SlideShare una empresa de Scribd logo

Networking Concepts

n|u - The Open Security Community
n|u - The Open Security Community

This document provides an overview of fundamental networking and web architecture concepts. It discusses the OSI 7-layer model, network topologies like star and bus, networking terms like client and server, protocols like IP, TCP, UDP, and DNS, internet architecture with TCP/IP, static web architecture using HTTP and HTML, and REST-based architecture where resources are manipulated through representations.

Tecnología
1 de 20
Descargar para leer sin conexión
Fundamental Concepts OWASP Hyderabad Oct 10th, 2009 Marc-André Laverdière
Agenda ● Network Basics ● IP, TCP, UDP, DNS ● Internet Architecture ● Static Web architecture ● HTTP features ● REST-based architecture (P.S. All images courtesy of Wikipedia)
Network Basics ● OSI 7 Layer Model
Network Topologies ● Point to point: using a switch or dedicated wiring ● Bus: common wire, like in cable internet ● Star: central hub ● Ring: token ring ● Mesh: redudancies ● Tree: hierarchical
Network Terms ● Client: computer that requests a service ● Server: computer that fulfills the request ● Gateway: point of contact to another network ● Proxy: intermediary for making requests to servers. Often caches resources ● Router: forwards information ● Hub: connects many network segments ● Switch: more efficient hub ● Link: connection between two points
IP ● IP: Internet Protocol ● Used to send packets between point A and point B ● No delivery guarantee ● Two current versions: IPv4 and IPv6
IPv4 vs IPv6 ● IPv6 adds many features to IPv4: – Greater address space – Supports autoconfiguration – Multicast – Mandatory IPSec (encryption, authentication, tunelling) – Removed rare fields, redundant checksum – Larger max packet size (4GB) – Support for mobile devices
NAT ● Network Address Translation, used with IP masquerading ● Used to make one IP address as front-end for many. E.g. Wireless hub+router ● Gateway rewrites the packets so that they look like they all originate from the gateway ● Breaks some applications, like SIP and some peer-to-peer clients
TCP ● Transmission Control Protocol ● Allows reliable transmissions ● Error detection ● Flow/congestion control ● Add concept of port ● Connection-based
UDP ● User Datagram Protocol ● Ports ● Fast ● No integrity checking/resending
DNS ● Domain Name System ● UDP main ● Some TCP ● 13 root clusters
Internet Architecture ● Interconnected computer networks ● TCP/IP ● DNS ● Lots of hardware ● Supports many things – WWW – Email – Usenet – IRC
Static Web Architecture ● Www: portion of the Internet for retrieval of hyperdocuments ● Multiple clients, multiple servers ● All resources are static ● Documents can include or refer to other resources ● Resources are organized under websites ● DNS, HTTP, HTML
HTTP ● HyperText Transfer ● Verbs: Protocol – HEAD: get metadata ● Text-based – GET: get a resource POST: submit data to a ● Binary content must be – resource encoded (often – PUT: upload a resource Base64) – DELETE ● One connection per – TRACE: echo back the request (HTTP 1.0) or request one connection for – OPTIONS: list supported many (HTTP 1.1) methods ● Stateless – CONNECT: create a tunnel
HTTP Request ● User-Agent Opera/9.64 (X11; Linux i686; U; en) Presto/2.1.1 ● Host www.wired.com ● Accept text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 ● Accept-Language en-IN,en;q=0.9 ● Accept-Charset iso-8859-1, utf-8, utf-16, *;q=0.1 ● Accept-Encoding deflate, gzip, x-gzip, identity, *;q=0 ● Cookie [cut] ● Cookie2 $Version=1 ● Proxy-Connection Keep-Alive
HTTP Response Header ● HTTP/1.1 200 OK ● Date: Mon, 23 May 2005 22:38:34 GMT ● Server: Apache/1.3.3.7 (Unix) (Red-Hat/Linux) ● Last-Modified: Wed, 08 Jan 2003 23:11:55 GMT ● Etag: "3f80f-1b6-3e1cb03b" ● Accept-Ranges: bytes ● Content-Length: 438 ● Connection: close ● Content-Type: text/html; charset=UTF-8
Cookies ● Cookies are values determined by the server that are stored by the client ● The client automatically sends the cookie value on every request to the server
REST-Based Architecture ● Problem: what I described is static. We need to execute code to have Web Applications ● Principles: – Everything goes through the resources. Resources are different than the representation given to the clients – Resources can be manipulated through the representation – Each message is self-descriptive – Hypermedia contains the application state
Essentially ● Applications react to queries from the clients only. Nothing happens without a query. ● Resource access is free to trigger any processing

