Embed Size (px)
Citation preview
TELE3118 extrasFor week 7/8
Presentation example
DNS
• domain config example: tele3118.net– http://who.is/whois/tele3118.net
• www.root-servers.org• online viewing of DNS queries & responses:
http://www.analogx.com/contents/dnsdig.htm
• chrome://net-internals/#dns
Wireshark example: Query
431186J
More examples at http://uluru.ee.unsw.edu.au/~tim/zoo/index.html#dns
Wireshark example: Response
53118LW
DNS retransmission
7
DIY: client software• Names of programs:
Originally “nslookup” (name server lookup)Windows: Still called nslookupLinux: nslookup (deprecated) host, dig (“Domain Internet Groper”)
• Configuratione.g. specify local domain and default serversThrough DHCP, or– Windows: Control Panel -> Network Properties– Linux: /etc/resolv.conf
• Control of name cache:Windows: ipconfig (e.g. with /displaydns and /flushdns
options)Linux: name service cache daemon (nscd)
31188O
Connection: & Keep-Alive:
Give control of HTTP/1.1 persistence• “Connection: Close”: Indicates
desire not to persist (without closing TCP connection, which might disrupt flow?)
• “Connection: keep-alive”: Desire to control persistence, e.g. with“Keep-Alive: 300” Persist for 300 sec,
despite server default (15 sec for Apache)
Extension material follows
• DNS for firewalling• DNS and search• Analytics• Cookies
The Great fireWall of China
Uses several mechanisms to filter access1 is DNS poisoning: Firewall responds to DNS requests with
incorrect informatione.g. lookup facebook.com from within China -> 78.16.49.15
which RIPE reports belongs to Esat Telecommunications in Ireland
Reports of banned names appearing with other domain as suffix (e.g. “facebook.com.example.com”) also return incorrect results rather than DNE error. Presumably to hinder proxies.
103118ZO
DNS and search
“The point of I'm Feeling Lucky was to replace the domain name system for navigation” Page said in 2002. Both Page and Brin hoped that instead of guessing what was the address of their web destination, they'd just “go to Google.” - S. Levy: In the plex: how Google thinks, works, and shapes our lives,
Simon & Schuster, 2011, p. 31
11311815
12
Referer:† & analyticsWould like to track client’s path through web:• How did they reach this web site?• What path do they take through this site?
=> Optimise site design site (e.g. minimise steps to purchase, direct clients on desired path)
• Which pages have stale links to objects that are Not Found?
Referer: = URI of page that links to object being requestedReferer: line omitted if object not requested via link, e.g. URL entered in
browser address barWeb site analytics businesses/software interprets referral paths
– May involve embedding links in pages– e.g. Google Analytics
† The HTTP spec includes a typo (“Referer” not “Referrer”) which implementations must now perpetuate
Extract of typical access_logFormat: Client [date] Request Status Bytes Referer User-Agent discuss
149.171.236.136 - - [26/Aug/2009:14:17:31 +1000]"GET /~tim/zoo/index.html HTTP/1.1" 200 21005 "-""Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30618)"
149.171.236.136 - - [26/Aug/2009:14:18:00 +1000]"GET /~tim/zoo/5d8baf3e.pcap HTTP/1.1" 200 10628 "http://uluru.ee.unsw.edu.au/~tim/zoo/index.html" "Mozilla…"
149.171.236.136 - - [26/Aug/2009:14:18:01 +1000]"GET /~tim/zoo/5d8baf3e.pcap HTTP/1.1" 206 10628 "http://uluru.ee.unsw.edu.au/~tim/zoo/" "Mozilla…"
