Corporation in the Middle. Lee
|
|
- Silas George
- 5 years ago
- Views:
Transcription
1 Corporation in the Middle Lee
2 MITM vs Everything Else
3 Detection
4
5
6
7 o_o
8 How, what, why, when?
9 Capture all the Packets
10 PCAP Tools tcpdump mergecap ntop wireshark tcpsplice pcapdiff tshark tcptrace tcpflow! captcp
11 SYN SYN/ACK ACK Client Server HTTP Request HTTP Response (Header & Data) More Data
12 SYN SYN/ACK ACK Client HTTP Request? Server? RST/PSH/ACK HTTP Response?
13 HTTP/ OK! Content-Type: text/html; charset=iso ! Content-Script-Type: text/javascript! Connection: close! Cache-Control: no-store, no-cache, must-revalidate, max-age=0! Expires: -1! Pragma: no-cache!! <html><head><noscript><meta http-equiv="refresh" content="0;url= policy=72&category=bytecap-075&"></noscript><title></title><script type="text/javascript">var version=2; var webserver=" ";</script><script type="text/javascript" src=" /ByteCap-075-EO-English/index.js"></script></ head><noscript><frameset><frame src=" noscript.pl?policy=72&category=bytecap-075&"></frameset></ noscript><body style="margin:0;"><script type="text/ javascript">bulletin("policy=72&category=bytecap-075&");</script></ body></html>
14 Fun with Firewalls
15 Content of messages! 36. Except where the Commission approves otherwise, a Canadian carrier shall not control the content or influence the meaning or purpose of telecommunications carried by it for the public. Telecommunications Act (S.C. 1993, c. 38)
16 ut wait, here s more.
17 SYN SYN/ACK ACK Client Server HTTP Request RST/PSH/ACK HTTP Response
18 SYN SYN/ACK ACK Client Server HTTP Request HTTP Response (Header & Data) Data
19 HTTP/ OK! Content-Type: text/html; charset=iso ! Content-Script-Type: text/html! Connection: close
20 Tests
21 Retention Time rewrite ^(.*)$ /index.php;!!!
22 OoB Indexing rewrite ^(.*)$ /index.php; + /etc/hosts +.htaccess
23 Document Format! <html> <head> <title>oh Hai</title> </head>
24 Document Format <!doctype html> <html> <head> <title>oh Hai</title> </head>
25 Mapping the Network
26 Traceroute ish
27 ttl=1 ttl expiry ttl=2 ttl=1 ttl expiry ttl=3 ttl=2 ttl=1 reply
28 tcptraceroute * * 5 * *!
29 Intercept Portscanning for i in `jot ` do tcptraceroute -f4 -m5 host $i done >> $i.log
30 tcptraceroute redux !!!
31 Intercept Portscanning nmap -ss -ttl 64 host
32 Which Interface?
33 Scapy sendp(ether(dst="02:1f:ba:20:4b:d2", src="10:2f:33:fe:b2:11")/ IP(src=" ", dst=" ",ttl=(1,30), options=ipoption('\x07'))/ TCP(sport=3125, dport=80, flags="s"), iface="en1")
34 So, that network Internal Management LAN
35 SYN SYN/ACK ACK Client Server TTL = 1 TTL = 2 TTL = 3 RST/PSH/ACK
36 What?
37 HTTP/ OK Date: Thu, 22 May :29:09 GMT Server: PerfTech Last-Modified: Thu, 17 Apr :42:01 GMT Accept-Ranges: bytes Content-Length: 2387 Connection: close Cache-Control: no-store, no-cache, mustrevalidate, max-age=0 Expires: -1 Pragma: no-cache Content-Type: application/x-javascript