Recomendados

Redis vs Infinispan | DevNation Tech Talk
Redis vs Infinispan | DevNation Tech TalkRedis vs Infinispan | DevNation Tech Talk
Redis vs Infinispan | DevNation Tech TalkRed Hat Developers
 
Scale out backups-with_bareos_and_gluster
Scale out backups-with_bareos_and_glusterScale out backups-with_bareos_and_gluster
Scale out backups-with_bareos_and_glusterGluster.org
 
Developing apps and_integrating_with_gluster_fs_-_libgfapi
Developing apps and_integrating_with_gluster_fs_-_libgfapiDeveloping apps and_integrating_with_gluster_fs_-_libgfapi
Developing apps and_integrating_with_gluster_fs_-_libgfapiGluster.org
 
20160130 Gluster-roadmap
20160130 Gluster-roadmap20160130 Gluster-roadmap
20160130 Gluster-roadmapGluster.org
 
Gluster fs current_features_and_roadmap
Gluster fs current_features_and_roadmapGluster fs current_features_and_roadmap
Gluster fs current_features_and_roadmapGluster.org
 
Gluster intro-tdose
Gluster intro-tdoseGluster intro-tdose
Gluster intro-tdoseGluster.org
 
Lcna tutorial-2012
Lcna tutorial-2012Lcna tutorial-2012
Lcna tutorial-2012Gluster.org
 
Smb gluster devmar2013
Smb gluster devmar2013Smb gluster devmar2013
Smb gluster devmar2013Gluster.org
 

Recomendados

Redis vs Infinispan | DevNation Tech Talk
Redis vs Infinispan | DevNation Tech TalkRedis vs Infinispan | DevNation Tech Talk
Redis vs Infinispan | DevNation Tech TalkRed Hat Developers
 
Scale out backups-with_bareos_and_gluster
Scale out backups-with_bareos_and_glusterScale out backups-with_bareos_and_gluster
Scale out backups-with_bareos_and_glusterGluster.org
 
Developing apps and_integrating_with_gluster_fs_-_libgfapi
Developing apps and_integrating_with_gluster_fs_-_libgfapiDeveloping apps and_integrating_with_gluster_fs_-_libgfapi
Developing apps and_integrating_with_gluster_fs_-_libgfapiGluster.org
 
20160130 Gluster-roadmap
20160130 Gluster-roadmap20160130 Gluster-roadmap
20160130 Gluster-roadmapGluster.org
 
Gluster fs current_features_and_roadmap
Gluster fs current_features_and_roadmapGluster fs current_features_and_roadmap
Gluster fs current_features_and_roadmapGluster.org
 
Gluster intro-tdose
Gluster intro-tdoseGluster intro-tdose
Gluster intro-tdoseGluster.org
 
Lcna tutorial-2012
Lcna tutorial-2012Lcna tutorial-2012
Lcna tutorial-2012Gluster.org
 
Smb gluster devmar2013
Smb gluster devmar2013Smb gluster devmar2013
Smb gluster devmar2013Gluster.org
 
The Internet of Things ... Babel
The Internet of Things ... BabelThe Internet of Things ... Babel
The Internet of Things ... BabelNaLUG
 
Sdc challenges-2012
Sdc challenges-2012Sdc challenges-2012
Sdc challenges-2012Gluster.org
 
Qemu gluster fs
Qemu gluster fsQemu gluster fs
Qemu gluster fsGluster.org
 
Lisa 2015-gluster fs-introduction
Lisa 2015-gluster fs-introductionLisa 2015-gluster fs-introduction
Lisa 2015-gluster fs-introductionGluster.org
 
