Networking Concepts
2 likes563 views
This document provides an overview of fundamental networking and web architecture concepts. It discusses the OSI 7-layer model, network topologies like star and bus, networking terms like client and server, protocols like IP, TCP, UDP, and DNS, internet architecture with TCP/IP, static web architecture using HTTP and HTML, and REST-based architecture where resources are manipulated through representations.
![HTTP Request
● User-Agent Opera/9.64 (X11; Linux i686; U; en)
Presto/2.1.1
● Host www.wired.com
● Accept text/html, application/xml;q=0.9,
application/xhtml+xml, image/png, image/jpeg,
image/gif, image/x-xbitmap, */*;q=0.1
● Accept-Language en-IN,en;q=0.9
● Accept-Charset iso-8859-1, utf-8, utf-16, *;q=0.1
● Accept-Encoding deflate, gzip, x-gzip, identity,
*;q=0
● Cookie [cut]
● Cookie2 $Version=1
● Proxy-Connection Keep-Alive](https://image.slidesharecdn.com/20091010-basic-100926121935-phpapp02-100926125242-phpapp01/85/Networking-Concepts-16-320.jpg)
Networking Concepts
- 1. Fundamental Concepts OWASP Hyderabad Oct 10th, 2009 Marc-André Laverdière
- 2. Agenda ● Network Basics ● IP, TCP, UDP, DNS ● Internet Architecture ● Static Web architecture ● HTTP features ● REST-based architecture (P.S. All images courtesy of Wikipedia)
- 3. Network Basics ● OSI 7 Layer Model
- 4. Network Topologies ● Point to point: using a switch or dedicated wiring ● Bus: common wire, like in cable internet ● Star: central hub ● Ring: token ring ● Mesh: redudancies ● Tree: hierarchical
- 5. Network Terms ● Client: computer that requests a service ● Server: computer that fulfills the request ● Gateway: point of contact to another network ● Proxy: intermediary for making requests to servers. Often caches resources ● Router: forwards information ● Hub: connects many network segments ● Switch: more efficient hub ● Link: connection between two points
- 6. IP ● IP: Internet Protocol ● Used to send packets between point A and point B ● No delivery guarantee ● Two current versions: IPv4 and IPv6
- 7. IPv4 vs IPv6 ● IPv6 adds many features to IPv4: – Greater address space – Supports autoconfiguration – Multicast – Mandatory IPSec (encryption, authentication, tunelling) – Removed rare fields, redundant checksum – Larger max packet size (4GB) – Support for mobile devices
- 8. NAT ● Network Address Translation, used with IP masquerading ● Used to make one IP address as front-end for many. E.g. Wireless hub+router ● Gateway rewrites the packets so that they look like they all originate from the gateway ● Breaks some applications, like SIP and some peer-to-peer clients
- 9. TCP ● Transmission Control Protocol ● Allows reliable transmissions ● Error detection ● Flow/congestion control ● Add concept of port ● Connection-based
- 10. UDP ● User Datagram Protocol ● Ports ● Fast ● No integrity checking/resending
- 11. DNS ● Domain Name System ● UDP main ● Some TCP ● 13 root clusters
- 12. Internet Architecture ● Interconnected computer networks ● TCP/IP ● DNS ● Lots of hardware ● Supports many things – WWW – Email – Usenet – IRC
- 14. Static Web Architecture ● Www: portion of the Internet for retrieval of hyperdocuments ● Multiple clients, multiple servers ● All resources are static ● Documents can include or refer to other resources ● Resources are organized under websites ● DNS, HTTP, HTML
- 15. HTTP ● HyperText Transfer ● Verbs: Protocol – HEAD: get metadata ● Text-based – GET: get a resource POST: submit data to a ● Binary content must be – resource encoded (often – PUT: upload a resource Base64) – DELETE ● One connection per – TRACE: echo back the request (HTTP 1.0) or request one connection for – OPTIONS: list supported many (HTTP 1.1) methods ● Stateless – CONNECT: create a tunnel
- 16. HTTP Request ● User-Agent Opera/9.64 (X11; Linux i686; U; en) Presto/2.1.1 ● Host www.wired.com ● Accept text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 ● Accept-Language en-IN,en;q=0.9 ● Accept-Charset iso-8859-1, utf-8, utf-16, *;q=0.1 ● Accept-Encoding deflate, gzip, x-gzip, identity, *;q=0 ● Cookie [cut] ● Cookie2 $Version=1 ● Proxy-Connection Keep-Alive
- 17. HTTP Response Header ● HTTP/1.1 200 OK ● Date: Mon, 23 May 2005 22:38:34 GMT ● Server: Apache/1.3.3.7 (Unix) (Red-Hat/Linux) ● Last-Modified: Wed, 08 Jan 2003 23:11:55 GMT ● Etag: "3f80f-1b6-3e1cb03b" ● Accept-Ranges: bytes ● Content-Length: 438 ● Connection: close ● Content-Type: text/html; charset=UTF-8
- 18. Cookies ● Cookies are values determined by the server that are stored by the client ● The client automatically sends the cookie value on every request to the server
- 19. REST-Based Architecture ● Problem: what I described is static. We need to execute code to have Web Applications ● Principles: – Everything goes through the resources. Resources are different than the representation given to the clients – Resources can be manipulated through the representation – Each message is self-descriptive – Hypermedia contains the application state
- 20. Essentially ● Applications react to queries from the clients only. Nothing happens without a query. ● Resource access is free to trigger any processing