38 Hints in Scripts // Copyright PerfTech, Inc., All Rights Reserved.!! extwebserver = " intwebserver = displayurl = "
39
40
41 Why So Bothered?
42 Why Metadata Matters They know you rang a phone sex service at 2:24 am and spoke for 18 minutes. But they don't know what you talked about.!! They know you called the suicide prevention hotline from the Golden Gate Bridge. But the topic of the call remains a secret.!! They know you spoke with an HIV testing service, then your doctor, then your health insurance company in the same hour. But they don't know what was discussed. Attribution: EFF 30C3 -Through Prism Darkly
43 GET / HTTP/1.1! Host: squarelemon.com! User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:25.0) Gecko/ Firefox/25.0! Accept: text/html,application/xhtml +xml,application/xml;q=0.9,*/*;q=0.8! Accept-Language: en-us,en;q=0.5! Accept-Encoding: gzip, deflate! Cookie: _pk_ses.4.9b83=*! Connection: keep-alive! If-Modified-Since: Fri, 18 Oct :45:41 GMT! Cache-Control: max-age=0
44 What could possibly go wrong? Photo Attribution: Tom
45
46 Attribution: cat NULL planet
47
48 I learnt Stuff!
49 Never attribute to malice that which is adequately explained by stupidity Enhancing Shareholder Value. Hanlon s Brotherston s Razor
50 Type a quote here. Johnny Appleseed
51
52 Internet provider subscriber communications system US B2
53 Internet advertising method and system using Web page US B2
54 Great Firewall of Cameron !!!!
55 RoadRunner via Marriot !!!
56 Thank you! Lee
World Wide Web, etc.
World Wide Web, etc. Alex S. Raw data-packets wouldn t be much use to humans if there weren t many application level protocols, such as SMTP (for e-mail), HTTP & HTML (for www), etc. 1 The Web The following
More informationHashCookies A Simple Recipe
OWASP London Chapter - 21st May 2009 HashCookies A Simple Recipe Take a cookie Add some salt Add a sequence number John Fitzpatrick Full paper at http://labs.mwrinfosecurity.com Structure What are hashcookies
More informationComputer Science 571 Exam #1 Prof. Papa Thursday, February 23, 2017, 6:00pm 7:20pm
Computer Science 571 Exam #1 Prof. Papa Thursday, February 23, 2017, 6:00pm 7:20pm Name: Student Id Number: 1. This is a closed book exam. 2. Please answer all questions. 3. Place all answers on the exam
More informationNetwork concepts introduction & wireshark. workshop
Network concepts introduction & workshop @KirilsSolovjovs ISO/OSI+DoD model Topics for our workshop Network layer models Ethernet, WiFi Layer3: ARP, ICMP, IPv4, IPv6 Layer4: UDP, TCP Routing Application
More informationNetwork concepts introduction & wireshark
Network concepts introduction & wireshark W0RKSH0P @KirilsSolovjovs Why am I doing this? Many people attending hacker conferences are not in fact experts, but come here to learn and have fun Opportunity
More informationApplications & Application-Layer Protocols: The Web & HTTP
CS 312 Internet Concepts Applications & Application-Layer Protocols: The Web & HTTP Dr. Michele Weigle Department of Computer Science Old Dominion University mweigle@cs.odu.edu http://www.cs.odu.edu/~mweigle/cs312-f11/
More informationHTTP Protocol and Server-Side Basics
HTTP Protocol and Server-Side Basics Web Programming Uta Priss ZELL, Ostfalia University 2013 Web Programming HTTP Protocol and Server-Side Basics Slide 1/26 Outline The HTTP protocol Environment Variables
More informationHTTP TRAFFIC CONSISTS OF REQUESTS AND RESPONSES. All HTTP traffic can be
3 HTTP Transactions HTTP TRAFFIC CONSISTS OF REQUESTS AND RESPONSES. All HTTP traffic can be associated with the task of requesting content or responding to those requests. Every HTTP message sent from
More informationProxying. Why and How. Alon Altman. Haifa Linux Club. Proxying p.1/24
Proxying p.1/24 Proxying Why and How Alon Altman alon@haifux.org Haifa Linux Club Proxying p.2/24 Definition proxy \Prox"y\, n.; pl. Proxies. The agency for another who acts through the agent; authority
More informationLAMP, WEB ARCHITECTURE, AND HTTP
CS 418 Web Programming Spring 2013 LAMP, WEB ARCHITECTURE, AND HTTP SCOTT G. AINSWORTH http://www.cs.odu.edu/~sainswor/cs418-s13/ 2 OUTLINE Assigned Reading Chapter 1 Configuring Your Installation pgs.
