using Tor-based email providers and PGP encryption. It also discusses using VPNs and virtual private servers (VPS) accessed via Remote Desktop Protocol (RDP). It recommends anonymizing payments with cryptocurrencies like Bitcoin and Monero. It provides links for encrypting devices and data, spoofing hostnames, and using the Tails operating system to conduct activities privately from a USB drive.

Introduction to TYPO3 Neos - mUXcamp Worms 2014

Hrishikesh Lele

7zip intro

Sayed Ahmed

The document discusses the 7-Zip file compression utility. It provides instructions on how to install and use 7-Zip on Linux distributions like Ubuntu and Fedora. Key points include: - 7-Zip is not installed by default on Linux but can be installed using package managers or by downloading installers. - The commands to use 7-Zip may differ across distributions, such as 7zr for Ubuntu and 7za for Fedora. - 7-Zip provides high compression levels and supports various compression algorithms like LZMA, but can be slower than other utilities for maximum compression. - Other Linux utilities like Tar can also compress files but provide lower compression levels than 7-Zip.

Metodologias de Programação IV - Aula 4, Secção 2 - Suporte para sessões no p...

Leonel Morgado

Rawnet Lightning talk 'How the Internet Works'

Rawnet

The document discusses how the internet works by explaining that it is a decentralized global network of computers created by DARPA in the 1960s. It then describes how loading a website involves opening a socket to the server and sending an HTTP request, which is routed using DNS to map domain names to IP addresses and routing protocols to direct traffic between networks. Content delivery networks are also mentioned as optimizing website load times.

This document provides information about Common Gateway Interface (CGI) programming and how web browsers communicate with web servers. It discusses how browsers make requests to servers, how servers respond, and how form data is transmitted from browsers to CGI programs using GET and POST methods. It also covers cookies, file uploads, and provides examples of simple CGI programs in Perl and Python.

How Web Pages Work

OneDesignCompany

2. [Daily hack] Citrix_waf_bypass

defconmoscow

The document discusses techniques for bypassing the Citrix Web Application Firewall (WAF). It includes three examples of HTTP requests targeting a vulnerable script: a GET request, a POST request, and an improved POST request that includes a multipart/form-data encoding and SQL injection payload to retrieve the database name. The document concludes with a link to additional information on Citrix WAF bypass techniques.

Http

NEATS

HTTP is a protocol for transmitting and receiving information on the internet. It allows clients to send requests to servers and receive responses. Common HTTP requests are GET and POST. CGI (Common Gateway Interface) is a standard for interfacing external applications with information servers like HTTP servers. It allows programs to be run on a server and to handle requests that are similar to HTML forms. When a CGI program is executed, it has access to environment variables containing information about the request.

Web Application Security 101 - 02 The Basics

Websecurify

20190516 web security-basic

MksYi

The document provides an overview of basic web security concepts including: 1. It defines common web terms like front-end, back-end, cookies, sessions, URLs, HTTP methods, headers and status codes. 2. It discusses how cookies and sessions are used to track users and maintain state on the web. 3. It covers potential information leaks from files like robots.txt, hidden files and directories as well as techniques for searching websites like Google hacking. 4. It introduces common web vulnerabilities like XSS, CSRF and discusses how attacks are carried out and potential impacts. It also notes some PHP quirks that could be exploited if not understood.

OWASP Top 10 - Checkmarx Presentation at Polytechnic Institute of Cávado and Ave

Checkmarx

Rapport mymusicplease.fr

Gaetan Garnier

Oss web application and network security

Rishabh Mehan

The document provides an overview of web application and network security. It begins with definitions of web applications and how requests are made via protocols like HTTP and HTTPS. It then covers common security attacks such as denial of service attacks, TCP hijacking, and packet sniffing. The document discusses countermeasures for these attacks like firewalls, intrusion detection systems, and encryption. It also covers vulnerabilities in web applications like SQL injection, cross-site scripting, and input validation issues. The key information is on common security attacks against web applications and networks and their corresponding countermeasures.

WebSockets Everywhere: the Future Transport Protocol for Everything (Almost)

Ericom Software

Computer network (10)

NYversity

This document provides an overview of applications and reliable transport basics. It discusses several common applications that use reliable sockets like Telnet, HTTP, BitTorrent and Skype. It also covers some of the challenges in building reliable transport, including dropping, duplicating and reordering of packets. The document outlines techniques used to provide reliability such as checksums, acknowledgements, timeouts and retransmissions. Finally, it introduces finite state machines and stop-and-wait models for reliable data transfer.