bcano.tcif.telstra.com.au - - [26/Aug/2009:14:22:51 +1000]"GET /~tim/zoo/index.html HTTP/1.1" 200 21005 "http://www.google.com/search?hl=en&rls=com.microsoft%3Aen-US&q=wireshark+snmp+fragments&aq=f&oq=&aqi=" "Mozilla…"
bcano.tcif.telstra.com.au - - [26/Aug/2009:14:23:15 +1000]"GET /~tim/zoo/b925588b.pcap HTTP/1.1" 200 299 "http://uluru.ee.unsw.edu.au/~tim/zoo/index.html" "Mozilla…"
crawl-66-249-71-58.googlebot.com - - [09/Sep/2009:20:33:00 +1000] "GET /~tim/zoo/index.html HTTP/1.1" 200 23989 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
crawl-66-249-71-58.googlebot.com - - [09/Sep/2009:22:20:08 +1000] "GET /~tim/zoo/167e2456.pcap HTTP/1.1" 200 1640 "-" "Mozilla…"
crawl-66-249-71-58.googlebot.com - - [09/Sep/2009:22:20:09 +1000] "GET /~tim/zoo/51375378.pcap HTTP/1.1" 200 876 "-" "Mozilla…"
14
State info for web access
• User identity√ “shopping basket” of selected goods√ Site personalisation, values for form fields etc√ registration – have they paid for the service, do we know their
email address, etc× tracking,
e.g. newspaper: what advertisements do people who read this sort of article read? → tune advertising for higher impact
can raise privacy concerns
• Load sharing – direct request to preferred server in server farm
15
Cookies†
Process:1. Client requests information from server• Server responds, including state information1. Client stores state information, associates it with server2. Client includes state information with subsequent
requests to server
Bottom line: Server doesn’t have to store state info.
† So named because like an edible cookie that leaves a trail of crumbs,electronic cookies record a trail of past actions, i.e. record state info.aka “handle”, “transaction ID”, or “token”
16
Cookies: keeping “state” (cont.)
client server
usual http request msgusual http response +
Set-cookie: 1678
usual http request msgcookie: 1678
usual http response msg
usual http request msgcookie: 1678
usual http response msg
cookie-specificaction
cookie-spectificaction
servercreates ID
1678 for user
entry in backend
database
access
acce
ss
Cookie file
amazon: 1678ebay: 8734
Cookie file
ebay: 8734
Cookie file
amazon: 1678ebay: 8734
one week later:
Slide from Kurose and Ross
17
Cookies when buying copies of StevensPOST /shopping/BasketAdd.asp HTTP/1.1\r\n
...
Cookie: BIGipServerdymocks-http=1038178763.20480.0000; ASPSESSIONIDQQQGGWFC=DHHLDGMCJCIFHDKNOCFEEDHJ\r\n
\r\n Data (47 bytes)0000 50 72 6f 64 75 63 74 5f 49 44 3d 30 32 30 31 36 Product_ID=020160010 33 34 39 35 33 26 49 4d 41 47 45 31 2e 78 3d 32 34953 ...
HTTP/1.1 100 Continue\r\n Set-Cookie: BIGipServerdymocks-http=1038178763.20480.0000; expires=Wed, 19-
Mar-2003 12:23:28 GMT; path=/\r\n
HTTP/1.1 302 Object moved\r\n Set-Cookie:
MSCSProfile=61E4CECF7275066FD87B9817DA5865CB01E8624F84600C0D...
POST /Shopping/BasketAdd.asp HTTP/1.1\r\n Cookie: BIGipServerdymocks-http=1038178763.20480.0000;
ASPSESSIONIDQQQGGWFC=DHHLDGMCJCIFHDKNOCFEEDHJ; MSCSProfile=61E4CECF7275066FD87B9817DA5865CB01E8624F84600C0D...
Data (33 bytes)0000 50 72 6f 64 75 63 74 5f 49 44 3d 30 32 30 31 36 Product_ID=020160010 33 33 35 34 58 26 78 3d 32 38 26 79 3d 31 33 0d 3354X ...
Add volume 2 (ISBN 020163354X) to theshopping basket
Add volume 1 (ISBN: 0201634953)to the shopping basket
Server responds by setting 2 cookies