More informationThe HTTP protocol. Fulvio Corno, Dario Bonino. 08/10/09 http 1
The HTTP protocol Fulvio Corno, Dario Bonino 08/10/09 http 1 What is HTTP? HTTP stands for Hypertext Transfer Protocol It is the network protocol used to delivery virtually all data over the WWW: Images
More informationWEB SECURITY p.1
WEB SECURITY 101 - p.1 spritzers - CTF team spritz.math.unipd.it/spritzers.html Disclaimer All information presented here has the only purpose to teach how vulnerabilities work. Use them to win CTFs and
More informationIntroduction to HTTP. Jonathan Sillito
Introduction to HTTP Jonathan Sillito If you interested in working with a professor next Summer 2011 apply for an NSERC Undergraduate Student Award. Students must have a GPA of 3.0 or higher to be eligible.
More informationMatt Terwilliger. Networking Crash Course
Matt Terwilliger Networking Crash Course Before We Start Client/Server Model Client requests information from server over pre-established protocols. TCP/IP Model Application Layer Transport Layer Internet
More informationAssignment, part 2. Statement and concepts INFO-0010
Assignment, part 2 Statement and concepts INFO-0010 Outline Statement Implementation of concepts Objective Mastermind game using HTTP GET and HTTP POST methods The platform Architecture Root page ("/")
More informationApplications & Application-Layer Protocols: The Web & HTTP
CPSC 360 Network Programming Applications & Application-Layer Protocols: The Web & HTTP Michele Weigle Department of Computer Science Clemson University mweigle@cs.clemson.edu http://www.cs.clemson.edu/~mweigle/courses/cpsc360
More informationOSI Session / presentation / application Layer. Dr. Luca Allodi - Network Security - University of Trento, DISI (AA 2015/2016)
OSI Session / presentation / application Layer Dr. Luca Allodi - Network Security - University of Trento, DISI (AA 2015/2016) 1 Higher level protocols On top of IP, TCP, UDP, etc. there are a plethora
More informationCS193i Handout #18. HTTP Part 5
HTTP Part 5 HTTP Under The Hood Write a little echo server that listens for HTTP requests on port 8181, and then just echoes it back, so we can see the details for the browser request... Echo Server Code
More informationHTTP Server Application
1 Introduction You are to design and develop a concurrent TCP server that implements the HTTP protocol in the form of what is commonly called a web server. This server will accept and process HEAD and
More informationUA-Tester.... or why Web-Application Penetration Testers are only getting half the story
UA-Tester... or why Web-Application Penetration Testers are only getting half the story UA-Tester... or why Web-Application Penetration Testers are only getting half the story... or time to PIMP your tool!
More informationCS 355. Computer Networking. Wei Lu, Ph.D., P.Eng.
CS 355 Computer Networking Wei Lu, Ph.D., P.Eng. Chapter 2: Application Layer Overview: Principles of network applications? Introduction to Wireshark Web and HTTP FTP Electronic Mail SMTP, POP3, IMAP DNS
More informationProduced by. Mobile Application Development. Higher Diploma in Science in Computer Science. Eamonn de Leastar
Mobile Application Development Higher Diploma in Science in Computer Science Produced by Eamonn de Leastar (edeleastar@wit.ie) Department of Computing, Maths & Physics Waterford Institute of Technology
More informationLab 5: Web Attacks using Burp Suite
Lab 5: Web Attacks using Burp Suite Aim The aim of this lab is to provide a foundation in performing security testing of web applications using Burp Suite and its various tools. Burp Suite and its tools
More informationWeb Programming 4) PHP and the Web
Web Programming 4) PHP and the Web Emmanuel Benoist Fall Term 2013-14 Berner Fachhochschule Haute cole spcialise bernoise Berne University of Applied Sciences 1 PHP a language for Web applications Presentation
More informationGetting Some REST with webmachine. Kevin A. Smith
Getting Some REST with webmachine Kevin A. Smith What is webmachine? Framework Framework Toolkit A toolkit for building RESTful HTTP resources What is REST? Style not a standard Resources == URLs http://localhost:8000/hello_world
More informationThe Looking Glass API is for checking domains and addresses. You do not have to be logged in to use this facility.
