1 / 17

TELE3118 extras F or week 7/8

TELE3118 extras F or week 7/8. Presentation example. DNS. domain config example: tele3118.net http :// who.is/whois/tele3118.net www.root-servers.org online viewing of DNS queries & responses: http://www.analogx.com/contents/dnsdig.htm chrome ://net-internals/#dns.

savea
Download Presentation

TELE3118 extras F or week 7/8

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. TELE3118 extras For week 7/8

  2. Presentation example

  3. DNS • domain config example: tele3118.net • http://who.is/whois/tele3118.net • www.root-servers.org • online viewing of DNS queries & responses: http://www.analogx.com/contents/dnsdig.htm • chrome://net-internals/#dns

  4. Wireshark example: Query More examples at http://uluru.ee.unsw.edu.au/~tim/zoo/index.html#dns 31186J

  5. Wireshark example: Response 3118LW

  6. DNS retransmission

  7. DIY: client software • Names of programs:Originally “nslookup” (name server lookup) Windows: Still called nslookup Linux: nslookup (deprecated) host, dig (“Domain Internet Groper”) • Configuration e.g. specify local domain and default servers Through DHCP, or • Windows: Control Panel -> Network Properties • Linux: /etc/resolv.conf • Control of name cache: Windows: ipconfig (e.g. with /displaydns and /flushdns options) Linux: name service cache daemon (nscd) 31188O

  8. Connection: & Keep-Alive: Give control of HTTP/1.1 persistence • “Connection: Close”: Indicates desire not to persist (without closing TCP connection, which might disrupt flow?) • “Connection: keep-alive”: Desire to control persistence, e.g. with “Keep-Alive: 300” Persist for 300 sec, despite server default (15 sec for Apache)

  9. Extension material follows • DNS for firewalling • DNS and search • Analytics • Cookies

  10. The Great fireWall of China Uses several mechanisms to filter access 1 is DNS poisoning: Firewall responds to DNS requests with incorrect information e.g. lookup facebook.com from within China -> 78.16.49.15 which RIPE reports belongs to Esat Telecommunications in Ireland Reports of banned names appearing with other domain as suffix (e.g. “facebook.com.example.com”) also return incorrect results rather than DNE error. Presumably to hinder proxies. 3118ZO

  11. DNS and search “The point of I'm Feeling Lucky was to replace the domain name system for navigation” Page said in 2002. Both Page and Brin hoped that instead of guessing what was the address of their web destination, they'd just “go to Google.” - S. Levy: In the plex: how Google thinks, works, and shapes our lives, Simon & Schuster, 2011, p. 31 311815

  12. Referer:† & analytics Would like to track client’s path through web: • How did they reach this web site? • What path do they take through this site?=> Optimise site design site (e.g. minimise steps to purchase, direct clients on desired path) • Which pages have stale links to objects that are Not Found? Referer: = URI of page that links to object being requested Referer: line omitted if object not requested via link, e.g. URL entered in browser address bar Web site analytics businesses/software interprets referral paths • May involve embedding links in pages • e.g. Google Analytics † The HTTP spec includes a typo (“Referer” not “Referrer”) which implementations must now perpetuate