Http header的方方面面

Tony Deng

The document discusses various aspects of HTTP headers, including: - What HTTP headers are and their importance for web development. HTTP headers carry information about the client browser, requested page, and server. - How to view HTTP headers using tools like Firebug and Live HTTP Headers plugins in Firefox. - The structure of HTTP requests and responses. Requests contain request lines and header lines, while responses similarly contain status lines and header lines. - Common HTTP request header fields like Host, User-Agent, Accept-Language, and Accept-Encoding and what they indicate. - The differences between common HTTP request methods like GET, POST, and HEAD.

Test

dangthikimoanh

Php Inside - confoo 2011 - Derick Rethans

Bachkoutou Toutou

HackFest 2015 - Rasp vs waf

IMMUNIO

Hackers, meet your match. No longer are web applications an easy target. You have been getting away for too long with laughing at poor programming practices, pissing on every parameter, and downloading entire tables from Web requests. In this talk, I will show a hands-on demo of a live application with a RASP, and without. I will cover the benefits of a RASP over a WAF, and explain how web sites should no longer rely on dumb traffic level regex tools for their security. I will attack a vulnerable web application, and demonstrate how a typical attack is carried out on it. Afterwards I will repeat the exercise on the same application, but this time with a RASP installed. I will point out what the key differences are, and in a vendor neutral manner show key mechanisms which differentiate a RASP from a WAF or a firewall. I will cover how brute force protection is done right, how aggregating application usage and sharing this data is beneficial, and how using a RASP can even be integrated into a SDLC.

HTTP cookie hijacking in the wild: security and privacy implications

Priyanka Aash

The widespread demand for online privacy, also fueled by widely-publicized demonstrations of session hijacking attacks against popular websites (see Firesheep), has spearheaded the increasing deployment of HTTPS. However, many websites still avoid ubiquitous encryption due to performance or compatibility issues. The prevailing approach in these cases is to force critical functionality and sensitive data access over encrypted connections, while allowing more innocuous functionality to be accessed over HTTP. In practice, this approach is prone to flaws that can expose sensitive information or functionality to third parties. In this work, we conduct an in-depth assessment of a diverse set of major websites and explore what functionality and information is exposed to attackers that have hijacked a user's HTTP cookies. We identify a recurring pattern across websites with partially deployed HTTPS; service personalization inadvertently results in the exposure of private information. The separation of functionality across multiple cookies with different scopes and inter-dependencies further complicates matters, as imprecise access control renders restricted account functionality accessible to non-session cookies. Our cookie hijacking study reveals a number of severe flaws; attackers can obtain the user's home and work address and visited websites from Google, Bing and Baidu expose the user's complete search history, and Yahoo allows attackers to extract the contact list and send emails from the user's account. Furthermore, e-commerce vendors such as Amazon and Ebay expose the user's purchase history (partial and full respectively), and almost every website exposes the user's name and email address. Ad networks like Doubleclick can also reveal pages the user has visited. To fully evaluate the practicality and extent of cookie hijacking, we explore multiple aspects of the online ecosystem, including mobile apps, browser security mechanisms, extensions and search bars. To estimate the extent of the threat, we run IRB-approved measurements on a subset of our university's public wireless network for 30 days, and detect over 282K accounts exposing the cookies required for our hijacking attacks. We also explore how users can protect themselves and find that, while mechanisms such as the EFF's HTTPS Everywhere extension can reduce the attack surface, HTTP cookies are still regularly exposed. The privacy implications of these attacks become even more alarming when considering how they can be used to deanonymize Tor users. Our measurements suggest that a significant portion of Tor users may currently be vulnerable to cookie hijacking. (Source: Black Hat USA 2016, Las Vegas)

Web Terminology

ibrahimhossen6

Type URL, Enter, and Then …

Jinglun Li

APIs Demystified

Brandon West

Taking a Quantum Leap with Html 5 WebSocket

Shahriar Hyder

Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris

Neo4j

Using Xen Hypervisor for Functional Safety

Ayan Halder

Similar to How our computers connect to facebook

Cgi

AkramWaseem

How Web Pages Work

OneDesignCompany

2. [Daily hack] Citrix_waf_bypass

defconmoscow

Http

NEATS

Web Application Security 101 - 02 The Basics

Websecurify

20190516 web security-basic

MksYi

OWASP Top 10 - Checkmarx Presentation at Polytechnic Institute of Cávado and Ave

Checkmarx

Rapport mymusicplease.fr

Gaetan Garnier

Oss web application and network security

Rishabh Mehan

WebSockets Everywhere: the Future Transport Protocol for Everything (Almost)