Looking Glass API Introduction The Looking Glass API is for checking domains and email addresses. You do not have to be logged in to use this facility. The API endpoint can be reached at: http://looking-glass.aql.com/lookingglassapi.php?domain=aql.com
More informationInternet Architecture. Web Programming - 2 (Ref: Chapter 2) IP Software. IP Addressing. TCP/IP Basics. Client Server Basics. URL and MIME Types HTTP
Web Programming - 2 (Ref: Chapter 2) TCP/IP Basics Internet Architecture Client Server Basics URL and MIME Types HTTP Routers interconnect the network TCP/IP software provides illusion of a single network
More informationCIT 480: Securing Computer Systems
CIT 480: Securing Computer Systems Scanning CIT 480: Securing Computer Systems Slide #1 Topics 1. Port Scanning 2. Stealth Scanning 3. Version Identification 4. OS Fingerprinting CIT 480: Securing Computer
More informationWeb Architecture and Technologies
Web Architecture and Technologies Ambient intelligence Fulvio Corno Politecnico di Torino, 2015/2016 Goal Understanding Web technologies Adopted for User Interfaces Adopted for Distributed Application
More information::/Topics/Configur...
1 / 5 Configuration Cain & Abel requires the configuration of some parameters; everything can be set from the main configuration dialog. Sniffer Tab Here you can set the network card to be used by Cain's
More informationCORS Attacks. Author: Milad Khoshdel Blog: P a g e. CORS Attacks
Author: Milad Khoshdel Blog: https://blog.regux.com Email: miladkhoshdel@gmail.com 1 P a g e Contents What is CORS?...3 How to Test?...4 CORS Checker Script...6 References...9 2 P a g e What is CORS? CORS
More informationAbusing Windows Opener to Bypass CSRF Protection (Never Relay On Client Side)
Abusing Windows Opener to Bypass CSRF Protection (Never Relay On Client Side) Narendra Bhati @NarendraBhatiB http://websecgeeks.com Abusing Windows Opener To Bypass CSRF Protection Narendra Bhati Page
More informationHTTP and Web Content Delivery
HTTP and Web Content Delivery COS 461: Computer Networks Spring 2011 Mike Freedman hgp://www.cs.princeton.edu/courses/archive/spring11/cos461/ 2 Outline Layering HTTP HTTP conneclon management and caching
More informationKTH ROYAL INSTITUTE OF TECHNOLOGY. Remote Invocation. Vladimir Vlassov and Johan Montelius
KTH ROYAL INSTITUTE OF TECHNOLOGY Remote Invocation Vladimir Vlassov and Johan Montelius Middleware Application layer Remote invocation / indirect communication Socket layer Network layer 2 Request / Reply
More informationCSCI-1680 WWW Rodrigo Fonseca
CSCI-1680 WWW Rodrigo Fonseca Based partly on lecture notes by Scott Shenker and John Jannotti Precursors 1945, Vannevar Bush, Memex: a device in which an individual stores all his books, records, and
More information2- Application Level Protocols HTTP 1.0/1.1/2
2- Application Level Protocols HTTP 1.0/1.1/2 HTTP, (HyperText Transfer Protocol) Basis for fetching Web pages request Network CSE 461 University of Washington 2 Sir Tim Berners-Lee (1955 ) Inventor of
More informationGuzzle: Extraordinary HTTP Client
Guzzle: Extraordinary HTTP Client Rob Allen @akrabat ~ akrabat.com ~ September 2016 Why HTTP clients in PHP? Talking to web services Authentication with 3rd parties Social media interaction Remote APIs
More informationEE 122: HyperText Transfer Protocol (HTTP)
Background EE 122: HyperText Transfer Protocol (HTTP) Ion Stoica Nov 25, 2002 World Wide Web (WWW): a set of cooperating clients and servers that communicate through HTTP HTTP history - First HTTP implementation
More information90 Minute Optimization Life Cycle
90 Minute Optimization Life Cycle Fast by Default before our eyes Author of presentation Today s Hosts Hooman Beheshti VP Products Strangeloop Joshua Bixby President Strangeloop 2010 Strangeloop Networks
More informationWire Shark Lab1. Intro
Jae Sook Lee FA16 CSIT 340 01 Dr. Constantine Coutras Wire Shark Lab1 Intro 1. List 3 different protocols that appear in the protocol column in the unfiltered packet-listing window in step 7 above. : 1)
More informationCSE 333 Lecture HTTP
CSE 333 Lecture 19 -- HTTP Hal Perkins Department of Computer Science & Engineering University of Washington Administrivia Server-side programming exercise due Wed. morning HW4 due a week later - How s