20160401 Gluster-roadmap
20160401 Gluster-roadmap20160401 Gluster-roadmap
20160401 Gluster-roadmapGluster.org
 
Gluster d2
Gluster d2Gluster d2
Gluster d2Gluster.org
 
Disperse xlator ramon_datalab
Disperse xlator ramon_datalabDisperse xlator ramon_datalab
Disperse xlator ramon_datalabGluster.org
 
Leases and-caching final
Leases and-caching finalLeases and-caching final
Leases and-caching finalGluster.org
 
MoP(MQTT on Pulsar) - a Powerful Tool for Apache Pulsar in IoT - Pulsar Summi...
MoP(MQTT on Pulsar) - a Powerful Tool for Apache Pulsar in IoT - Pulsar Summi...MoP(MQTT on Pulsar) - a Powerful Tool for Apache Pulsar in IoT - Pulsar Summi...
MoP(MQTT on Pulsar) - a Powerful Tool for Apache Pulsar in IoT - Pulsar Summi...StreamNative
 
Debugging with-wireshark-niels-de-vos
Debugging with-wireshark-niels-de-vosDebugging with-wireshark-niels-de-vos
Debugging with-wireshark-niels-de-vosGluster.org
 
Lcna example-2012
Lcna example-2012Lcna example-2012
Lcna example-2012Gluster.org
 
Nsq & python worker
Nsq & python workerNsq & python worker
Nsq & python workerFelinx Lee
 
Sdc 2012-challenges
Sdc 2012-challengesSdc 2012-challenges
Sdc 2012-challengesGluster.org
 
HornetQ Presentation On JBoss World 2009
HornetQ Presentation On JBoss World 2009HornetQ Presentation On JBoss World 2009
HornetQ Presentation On JBoss World 2009jarfield
 
20160401 guster-roadmap
20160401 guster-roadmap20160401 guster-roadmap
20160401 guster-roadmapGluster.org
 
GlusterFs Architecture & Roadmap - LinuxCon EU 2013
GlusterFs Architecture & Roadmap - LinuxCon EU 2013GlusterFs Architecture & Roadmap - LinuxCon EU 2013
GlusterFs Architecture & Roadmap - LinuxCon EU 2013Gluster.org
 
Webserver
WebserverWebserver
WebserverARYA TM
 
Modern Distributed Messaging and RPC
Modern Distributed Messaging and RPCModern Distributed Messaging and RPC
Modern Distributed Messaging and RPCMax Alexejev
 
Introduction to highly_availablenfs_server_on_scale-out_storage_systems_based...
Introduction to highly_availablenfs_server_on_scale-out_storage_systems_based...Introduction to highly_availablenfs_server_on_scale-out_storage_systems_based...
Introduction to highly_availablenfs_server_on_scale-out_storage_systems_based...Gluster.org
 
GlusterD 2.0 - Managing Distributed File System Using a Centralized Store
GlusterD 2.0 - Managing Distributed File System Using a Centralized StoreGlusterD 2.0 - Managing Distributed File System Using a Centralized Store
GlusterD 2.0 - Managing Distributed File System Using a Centralized StoreAtin Mukherjee
 
Physical Layer
Physical LayerPhysical Layer
Physical LayerRutwik Jadhav
 
Subneting and vlsm ntpg (1)
Subneting and vlsm ntpg (1)Subneting and vlsm ntpg (1)
Subneting and vlsm ntpg (1)Sachii Dosti
 

Más contenido relacionado

La actualidad más candente

The Internet of Things ... Babel
The Internet of Things ... BabelThe Internet of Things ... Babel
The Internet of Things ... BabelNaLUG
 
Sdc challenges-2012
Sdc challenges-2012Sdc challenges-2012
Sdc challenges-2012Gluster.org
 
Lisa 2015-gluster fs-introduction
Lisa 2015-gluster fs-introductionLisa 2015-gluster fs-introduction
Lisa 2015-gluster fs-introductionGluster.org
 
20160401 Gluster-roadmap
20160401 Gluster-roadmap20160401 Gluster-roadmap
20160401 Gluster-roadmapGluster.org
 
Disperse xlator ramon_datalab
Disperse xlator ramon_datalabDisperse xlator ramon_datalab
Disperse xlator ramon_datalabGluster.org
 
