How the Internet works

I’m using clips from Jessica McKellar’s How the Internet works

Summary

• DNS (who: name to address mapping)
• Internet Protocol/IP (where: addressing and routing)
• Transmission Control Protocol/TCP (how: reliably deliver data)
• Application: HTTP (what: is requested )
  • Cookies
• Markup: HTML
• Locators: URLs
• Security
  • shared secret for confidentiality
  • public key to exchange secret
  • certificate to authenticate public key

Protocol

DNS

IP

TCP

HTTP

Conclude

Redux

URL Syntax

  http://example.com:8042/over/there?name=ferret#nose
  \_/   \__________/\___/\_________/ \_________/ \__/
   |       |          |       |          |        |
scheme  authority    port    path      query   fragment

• queries are used for dynamic/database websites
• fragments takes you a view of a page (e.g., syllabus)

HTTP Client request

You type:

http://www.example.com/Index.Html

Your browser sends:

GET /Index.Html HTTP/1.1
Host: www.example.com

HTTP Server response

HTTP/1.1 200 OK
Date: Mon, 23 May 2005 22:38:34 GMT
Server: Apache/1.3.3.7 (Unix) (Red-Hat/Linux)
Last-Modified: Wed, 08 Jan 2003 23:11:55 GMT
ETag: "3f80f-1b6-3e1cb03b"
Content-Type: text/html; charset=UTF-8
Content-Length: 131
Accept-Ranges: bytes
Connection: close

<html>
<head>
  <title>An Example Page</title>
</head>
<body>
  Hello World, this is a very simple HTML document.
</body>
</html>

HTML

<html>
<head>
  <title>An Example Page</title>
</head>
<body>
  Hello World, this is a very simple HTML document.
</body>
</html>

Internet Metaphor

• You want to send a request for a magazine article to Sally, and the envelopes (packets) are small: one sentence per envelope.
• You look up Sally and find her address and zipcode (DNS to find IP number)
• You drop your five packets addressed to Sally in the mailbox; they flow through the postal network (IP)
• Sally gets all but one of your packets, sends a post card asking you to resend it (TCP)
• Once done, she breaks up the article into packets and sends them to you

Request

GET /index.html HTTP/1.1
Host: www.example.org
...

The server won’t know who you are.

Server sets cookie

HTTP/1.0 200 OK
Content-type: text/html
Set-Cookie: theme=light
Set-Cookie: sessionToken=abc123; Expires=Wed, 09 Jun 2021 10:18:14 GMT
...

The server asks you to store and resend this information when you next visit.

Next request

GET /spec.html HTTP/1.1
Host: www.example.org
Cookie: theme=light; sessionToken=abc123
...

The server will know your previously set preferences.

Cookie recap

• A cookie is a short bit of information a server asks you to remember and send next time you visit
  • It might be your preferred theme, language, or a unique ID keyed to other info in their database
• Third-party cookies are from sites that you did not intentionally visit, but they served you content embedded in the HTML, like images and ads
  • If the same third-party serves your ads across multiple sites, they will know you were on those different sites

Caesar cipher

One-time pad

Public key encryption

Private key signature

Certificates

How do you it’s really Bob’s (public) key?

SSL

Security recap

• ciphers use shared secrets to encrypt message
• public keys allow you to share a secret securely
• certificates assure that a public key really belongs to who it says it does

Malware

worm (autonomous); virus (dependent); Trojan (non-self-replicating); bots (remote controlled)

Protect yourself

Summary

• DNS (who: name to address mapping)
• Internet Protocol/IP (where: addressing and routing)
• Transmission Control Protocol/TCP (how: reliably deliver data)
• Application: HTTP (what: is requested )
  • Cookies
• Markup: HTML
• Locators: URLs
• Security
  • confidentiality: cipher + secret/key
  • exchanging secret: public key
  • authenticate public key: certificate

FAQ

• What is a computer “bug”? (Hopper 1946)
• When 8chan was “taken down,” what does this mean?

Protocol match

Cookie

Where is a 3rd party cookie stored?

Security

What are the three important components of web security?