More informationWhite Paper: Next-Gen Network Traffic Analysis (NTA): Log-based NTA vs. Packet-based NTA
White Paper: Next-Gen Network Traffic Analysis (NTA) Log-based NTA vs. Packet-based NTA ALEX VAYSTIKH, SecBI CTO & Co-Founder February 2018 Executive Summary Network Traffic Analysis (NTA) is a critical
More informationGuzzle: Extraordinary HTTP Client
Guzzle: Extraordinary HTTP Client Rob Allen @akrabat ~ akrabat.com ~ September 2016 Why HTTP clients in PHP? Talking to web services Authentication with 3rd parties Social media interaction Remote APIs
More informationHow to work with HTTP requests and responses
How a web server processes static web pages Chapter 18 How to work with HTTP requests and responses How a web server processes dynamic web pages Slide 1 Slide 2 The components of a servlet/jsp application
More informationCSCI-1680 WWW Rodrigo Fonseca
CSCI-1680 WWW Rodrigo Fonseca Based partly on lecture notes by Sco2 Shenker and John Janno6 Administrivia HW3 out today Will cover HTTP, DNS, TCP TCP Milestone II coming up on Monday Make sure you sign
More informationIntroduc)on to Computer Networks
Introduc)on to Computer Networks COSC 4377 Lecture 3 Spring 2012 January 25, 2012 Announcements Four HW0 s)ll missing HW1 due this week Start working on HW2 and HW3 Re- assess if you found HW0/HW1 challenging
More informationCS 5450 HTTP. Vitaly Shmatikov
CS 5450 HTTP Vitaly Shmatikov Browser and Network Browser OS Hardware request reply website Network slide 2 HTML A web page includes Base HTML file Referenced objects (e.g., images) HTML: Hypertext Markup
More informationThe key networking element that are typically used in an analysis of network traffic are:
9 Network Forensics 8 On-line lecture: http://asecuritysite.com/subjects/chapter09 9.1 Objectives The key objectives of this unit are to: Understand some of the methodologies used in network forensics.
More informationREALIZATION CONCEPT Version: 1.02
REALIZATION CONCEPT Version: 1.02 Status: Approved Type of project: Restart Project name: Project no.: Storage location: Author: Project oversight: PC Direct Marketer Interface PN313021 L:\05_Product_Management\500_Products\580_Solutions\Direkt_marke
More informationWAF-aiki. Pentest techniques against a Web Application Firewall
WAF-aiki Pentest techniques against a Web Application Firewall Why WAF-aiki? One applies aiki by understanding the rhythm and intent of the [opponent] to find the optimal position and timing to apply a
More informationREST Easy with Infrared360
REST Easy with Infrared360 A discussion on HTTP-based RESTful Web Services and how to use them in Infrared360 What is REST? REST stands for Representational State Transfer, which is an architectural style
More informationBrowser behavior can be quite complex, using more HTTP features than the basic exchange, this trace will show us how much gets transferred.
Lab Exercise HTTP Objective HTTP (HyperText Transfer Protocol) is the main protocol underlying the Web. HTTP functions as a request response protocol in the client server computing model. A web browser,
More informationNetworking Overview: Everything you need to know, in 50 minutes. CS 161: Computer Security Prof. David Wagner
Networking Overview: Everything you need to know, in 50 minutes CS 161: Computer Security Prof. David Wagner February 26, 2013 Local-Area Networks! A C point-to-point shared How does computer A send a
More informationjquery Basic HTTP communication
jquery Basic HTTP communication TAMZ 1 Lab 5 See: http://api.jquery.com/jquery.get/ http://api.jquery.com/jquery.post/ Application deployment Application has to be uploaded to a server Using of FTP/SCP/SFTP
More informationHTTP (HyperText Transfer Protocol)
1 HTTP (HyperText Transfer Protocol) Table of Contents HTTP (HYPERTEXT TRANSFER PROTOCOL)... 1 HTTP (HYPERTEXT TRANSFER PROTOCOL)... 3 What really happens when you navigate to a URL 3 1. You enter a URL
More informationICS 351: Today's plan. web scripting languages HTTPS: SSL and TLS certificates cookies DNS reminder
ICS 351: Today's plan web scripting languages HTTPS: SSL and TLS certificates cookies DNS reminder 1 web scripting languages web content described by HTML was originally static, corresponding to files
More informationPenetration Test Report