Leases and-caching final
Leases and-caching finalLeases and-caching final
Leases and-caching finalGluster.org
 
MoP(MQTT on Pulsar) - a Powerful Tool for Apache Pulsar in IoT - Pulsar Summi...
MoP(MQTT on Pulsar) - a Powerful Tool for Apache Pulsar in IoT - Pulsar Summi...MoP(MQTT on Pulsar) - a Powerful Tool for Apache Pulsar in IoT - Pulsar Summi...
MoP(MQTT on Pulsar) - a Powerful Tool for Apache Pulsar in IoT - Pulsar Summi...StreamNative
 
Debugging with-wireshark-niels-de-vos
Debugging with-wireshark-niels-de-vosDebugging with-wireshark-niels-de-vos
Debugging with-wireshark-niels-de-vosGluster.org
 
Lcna example-2012
Lcna example-2012Lcna example-2012
Lcna example-2012Gluster.org
 
Nsq & python worker
Nsq & python workerNsq & python worker
Nsq & python workerFelinx Lee
 
Sdc 2012-challenges
Sdc 2012-challengesSdc 2012-challenges
Sdc 2012-challengesGluster.org
 
HornetQ Presentation On JBoss World 2009
HornetQ Presentation On JBoss World 2009HornetQ Presentation On JBoss World 2009
HornetQ Presentation On JBoss World 2009jarfield
 
20160401 guster-roadmap
20160401 guster-roadmap20160401 guster-roadmap
20160401 guster-roadmapGluster.org
 
GlusterFs Architecture & Roadmap - LinuxCon EU 2013
GlusterFs Architecture & Roadmap - LinuxCon EU 2013GlusterFs Architecture & Roadmap - LinuxCon EU 2013
GlusterFs Architecture & Roadmap - LinuxCon EU 2013Gluster.org
 
Webserver
WebserverWebserver
WebserverARYA TM
 
Modern Distributed Messaging and RPC
Modern Distributed Messaging and RPCModern Distributed Messaging and RPC
Modern Distributed Messaging and RPCMax Alexejev
 
Introduction to highly_availablenfs_server_on_scale-out_storage_systems_based...
Introduction to highly_availablenfs_server_on_scale-out_storage_systems_based...Introduction to highly_availablenfs_server_on_scale-out_storage_systems_based...
Introduction to highly_availablenfs_server_on_scale-out_storage_systems_based...Gluster.org
 
GlusterD 2.0 - Managing Distributed File System Using a Centralized Store
GlusterD 2.0 - Managing Distributed File System Using a Centralized StoreGlusterD 2.0 - Managing Distributed File System Using a Centralized Store
GlusterD 2.0 - Managing Distributed File System Using a Centralized StoreAtin Mukherjee
 

La actualidad más candente (20)

The Internet of Things ... Babel
The Internet of Things ... BabelThe Internet of Things ... Babel
The Internet of Things ... Babel
 
Sdc challenges-2012
Sdc challenges-2012Sdc challenges-2012
Sdc challenges-2012
 
Qemu gluster fs
Qemu gluster fsQemu gluster fs
Qemu gluster fs
 
Lisa 2015-gluster fs-introduction
Lisa 2015-gluster fs-introductionLisa 2015-gluster fs-introduction
Lisa 2015-gluster fs-introduction
 
20160401 Gluster-roadmap
20160401 Gluster-roadmap20160401 Gluster-roadmap
20160401 Gluster-roadmap
 
Gluster d2
Gluster d2Gluster d2
Gluster d2
 
Disperse xlator ramon_datalab
Disperse xlator ramon_datalabDisperse xlator ramon_datalab
Disperse xlator ramon_datalab
 
Leases and-caching final
Leases and-caching finalLeases and-caching final
Leases and-caching final
 
MoP(MQTT on Pulsar) - a Powerful Tool for Apache Pulsar in IoT - Pulsar Summi...
MoP(MQTT on Pulsar) - a Powerful Tool for Apache Pulsar in IoT - Pulsar Summi...MoP(MQTT on Pulsar) - a Powerful Tool for Apache Pulsar in IoT - Pulsar Summi...
MoP(MQTT on Pulsar) - a Powerful Tool for Apache Pulsar in IoT - Pulsar Summi...
 