Ericom Software

Computer network (10)

NYversity

Http header的方方面面

Tony Deng

Test

dangthikimoanh

Php Inside - confoo 2011 - Derick Rethans

Bachkoutou Toutou

HackFest 2015 - Rasp vs waf

IMMUNIO

HTTP cookie hijacking in the wild: security and privacy implications

Priyanka Aash

Web Terminology

ibrahimhossen6

Type URL, Enter, and Then …

Jinglun Li

APIs Demystified

Brandon West

Taking a Quantum Leap with Html 5 WebSocket

Shahriar Hyder

Similar to How our computers connect to facebook (20)

Cgi

How Web Pages Work

2. [Daily hack] Citrix_waf_bypass

Http

Web Application Security 101 - 02 The Basics

20190516 web security-basic

OWASP Top 10 - Checkmarx Presentation at Polytechnic Institute of Cávado and Ave

Rapport mymusicplease.fr

Oss web application and network security

WebSockets Everywhere: the Future Transport Protocol for Everything (Almost)

Computer network (10)

Http header的方方面面

Test

Php Inside - confoo 2011 - Derick Rethans

HackFest 2015 - Rasp vs waf

HTTP cookie hijacking in the wild: security and privacy implications

Web Terminology

Type URL, Enter, and Then …

APIs Demystified

Taking a Quantum Leap with Html 5 WebSocket

Recently uploaded

Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris

Neo4j

Using Xen Hypervisor for Functional Safety

Ayan Halder

Utilocate provides Smarter, Better, Faster, Safer Locate Ticket Management

Utilocate

Utilocate offers a comprehensive solution for locate ticket management by automating and streamlining the entire process. By integrating with Geospatial Information Systems (GIS), it provides accurate mapping and visualization of utility locations, enhancing decision-making and reducing the risk of errors. The system's advanced data analytics tools help identify trends, predict potential issues, and optimize resource allocation, making the locate ticket management process smarter and more efficient. Additionally, automated ticket management ensures consistency and reduces human error, while real-time notifications keep all relevant personnel informed and ready to respond promptly. The system's ability to streamline workflows and automate ticket routing significantly reduces the time taken to process each ticket, making the process faster and more efficient. Mobile access allows field technicians to update ticket information on the go, ensuring that the latest information is always available and accelerating the locate process. Overall, Utilocate not only enhances the efficiency and accuracy of locate ticket management but also improves safety by minimizing the risk of utility damage through precise and timely locates.

Webinar On-Demand: Using Flutter for Embedded

ICS

Flutter is a popular open source, cross-platform framework developed by Google. In this webinar we'll explore Flutter and its architecture, delve into the Flutter Embedder and Flutter’s Dart language, discover how to leverage Flutter for embedded device development, learn about Automotive Grade Linux (AGL) and its consortium and understand the rationale behind AGL's choice of Flutter for next-gen IVI systems. Don’t miss this opportunity to discover whether Flutter is right for your project.

Essentials of Automations: The Art of Triggers and Actions in FME

Safe Software

In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation. We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios. Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!

UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions

Peter Muessig

The UI5 tooling is the development and build tooling of UI5. It is built in a modular and extensible way so that it can be easily extended by your needs. This session will showcase various tooling extensions which can boost your development experience by far so that you can really work offline, transpile your code in your project to use even newer versions of EcmaScript (than 2022 which is supported right now by the UI5 tooling), consume any npm package of your choice in your project, using different kind of proxies, and even stitching UI5 projects during development together to mimic your target environment.

openEuler Case Study - The Journey to Supply Chain Security

Shane Coughlan

Graspan: A Big Data System for Big Code Analysis

Aftab Hussain

We built a disk-based parallel graph system, Graspan, that uses a novel edge-pair centric computation model to compute dynamic transitive closures on very large program graphs. We implement context-sensitive pointer/alias and dataflow analyses on Graspan. An evaluation of these analyses on large codebases such as Linux shows that their Graspan implementations scale to millions of lines of code and are much simpler than their original implementations. These analyses were used to augment the existing checkers; these augmented checkers found 132 new NULL pointer bugs and 1308 unnecessary NULL tests in Linux 4.4.0-rc5, PostgreSQL 8.3.9, and Apache httpd 2.2.18. - Accepted in ASPLOS ‘17, Xi’an, China. - Featured in the tutorial, Systemized Program Analyses: A Big Data Perspective on Static Analysis Scalability, ASPLOS ‘17. - Invited for presentation at SoCal PLS ‘16. - Invited for poster presentation at PLDI SRC ‘16.

Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris

Neo4j

LORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOM

lorraineandreiamcidl

原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样

mz5nrf0n

原版一模一样【微信：741003700 】【美国纽约州立大学奥尔巴尼分校毕业证学位证书】【微信：741003700 】学位证，留信认证（真实可查，永久存档）offer、雅思、外壳等材料/诚信可靠,可直接看成品样本，帮您解决无法毕业带来的各种难题！外壳，原版制作，诚信可靠，可直接看成品样本。行业标杆！精益求精，诚心合作，真诚制作！多年品质 ,按需精细制作，24小时接单,全套进口原装设备。十五年致力于帮助留学生解决难题，包您满意。本公司拥有海外各大学样板无数，能完美还原海外各大学 Bachelor Diploma degree, Master Degree Diploma 1:1完美还原海外各大学毕业材料上的工艺：水印，阴影底纹，钢印LOGO烫金烫银，LOGO烫金烫银复合重叠。文字图案浮雕、激光镭射、紫外荧光、温感、复印防伪等防伪工艺。材料咨询办理、认证咨询办理请加学历顾问Q/微741003700 留信网认证的作用: 1:该专业认证可证明留学生真实身份 2:同时对留学生所学专业登记给予评定 3:国家专业人才认证中心颁发入库证书 4:这个认证书并且可以归档倒地方 5:凡事获得留信网入网的信息将会逐步更新到个人身份内，将在公安局网内查询个人身份证信息后，同步读取人才网入库信息 6:个人职称评审加20分 7:个人信誉贷款加10分 8:在国家人才网主办的国家网络招聘大会中纳入资料，供国家高端企业选择人才

Atelier - Innover avec l’IA Générative et les graphes de connaissances

Neo4j

Atelier - Innover avec l’IA Générative et les graphes de connaissances Allez au-delà du battage médiatique autour de l’IA et découvrez des techniques pratiques pour utiliser l’IA de manière responsable à travers les données de votre organisation. Explorez comment utiliser les graphes de connaissances pour augmenter la précision, la transparence et la capacité d’explication dans les systèmes d’IA générative. Vous partirez avec une expérience pratique combinant les relations entre les données et les LLM pour apporter du contexte spécifique à votre domaine et améliorer votre raisonnement. Amenez votre ordinateur portable et nous vous guiderons sur la mise en place de votre propre pile d’IA générative, en vous fournissant des exemples pratiques et codés pour démarrer en quelques minutes.

GraphSummit Paris - The art of the possible with Graph Technology

Neo4j

Fundamentals of Programming and Language Processors

Rakesh Kumar R

Vitthal Shirke Java Microservices Resume.pdf

Vitthal Shirke

E-commerce Development Services- Hornet Dynamics

Hornet Dynamics

SWEBOK and Education at FUSE Okinawa 2024

Hironori Washizaki

socradar-q1-2024-aviation-industry-report.pdf

SOCRadar

SOCRadar's Aviation Industry Q1 Incident Report is out now! The aviation industry has always been a prime target for cybercriminals due to its critical infrastructure and high stakes. In the first quarter of 2024, the sector faced an alarming surge in cybersecurity threats, revealing its vulnerabilities and the relentless sophistication of cyber attackers. SOCRadar’s Aviation Industry, Quarterly Incident Report, provides an in-depth analysis of these threats, detected and examined through our extensive monitoring of hacker forums, Telegram channels, and dark web platforms.

ALGIT - Assembly Line for Green IT - Numbers, Data, Facts

Green Software Development

Orion Context Broker introduction 20240604

Fermin Galan

Recently uploaded (20)

Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris

Using Xen Hypervisor for Functional Safety

Utilocate provides Smarter, Better, Faster, Safer Locate Ticket Management

Webinar On-Demand: Using Flutter for Embedded

Essentials of Automations: The Art of Triggers and Actions in FME

UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions

openEuler Case Study - The Journey to Supply Chain Security

Graspan: A Big Data System for Big Code Analysis

Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris

LORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOM

原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样

Atelier - Innover avec l’IA Générative et les graphes de connaissances

GraphSummit Paris - The art of the possible with Graph Technology

Fundamentals of Programming and Language Processors

Vitthal Shirke Java Microservices Resume.pdf

E-commerce Development Services- Hornet Dynamics

SWEBOK and Education at FUSE Okinawa 2024

socradar-q1-2024-aviation-industry-report.pdf

ALGIT - Assembly Line for Green IT - Numbers, Data, Facts

Orion Context Broker introduction 20240604

How our computers connect to facebook

1. How our computers connect to Facebook(or any other website) Yi Kuo

2. Internet?

3. How we access Facebook? What happened in the second?

4. Websites?

5. Language: HTTP HyperText Transfer Protocol

6. Language: HTTP HyperText Transfer Protocol GET / HTTP/1.1 Host: www.facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/7 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Language: zh-TW,zh;q=0.8,en-US;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: fr=1KvAgepb7obISMaDy..Bfrpvm.Ej.AAA.0.0.Bfrpvu.AWVbDWhysOw; sb=5puuX_hOTwOlynW1kzQxecHh; datr=5puuX83dw4nqdIGZy_rBc_8P; wd=1280x198; dpr=1.5 Upgrade-Insecure-Requests: 1

7. GET / HTTP/1.1 Host: www.facebook.com User-Agent: Mozilla/5.0 (W Accept: text/html,applicat Accept-Language: zh-TW,zh; Accept-Encoding: gzip, def

8. GET / HTTP/1.1 Host: www.facebook.com User-Agent: Mozilla/5.0 (W Accept: text/html,applicat Accept-Language: zh-TW,zh; Accept-Encoding: gzip, def Request Method Location https://www.facebook.com/ HTTP Version Headers POST

9. GET /kuokuoyiyi HTTP/1.1 Host: www.facebook.com User-Agent: Mozilla/5.0 (W Accept: text/html,applicat Accept-Language: zh-TW,zh; Accept-Encoding: gzip, def Request Method Location https://www.facebook.com/kuokuoyiyi HTTP Version Headers

10. Language: HTTP HyperText Transfer Protocol HTTP/2 200 OK X-Frame-Options: DENY X-Xss-Protection: 0 ⋮ X-Firefox-Spdy: h2 <!DOCTYPE html> <html lang="zh-Hant" id="facebook" class="no_js"> <head><meta charset="utf-8" /><meta name="referrer" content="origin-when- crossorigin" id="meta_referrer" /><script nonce="oX7Z8G3a">window._cstart=+new Date();</script><script nonce="oX7Z8G3a">function envFlush(a){function b(b){for(var c in a

11. HTTP/2 200 OK X-Frame-Options: DENY X-Xss-Protection: 0 ⋮ X-Firefox-Spdy: h2 <!DOCTYPE html>

12. HTTP/2 200 OK X-Frame-Options: DENY X-Xss-Protection: 0 ⋮ X-Firefox-Spdy: h2 <!DOCTYPE html> Status Code Response Data

13. HTTP/2 404 Not Found X-Frame-Options: DENY X-Xss-Protection: 0 ⋮ X-Firefox-Spdy: h2 <!DOCTYPE html> Status Code Response Data

14. HTTP/2 403 Forbidden X-Frame-Options: DENY X-Xss-Protection: 0 ⋮ X-Firefox-Spdy: h2 <!DOCTYPE html> Status Code Response Data

15. Connection: TCP Transmission Control Protocol A A + B B

16. But where is www.facebook.com? ?

17. IP Address Internet Protocol Address 140.114.197.101 31.13.87.36 2a03:2880:f12d:83:face:b00c:0:25de (IPv6)

18. DNS Domain Name System www.facebook.com 31.13.87.36 www.google.com 216.58.200.36 yikuo.dev 172.67.169.118

19. Routing – Sending out to the internet 140.114.197.101 My Computer @ Dorm Hsin 140.114.197.254 Dorm Hsin Floor 3 / 4 Gateway 140.114.1.85 NTHU Networking Center 140.114.1.70 NTHU TANet Gateway 192.192.61.110 TANet Taiwan Academic Network To 31.13.87.36

20. Routing – BGP 140.114.197.101 My Computer @ Dorm Hsin 140.114.197.254 Dorm Hsin Floor 3 / 4 Gateway 140.114.1.85 NTHU Networking Center 140.114.1.70 NTHU TANet Gateway 192.192.61.110 TANet Taiwan Academic Network TANet ISP A Border Gateway Portocal ISP B ISP C The Facebook Network 31.13.*.* Who can get to 31.13.87.36? I can in 1 step I can in 2 steps Who can get to 31.13.87.36? I can in 1 step To 31.13.87.36 Reply from 31.13.87.36