  13. Extract of typical access_log Format: Client [date] Request Status Bytes RefererUser-Agent discuss 149.171.236.136 - - [26/Aug/2009:14:17:31 +1000]"GET /~tim/zoo/index.html HTTP/1.1" 200 21005 "-""Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30618)" 149.171.236.136 - - [26/Aug/2009:14:18:00 +1000]"GET /~tim/zoo/5d8baf3e.pcap HTTP/1.1" 200 10628 "http://uluru.ee.unsw.edu.au/~tim/zoo/index.html" "Mozilla…" 149.171.236.136 - - [26/Aug/2009:14:18:01 +1000]"GET /~tim/zoo/5d8baf3e.pcap HTTP/1.1" 206 10628 "http://uluru.ee.unsw.edu.au/~tim/zoo/" "Mozilla…" bcano.tcif.telstra.com.au - - [26/Aug/2009:14:22:51 +1000]"GET /~tim/zoo/index.html HTTP/1.1" 200 21005 "http://www.google.com/search?hl=en&rls=com.microsoft%3Aen-US&q=wireshark+snmp+fragments&aq=f&oq=&aqi=" "Mozilla…" bcano.tcif.telstra.com.au - - [26/Aug/2009:14:23:15 +1000]"GET /~tim/zoo/b925588b.pcap HTTP/1.1" 200 299 "http://uluru.ee.unsw.edu.au/~tim/zoo/index.html" "Mozilla…" crawl-66-249-71-58.googlebot.com - - [09/Sep/2009:20:33:00 +1000] "GET /~tim/zoo/index.html HTTP/1.1" 200 23989 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" crawl-66-249-71-58.googlebot.com - - [09/Sep/2009:22:20:08 +1000] "GET /~tim/zoo/167e2456.pcap HTTP/1.1" 200 1640 "-" "Mozilla…" crawl-66-249-71-58.googlebot.com - - [09/Sep/2009:22:20:09 +1000] "GET /~tim/zoo/51375378.pcap HTTP/1.1" 200 876 "-" "Mozilla…"

  14. State info for web access • User identity • “shopping basket” of selected goods • Site personalisation, values for form fields etc • registration – have they paid for the service, do we know their email address, etc • tracking, e.g. newspaper: what advertisements do people who read this sort of article read? → tune advertising for higher impact can raise privacy concerns • Load sharing – direct request to preferred server in server farm

  15. Cookies† Process: • Client requests information from server • Server responds, including state information • Client stores state information, associates it with server • Client includes state information with subsequent requests to server Bottom line: Server doesn’t have to store state info. † So named because like an edible cookie that leaves a trail of crumbs, electronic cookies record a trail of past actions, i.e. record state info. aka “handle”, “transaction ID”, or “token”

  16. client server usual http request msg Cookie file ebay: 8734 usual http response + Set-cookie: 1678 Cookie file usual http request msg cookie: 1678 cookie- specific action amazon: 1678 ebay: 8734 usual http response msg usual http request msg cookie: 1678 Cookie file cookie- spectific action amazon: 1678 ebay: 8734 usual http response msg Cookies: keeping “state” (cont.) server creates ID 1678 for user entry in backend database access access one week later: Slide from Kurose and Ross

  17. Cookies when buying copies of Stevens Add volume 1 (ISBN: 0201634953) to the shopping basket POST /shopping/BasketAdd.asp HTTP/1.1\r\n ... Cookie: BIGipServerdymocks-http=1038178763.20480.0000; ASPSESSIONIDQQQGGWFC=DHHLDGMCJCIFHDKNOCFEEDHJ\r\n \r\n Data (47 bytes) 0000 50 72 6f 64 75 63 74 5f 49 44 3d 30 32 30 31 36 Product_ID=02016 0010 33 34 39 35 33 26 49 4d 41 47 45 31 2e 78 3d 32 34953 ... HTTP/1.1 100 Continue\r\n Set-Cookie: BIGipServerdymocks-http=1038178763.20480.0000; expires=Wed, 19-Mar-2003 12:23:28 GMT; path=/\r\n HTTP/1.1 302 Object moved\r\n Set-Cookie: MSCSProfile=61E4CECF7275066FD87B9817DA5865CB01E8624F84600C0D... POST /Shopping/BasketAdd.asp HTTP/1.1\r\n Cookie: BIGipServerdymocks-http=1038178763.20480.0000; ASPSESSIONIDQQQGGWFC=DHHLDGMCJCIFHDKNOCFEEDHJ; MSCSProfile=61E4CECF7275066FD87B9817DA5865CB01E8624F84600C0D... Data (33 bytes) 0000 50 72 6f 64 75 63 74 5f 49 44 3d 30 32 30 31 36 Product_ID=02016 0010 33 33 35 34 58 26 78 3d 32 38 26 79 3d 31 33 0d 3354X ... Server responds by setting 2 cookies Add volume 2 (ISBN 020163354X) to the shopping basket

More Related