Debugging with-wireshark-niels-de-vos
Debugging with-wireshark-niels-de-vosDebugging with-wireshark-niels-de-vos
Debugging with-wireshark-niels-de-vos
 
Lcna example-2012
Lcna example-2012Lcna example-2012
Lcna example-2012
 
Nsq & python worker
Nsq & python workerNsq & python worker
Nsq & python worker
 
Sdc 2012-challenges
Sdc 2012-challengesSdc 2012-challenges
Sdc 2012-challenges
 
HornetQ Presentation On JBoss World 2009
HornetQ Presentation On JBoss World 2009HornetQ Presentation On JBoss World 2009
HornetQ Presentation On JBoss World 2009
 
20160401 guster-roadmap
20160401 guster-roadmap20160401 guster-roadmap
20160401 guster-roadmap
 
GlusterFs Architecture & Roadmap - LinuxCon EU 2013
GlusterFs Architecture & Roadmap - LinuxCon EU 2013GlusterFs Architecture & Roadmap - LinuxCon EU 2013
GlusterFs Architecture & Roadmap - LinuxCon EU 2013
 
Webserver
WebserverWebserver
Webserver
 
Modern Distributed Messaging and RPC
Modern Distributed Messaging and RPCModern Distributed Messaging and RPC
Modern Distributed Messaging and RPC
 
Introduction to highly_availablenfs_server_on_scale-out_storage_systems_based...
Introduction to highly_availablenfs_server_on_scale-out_storage_systems_based...Introduction to highly_availablenfs_server_on_scale-out_storage_systems_based...
Introduction to highly_availablenfs_server_on_scale-out_storage_systems_based...
 
GlusterD 2.0 - Managing Distributed File System Using a Centralized Store
GlusterD 2.0 - Managing Distributed File System Using a Centralized StoreGlusterD 2.0 - Managing Distributed File System Using a Centralized Store
GlusterD 2.0 - Managing Distributed File System Using a Centralized Store
 

Destacado

Subneting and vlsm ntpg (1)
Subneting and vlsm ntpg (1)Subneting and vlsm ntpg (1)
Subneting and vlsm ntpg (1)Sachii Dosti
 
Network technology Paper 2
Network technology Paper 2Network technology Paper 2
Network technology Paper 2Sachii Dosti
 
Network technology paper
Network technology paperNetwork technology paper
Network technology paperSachii Dosti
 
OSI Physical Layer
OSI Physical LayerOSI Physical Layer
OSI Physical LayerSachii Dosti
 
Chapter 07 - Transport Layer
Chapter 07 - Transport LayerChapter 07 - Transport Layer
Chapter 07 - Transport LayerYaser Rahmati
 
Subneting and vlsm ntpg
Subneting and vlsm ntpgSubneting and vlsm ntpg
Subneting and vlsm ntpgSachii Dosti
 
ion exchange chromatography
ion exchange chromatographyion exchange chromatography
ion exchange chromatographyShamili Kaparthi
 

Destacado (10)

Physical Layer
Physical LayerPhysical Layer
Physical Layer
 
Subneting and vlsm ntpg (1)
Subneting and vlsm ntpg (1)Subneting and vlsm ntpg (1)
Subneting and vlsm ntpg (1)
 
Network technology Paper 2
Network technology Paper 2Network technology Paper 2
Network technology Paper 2
 
Network technology paper
Network technology paperNetwork technology paper
Network technology paper
 
OSI Physical Layer
OSI Physical LayerOSI Physical Layer
OSI Physical Layer
 
Chapter 07 - Transport Layer
Chapter 07 - Transport LayerChapter 07 - Transport Layer
Chapter 07 - Transport Layer
 
OSI Network Layer
OSI Network LayerOSI Network Layer
OSI Network Layer
 
Subneting and vlsm ntpg
Subneting and vlsm ntpgSubneting and vlsm ntpg
Subneting and vlsm ntpg
 
ion exchange chromatography
ion exchange chromatographyion exchange chromatography
ion exchange chromatography
 