21. Routing – Sending back to sender 140.114.197.101 My Computer @ Dorm Hsin 140.114.197.254 Dorm Hsin Floor 3 / 4 Gateway 140.114.1.85 NTHU Networking Center 140.114.1.70 NTHU TANet Gateway 192.192.61.110 TANet Taiwan Academic Network Reply from 31.13.87.36

22. Internet Protocol Suite of HTTP Physical Connection Routing TCP HTTP

23. Q&A

24. Thanks for your listening!

Editor's Notes

Hi everyone, my name is Yi. I am from Computer Science department. Today I’m going to share about how our computers connect to Facebook, or any other website
We browse the Internet everyday. But have you wonder how does our computers connect to the Internet? How could images from the other side of the world transits to your computer? I will have a simple introduction of how Internet and website works.
First, lets take Facebook as an example. When we want to watch feeds on Facebook, we simply type www.facebook.com into our browser’s address bar. And within a few seconds, Facebook’s homepage showed up! What happened between those few seconds?
A website is actually servers that send information to our computer, and our browser renders the data and show it. Servers are no different from our computer. To connect to a website, our computer has to communicate with their servers to exchange data
Just like humans, computers also need to have a language to communicate. For websites, this language is HTTP. You can see that websites have the http:// prefix in the address. Actually, you may see https:// more often. They are using the same language but the data is encrypted in HTTPS, thus is safer to use HTTPS.
Lets see how HTTP looks like. This is what our computer says to the server when we connect to Facebook’s home page
This is the HTTP Request header. It has several parts:
First, Request Method. We are only fetching the webpage, so we use the GET method. If we want to send additional data to the server, we use the POST method. Next, there is the Location, which page we are going to request. We are going to request the root page, so it looks like this.
If we want to see my Facebook profile, then it looks like this. And next is the HTTP version and some additional Headers. These Headers provide the server with some additional settings. For example, the User-Agent header tells the server what browser we are using.
This is what Facebook’s server response to us
This is the HTTP Response Header. It is similar to the Request, but there are some additional parts
There is the 200 OK Response Code. There are different codes too, such as the famous 404 code.
The 404 Not Found means the user requested a non existent page, and
The 403 Forbidden means the user does not have permission to view the page Bottom here is the response data, the website’s content and is usually in the HTML format
So now we have the language, but what is the medium for them to talk to each other? So here comes TCP. TCP is like a tunnel that can let computers talk to each other. To establish a connection, computers have to do a handshake Lets see how the handshake works… First, our computer sends a number A, then the server generates a number B and sends back A+B, finally, we send B to the server. This can ensure that both computers can receive from each other correctly
But how does our computer knows where is Facebook? Here comes the Routing.
IP Address are like address in our real life, every computer on the network has an IP Address
And there is the domain name system. The domain name system is like a phone book, that gives the corresponding IP address of the Domain Name Actually you can buy your own domain name too! This is my domain name. It will link to my blog
Now we have Facebook’s IP address, we generates a package. And then we send our package out to the Internet Service Provider In NTHU, our service provider is Taiwan Academic Network
Now it comes to border routing, every circle here is an autonomous system. Every autonomous system controls a part of the IP in the Internet, and we have to send our package to the correct autonomous system. So this is how BGP works: First, our ISP asks who can get to Facebook’s IP address? Since ISP B is not directly connected to Facebook, so it also asks. ISP C replies to B that it can get to Facebook in one step, and B replies to us that it can in 2 steps. And ISP A replies to us that it can in one step. Now we have two choices. We will choose the shortest path: going through ISP A We finally got to Facebook, and Facebook generates the response and throw it back to us.
It will follow the opposite way of how we come from, and finally it gets to our computer!
So what I introduced stacks on each other. First there is Physical Connection, such as copper wire, radio waves or optical fiber Next, packets route to the server with the physical connection. And next, TCP makes a tunnel to let us talk to the server. Last, we use HTTP, which is the language our computer talks.

How our computers connect to facebook

Recommended

Recommended

More Related Content

Similar to How our computers connect to facebook

Similar to How our computers connect to facebook (20)

Recently uploaded

Recently uploaded (20)

How our computers connect to facebook

Editor's Notes