Penetration Test Report Feb 12, 2018 Ethnio, Inc. 6121 W SUNSET BLVD LOS angeles, CA 90028 Tel (888) 879-7439 ETHN.io Summary This document contains the most recent pen test results from our third party
More informationSirindhorn International Institute of Technology Thammasat University
1 Name...ID....Section. Seat No.. Sirindhorn International Institute of Technology Thammasat University Midterm Examination: Semester 2/2007 Course Title : ITS 332 Information Technology II Lab (Networking)
More informationLab 2. All datagrams related to favicon.ico had been ignored. Diagram 1. Diagram 2
Lab 2 All datagrams related to favicon.ico had been ignored. Diagram 1 Diagram 2 1. Is your browser running HTTP version 1.0 or 1.1? What version of HTTP is the server running? According to the diagram
More informationINGI1341: Project 2 Analysis of a website
INGI3141:PROJECT 2 1 INGI1341: Project 2 Analysis of a website Sergio Alejandro Chávez Cárdenas Abstract The details of a remote website sopitas.com are analysed and its responses over the Internet are
More informationTCP/IP Networking An Example
TCP/IP Networking An Example Complexity of networking: an example Review: Layered communication architecture The TCP/IP protocol suite Jörg Liebeherr, 1998,1999 1 A simple TCP/IP Example A user at Cerf
More informationA programmer can create Internet application software without understanding the underlying network technology or communication protocols.
CS442 Comer Networking API Chapter 3 Chapter three of the textbook presents an API to perform network programming in the C language. While this chapter does not cover everything about network programming,
More informationChallenge 2: Browsers under attack (intermediate)
Challenge 2: Browsers under attack (intermediate) Submission Template Submit your solution at http://www.honeynet.org/challenge2010/ by 17:00 EST, Monday, March 1st 2010. Results will be released on Monday,
More informationHTTP Security. CSC 482/582: Computer Security Slide #1
HTTP Security CSC 482/582: Computer Security Slide #1 Topics 1. How HTTP works 2. HTTP methods, headers, and responses 3. URIs, URLs, and URNs 4. Statelessness 5. Cookies 6. More HTTP methods and headers
More informationEDA095 HTTP. Pierre Nugues. March 30, Lund University
EDA095 HTTP Pierre Nugues Lund University http://cs.lth.se/pierre_nugues/ March 30, 2017 Covers: Chapter 6, Java Network Programming, 4 rd ed., Elliotte Rusty Harold Pierre Nugues EDA095 HTTP March 30,
More informationVendor: F5. Exam Code: 301. Exam Name: LTM Specialist. Version: DEMO
Vendor: F5 Exam Code: 301 Exam Name: LTM Specialist Version: DEMO QUESTION 1 A stand-alone LTM device is to be paired with a second LTM device to create an active/standby pair. The current stand-alone
More informationWorld-Wide Web Protocols CS 571 Fall Kenneth L. Calvert All rights reserved
World-Wide Web Protocols CS 571 Fall 2006 2006 Kenneth L. Calvert All rights reserved World-Wide Web The Information Universe World-Wide Web structure: hypertext Nonlinear presentation of information Key
More informationICS 351: Today's plan. IPv6 routing protocols (summary) HTML HTTP web scripting languages certificates (review) cookies
ICS 351: Today's plan IPv6 routing protocols (summary) HTML HTTP web scripting languages certificates (review) cookies IPv6 routing almost the same routing protocols as for IPv4: RIPng, OSPFv6, BGP with
More informationHigh performance and scalable architectures
High performance and scalable architectures A practical introduction to CQRS and Axon Framework Allard Buijze allard.buijze@trifork.nl Allard Buijze Software Architect at Trifork Organizers of GOTO & QCON
More informationCSE 333 Lecture HTTP
CSE 333 Lecture 19 -- HTTP Hal Perkins Paul G. Allen School of Computer Science & Engineering University of Washington Administrivia HW4 due a week from Thursday - How s it look? Today: http; finish networking/web
More informationAbout the Tutorial. Audience. Prerequisites. Copyright & Disclaimer
About the Tutorial The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypermedia information systems. This is the foundation for data communication
More informationWeb Services User Guide
This document covers how to process XML Requests and Responses using the Secure Trading Web Services interface. Published: 28 March 2018 3.8 (a) Table of Contents 1 Introduction... 3 1.1 Required steps...