UV visible spectroscopy
UV visible spectroscopyUV visible spectroscopy
UV visible spectroscopy
 

Similar a Networking Concepts

Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the Web
Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the WebCleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the Web
Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the WebSteffen Gebert
 
gRPC Design and Implementation
gRPC Design and ImplementationgRPC Design and Implementation
gRPC Design and ImplementationVarun Talwar
 
Web technologies: recap on TCP-IP
Web technologies: recap on TCP-IPWeb technologies: recap on TCP-IP
Web technologies: recap on TCP-IPPiero Fraternali
 
HTTP2 in action - Piet Van Dongen - Codemotion Amsterdam 2017
HTTP2 in action - Piet Van Dongen - Codemotion Amsterdam 2017HTTP2 in action - Piet Van Dongen - Codemotion Amsterdam 2017
HTTP2 in action - Piet Van Dongen - Codemotion Amsterdam 2017Codemotion
 
Computer network (10)
Computer network (10)Computer network (10)
Computer network (10)NYversity
 
Networks Have Layers - Understanding The OSI Model
Networks Have Layers - Understanding The OSI ModelNetworks Have Layers - Understanding The OSI Model
Networks Have Layers - Understanding The OSI ModelBrandon Checketts
 
RPC in Smalltalk
RPC in Smalltalk RPC in Smalltalk
RPC in SmalltalkESUG
 
Design Web Service API by HungerStation
Design Web Service API by HungerStationDesign Web Service API by HungerStation
Design Web Service API by HungerStationArabNet ME
 
Apache HTTPd Server 2.2 Presentation
Apache HTTPd Server 2.2 PresentationApache HTTPd Server 2.2 Presentation
Apache HTTPd Server 2.2 Presentationultimatetux
 
Building high performance microservices in finance with Apache Thrift
Building high performance microservices in finance with Apache ThriftBuilding high performance microservices in finance with Apache Thrift
Building high performance microservices in finance with Apache ThriftRX-M Enterprises LLC
 
.NET Conf 2022 - Networking in .NET 7
.NET Conf 2022 - Networking in .NET 7.NET Conf 2022 - Networking in .NET 7
.NET Conf 2022 - Networking in .NET 7Karel Zikmund
 
There and back again
There and back againThere and back again
There and back againJon Spriggs
 
Linux Hosting Training Course Level 1-2
Linux Hosting Training Course Level 1-2Linux Hosting Training Course Level 1-2
Linux Hosting Training Course Level 1-2Ramy Allam
 
LEC_10_Week_10_Server_Configuration_in_Linux.pdf
LEC_10_Week_10_Server_Configuration_in_Linux.pdfLEC_10_Week_10_Server_Configuration_in_Linux.pdf
LEC_10_Week_10_Server_Configuration_in_Linux.pdfMahtabAhmedQureshi
 
Network tunneling techniques
Network tunneling techniquesNetwork tunneling techniques
Network tunneling techniquesinbroker
 
Linux advanced concepts - Part 2
Linux advanced concepts - Part 2Linux advanced concepts - Part 2
Linux advanced concepts - Part 2NAILBITER
 
CN 6131(15) Module IV.pdf
CN 6131(15) Module IV.pdfCN 6131(15) Module IV.pdf
CN 6131(15) Module IV.pdfAsifSalim12
 

Similar a Networking Concepts (20)

Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the Web
Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the WebCleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the Web
Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the Web
 
gRPC Design and Implementation
gRPC Design and ImplementationgRPC Design and Implementation
gRPC Design and Implementation
 
Web technologies: recap on TCP-IP
Web technologies: recap on TCP-IPWeb technologies: recap on TCP-IP
Web technologies: recap on TCP-IP
 
HTTP2 in action - Piet Van Dongen - Codemotion Amsterdam 2017
HTTP2 in action - Piet Van Dongen - Codemotion Amsterdam 2017HTTP2 in action - Piet Van Dongen - Codemotion Amsterdam 2017
HTTP2 in action - Piet Van Dongen - Codemotion Amsterdam 2017
 
Computer network (10)
Computer network (10)Computer network (10)
Computer network (10)
 
Networks Have Layers - Understanding The OSI Model
Networks Have Layers - Understanding The OSI ModelNetworks Have Layers - Understanding The OSI Model
Networks Have Layers - Understanding The OSI Model
 
RPC in Smalltalk
RPC in Smalltalk RPC in Smalltalk
RPC in Smalltalk
 
Linux Servers
Linux ServersLinux Servers
Linux Servers
 
Design Web Service API by HungerStation
Design Web Service API by HungerStationDesign Web Service API by HungerStation
Design Web Service API by HungerStation
 
Apache HTTPd Server 2.2 Presentation
Apache HTTPd Server 2.2 PresentationApache HTTPd Server 2.2 Presentation
Apache HTTPd Server 2.2 Presentation
 
Building high performance microservices in finance with Apache Thrift
Building high performance microservices in finance with Apache ThriftBuilding high performance microservices in finance with Apache Thrift
Building high performance microservices in finance with Apache Thrift
 
.NET Conf 2022 - Networking in .NET 7
.NET Conf 2022 - Networking in .NET 7.NET Conf 2022 - Networking in .NET 7
.NET Conf 2022 - Networking in .NET 7
 
HTTP/2: What's new?
HTTP/2: What's new? HTTP/2: What's new?
HTTP/2: What's new?
 
There and back again
There and back againThere and back again
There and back again
 
Linux Hosting Training Course Level 1-2
Linux Hosting Training Course Level 1-2Linux Hosting Training Course Level 1-2
Linux Hosting Training Course Level 1-2
 
LEC_10_Week_10_Server_Configuration_in_Linux.pdf
LEC_10_Week_10_Server_Configuration_in_Linux.pdfLEC_10_Week_10_Server_Configuration_in_Linux.pdf
LEC_10_Week_10_Server_Configuration_in_Linux.pdf
 
From Device to Data Center to Insights
From Device to Data Center to InsightsFrom Device to Data Center to Insights
From Device to Data Center to Insights
 
Network tunneling techniques
Network tunneling techniquesNetwork tunneling techniques
Network tunneling techniques
 
Linux advanced concepts - Part 2
Linux advanced concepts - Part 2Linux advanced concepts - Part 2
Linux advanced concepts - Part 2
 
CN 6131(15) Module IV.pdf
CN 6131(15) Module IV.pdfCN 6131(15) Module IV.pdf
CN 6131(15) Module IV.pdf
 

Más de n|u - The Open Security Community

Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...n|u - The Open Security Community
 

Más de n|u - The Open Security Community (20)

Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)
 
Osint primer
Osint primerOsint primer
Osint primer
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
 
Introduction to TLS 1.3
Introduction to TLS 1.3Introduction to TLS 1.3
Introduction to TLS 1.3
 
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
 
Building active directory lab for red teaming
Building active directory lab for red teamingBuilding active directory lab for red teaming
Building active directory lab for red teaming
 
Owning a company through their logs
Owning a company through their logsOwning a company through their logs
Owning a company through their logs
 
Introduction to shodan
Introduction to shodanIntroduction to shodan
Introduction to shodan
 
Cloud security
Cloud security Cloud security
Cloud security
 
Detecting persistence in windows
Detecting persistence in windowsDetecting persistence in windows
Detecting persistence in windows
 
Frida - Objection Tool Usage
Frida - Objection Tool UsageFrida - Objection Tool Usage
Frida - Objection Tool Usage
 
OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Process
 
DevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -SecurityDevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -Security
 
Extensible markup language attacks
Extensible markup language attacksExtensible markup language attacks
Extensible markup language attacks
 
Linux for hackers
Linux for hackersLinux for hackers
Linux for hackers
 
Android Pentesting
Android PentestingAndroid Pentesting
Android Pentesting
 

Último

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)Samir Dash
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard37
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKJago de Vreede
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 

Último (20)