More informationApplication Layer Introduction; HTTP; FTP
Application Layer Introduction; HTTP; FTP Tom Kelliher, CS 325 Feb. 4, 2011 1 Administrivia Announcements Assignment Read 2.4 2.6. From Last Time Packet-switched network characteristics; protocol layers
More informationInformation Network 1 TCP 1/2. Youki Kadobayashi NAIST
Information Network 1 TCP 1/2 Youki Kadobayashi NAIST 1 Transport layer: a birds-eye view Hosts maintain state for each transport-layer endpoint Routers don t maintain per-host state H R R R R H Transport
More informationCS144 Notes: Web Standards
CS144 Notes: Web Standards Basic interaction Example: http://www.youtube.com - Q: what is going on behind the scene? * Q: What entities are involved in this interaction? * Q: What is the role of each entity?
More information4. What is the sequence number of the SYNACK segment sent by spinlab.wpi.edu to the client computer in reply to the SYN? Also Seq=0 (relative
1. What is the IP address and TCP port number used by your client computer (source) to transfer the file to spinlab.wpi.edu? My computer is at 10.211.55.3. The source port is 49247. See screenshot below.
More informationWeb Engineering. Basic Technologies: Protocols and Web Servers. Husni
Web Engineering Basic Technologies: Protocols and Web Servers Husni Husni@trunojoyo.ac.id Basic Web Technologies HTTP and HTML Web Servers Proxy Servers Content Delivery Networks Where we will be later
More informationWeb Security, Part 2
Web Security, Part 2 CS 161 - Computer Security Profs. Vern Paxson & David Wagner TAs: John Bethencourt, Erika Chin, Matthew Finifter, Cynthia Sturton, Joel Weinberger http://inst.eecs.berkeley.edu/~cs161/
More informationInternet Connectivity with
Internet Connectivity with Introduction The purpose of this workshop is to help you g et acquainted with the basics of internet connectivity by leveraging ARM mbed tools. If you are not already familiar
More informationIdentifying Operating System Using Flow-based Traffic Fingerprinting
Identifying Operating System Using Flow-based Traffic Fingerprinting Tomáš Jirsík, Pavel Čeleda {jirsik celeda}@ics.muni.cz Institute of Computer Science, Masaryk University EUNICE 2014 September, 1. 5.,
More informationOutline Computer Networking. HTTP Basics (Review) How to Mark End of Message? (Review)
Outline 15-441 Computer Networking Lecture 25 The Web HTTP review and details (more in notes) Persistent HTTP review HTTP caching Content distribution networks Lecture 19: 2006-11-02 2 HTTP Basics (Review)
More informationCOSC 2206 Internet Tools. The HTTP Protocol
COSC 2206 Internet Tools The HTTP Protocol http://www.w3.org/protocols/ What is TCP/IP? TCP: Transmission Control Protocol IP: Internet Protocol These network protocols provide a standard method for sending
More informationIntroduction to Ethical Hacking
Introduction to Ethical Hacking Summer University 2017 Seoul, Republic of Korea Alexandre Karlov Today Some tools for web attacks Wireshark How a writeup looks like 0x04 Tools for Web attacks Overview
More informationstatic phlapa.east.verizon.net /
The ICSI Netalyzr Beta Introduction» Analysis» Results Result Summary static-71-242-253-198.phlapa.east.verizon.net / 71.242.253.198 Recorded at 21:25 EDT (01:25 UTC next day) on Thu, August 27 2009. Permalink.
More informationSending s With Sendmail - Part 2
CODECALL Programming Tutorials Linux Tutorials, Guides and Tips Sending Emails With Sendmail - Part 2 Started by, Aug 31 2009 04:55 PM form, Posted 31 August 2009-04:55 PM Ok, so now that you know how
More informationInternet Layers. Physical Layer. Application. Application. Transport. Transport. Network. Network. Network. Network. Link. Link. Link.