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 

Networking Concepts

  • 1. Fundamental Concepts OWASP Hyderabad Oct 10th, 2009 Marc-André Laverdière
  • 2. Agenda ● Network Basics ● IP, TCP, UDP, DNS ● Internet Architecture ● Static Web architecture ● HTTP features ● REST-based architecture (P.S. All images courtesy of Wikipedia)
  • 3. Network Basics ● OSI 7 Layer Model
  • 4. Network Topologies ● Point to point: using a switch or dedicated wiring ● Bus: common wire, like in cable internet ● Star: central hub ● Ring: token ring ● Mesh: redudancies ● Tree: hierarchical
  • 5. Network Terms ● Client: computer that requests a service ● Server: computer that fulfills the request ● Gateway: point of contact to another network ● Proxy: intermediary for making requests to servers. Often caches resources ● Router: forwards information ● Hub: connects many network segments ● Switch: more efficient hub ● Link: connection between two points
  • 6. IP ● IP: Internet Protocol ● Used to send packets between point A and point B ● No delivery guarantee ● Two current versions: IPv4 and IPv6
  • 7. IPv4 vs IPv6 ● IPv6 adds many features to IPv4: – Greater address space – Supports autoconfiguration – Multicast – Mandatory IPSec (encryption, authentication, tunelling) – Removed rare fields, redundant checksum – Larger max packet size (4GB) – Support for mobile devices
  • 8. NAT ● Network Address Translation, used with IP masquerading ● Used to make one IP address as front-end for many. E.g. Wireless hub+router ● Gateway rewrites the packets so that they look like they all originate from the gateway ● Breaks some applications, like SIP and some peer-to-peer clients
  • 9. TCP ● Transmission Control Protocol ● Allows reliable transmissions ● Error detection ● Flow/congestion control ● Add concept of port ● Connection-based
  • 10. UDP ● User Datagram Protocol ● Ports ● Fast ● No integrity checking/resending
  • 11. DNS ● Domain Name System ● UDP main ● Some TCP ● 13 root clusters
  • 12. Internet Architecture ● Interconnected computer networks ● TCP/IP ● DNS ● Lots of hardware ● Supports many things – WWW – Email – Usenet – IRC
  • 13.
  • 14. Static Web Architecture ● Www: portion of the Internet for retrieval of hyperdocuments ● Multiple clients, multiple servers ● All resources are static ● Documents can include or refer to other resources ● Resources are organized under websites ● DNS, HTTP, HTML
  • 15. HTTP ● HyperText Transfer ● Verbs: Protocol – HEAD: get metadata ● Text-based – GET: get a resource POST: submit data to a ● Binary content must be – resource encoded (often – PUT: upload a resource Base64) – DELETE ● One connection per – TRACE: echo back the request (HTTP 1.0) or request one connection for – OPTIONS: list supported many (HTTP 1.1) methods ● Stateless – CONNECT: create a tunnel
  • 16. HTTP Request ● User-Agent Opera/9.64 (X11; Linux i686; U; en) Presto/2.1.1 ● Host www.wired.com ● Accept text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 ● Accept-Language en-IN,en;q=0.9 ● Accept-Charset iso-8859-1, utf-8, utf-16, *;q=0.1 ● Accept-Encoding deflate, gzip, x-gzip, identity, *;q=0 ● Cookie [cut] ● Cookie2 $Version=1 ● Proxy-Connection Keep-Alive
  • 17. HTTP Response Header ● HTTP/1.1 200 OK ● Date: Mon, 23 May 2005 22:38:34 GMT ● Server: Apache/1.3.3.7 (Unix) (Red-Hat/Linux) ● Last-Modified: Wed, 08 Jan 2003 23:11:55 GMT ● Etag: "3f80f-1b6-3e1cb03b" ● Accept-Ranges: bytes ● Content-Length: 438 ● Connection: close ● Content-Type: text/html; charset=UTF-8
  • 18. Cookies ● Cookies are values determined by the server that are stored by the client ● The client automatically sends the cookie value on every request to the server
  • 19. REST-Based Architecture ● Problem: what I described is static. We need to execute code to have Web Applications ● Principles: – Everything goes through the resources. Resources are different than the representation given to the clients – Resources can be manipulated through the representation – Each message is self-descriptive – Hypermedia contains the application state
  • 20. Essentially ● Applications react to queries from the clients only. Nothing happens without a query. ● Resource access is free to trigger any processing