Internet Layers Application Application Transport Transport Network Network Network Network Link Link Link Link Ethernet Fiber Optics Physical Layer Wi-Fi ARP requests and responses IP: 192.168.1.1 MAC:
More informationInstituto Superior Técnico, Universidade de Lisboa Network and Computer Security. Lab guide: Traffic analysis and TCP/IP Vulnerabilities
Instituto Superior Técnico, Universidade de Lisboa Network and Computer Security Lab guide: Traffic analysis and TCP/IP Vulnerabilities Revised on 2016-10-18 Alpha version: This is an early version and
More informationHTTP Request Handling
Islamic University of Gaza Faculty of Engineering Department of Computer Engineering ECOM 5049 Advanced Internet Technology Lab Lab # 5 HTTP Request Handling El-masry March, 2014 Objectives To be familiar
More informationTransport Layer Review
Transport Layer Review Mahalingam Mississippi State University, MS October 1, 2014 Transport Layer Functions Distinguish between different application instances through port numbers Make it easy for applications
More informationWEB APPLICATION ENGINEERING II
WEB APPLICATION ENGINEERING II Lecture #5 Umar Ibrahim Enesi Objectives Gain understanding of how Cookies and Sessions Work Understand the limitations of Sessions and Cookies Understand how to handle Session
More informationNetworking. INFO/CSE 100, Spring 2006 Fluency in Information Technology.
Networking INFO/CSE 100, Spring 2006 Fluency in Information Technology http://www.cs.washington.edu/100 Apr-3-06 networks @ university of washington 1 Readings and References Reading Fluency with Information
More informationRemote Invocation Vladimir Vlassov and Johan Montelius
KTH ROYAL INSTITUTE OF TECHNOLOGY Middleware Remote Invocation Vladimir Vlassov and Johan Montelius Application layer Remote invocation / indirect communication Socket layer Network layer ID2201 DISTRIBUTED
More informationTACACS Support APIs. curl -k -v -u "admin:cisco123" -H Accept:application/vnd.yang.data+xml -H ContentType:application/vnd.yang.
Table 1: Action Method Payload Required API To configure TACACS server POST Yes To configure TACACS server PUT Yes To configure TACACS server DELETE No To view TACACS server configuration GET No Example:
More information[MS-PCCRTP]: Peer Content Caching and Retrieval: Hypertext Transfer Protocol (HTTP) Extensions
[MS-PCCRTP]: Peer Content Caching and Retrieval: Hypertext Transfer Protocol (HTTP) Extensions Intellectual Property Rights Notice for Open Specifications Documentation Technical Documentation. Microsoft
More informationSANS ICS Europe 2018 Munich, Germany
SANS ICS Europe 2018 Munich, Germany A Real Cyber Physical Experience: Red Teaming on a Power Plant Can Demirel, CSSA, GICSP ICS Cyber Security Services Team Lead biznet.com.tr info@biznet.com.tr 1 About
More informationName Student ID Department/Year. Midterm Examination. Introduction to Computer Networks Class#: 901 E31110 Fall 2015
Name Student ID Department/Year Midterm Examination Introduction to Computer Networks Class#: 901 E31110 Fall 2015 9:10-11:10 Wednesday November 4, 2015 Prohibited 1. You are not allowed to write down
More informationHTTP, circa HTTP protocol. GET /foo/bar.html HTTP/1.1. Sviluppo App Web 2015/ Intro 3/3/2016. Marco Tarini, Uninsubria 1
HTTP protocol HTTP, circa 1989 a resource «give me the HTML representation of thatresource» «ok, here» Client request GET /hello.txt Server response Hello, world! Client Server Http 1.1 Request line Client
More informationIntroduction to Internet, Web, and TCP/IP Protocols SEEM
Introduction to Internet, Web, and TCP/IP Protocols SEEM 3460 1 Local-Area Networks A Local-Area Network (LAN) covers a small distance and a small number of computers LAN A LAN often connects the machines
More informationHTTP/2: What You Need to Know. Robert
HTTP/2: What You Need to Know Robert Boedigheimer @boedie About Me Web developer since 1995 Pluralsight Author 3 rd Degree Black Belt, Tae Kwon Do ASP.NET MVP boedie@outlook.com @boedie weblogs.asp.net/boedie
More informationECE697AA Lecture 2. Today s lecture
ECE697AA Lecture 2 Application Layer: HTTP Tilman Wolf Department of Electrical and Computer Engineering 09/04/08 Protocol stack Application layer Client-server architecture Example protocol: HTTP Demo
More information