import socket

# Change the following host and see what IP it prints!
host = "youtube.com"
ip = socket.gethostbyname(host)

print(ip)
142.250.188.238
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
    s.connect((ip, 80))
    print("Successfully connected!")
Successfully connected!

Check-In

  1. What is an IP address?

An IP address is a unique set of numbers that helps to identify a device on a computer network.

  1. What is a TCP port?

A Transmission Control Protocol port is used for communication that allows networked devices to establish a connection and exchange data.

with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
    s.connect((ip, 80))

    # Send a GET request to "/"
    s.sendall(b"GET / HTTP/1.1\r\n\r\n")

    # Recieve & print 2048 bytes of data
    data = s.recv(2048)
    print(data.decode())
HTTP/1.1 200 OK
Date: Fri, 28 Apr 2023 03:30:06 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=ISO-8859-1
Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-DJL8VRtmyItQdWC-3AvH7g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Server: gws
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: 1P_JAR=2023-04-28-03; expires=Sun, 28-May-2023 03:30:06 GMT; path=/; domain=.google.com; Secure
Set-Cookie: AEC=AUEFqZf5mfct3KRS5WS2eZWQfkP-B_SZ9oZX6PKvA3XCzG1OEl4wsp3jZsQ; expires=Wed, 25-Oct-2023 03:30:06 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
Set-Cookie: NID=511=taT88AIo2sXPRUTD7LiGPBpIe3CAoxKjdINDzPtFNyc1_oVqIruGm0HtBJwdrTb4A97jrKtcNMBrEwDp4CTbAB9KO1iiXSVR4jkJcIL4aSTlsvWAagIqEHxtp-3YD2hqWZTkBdIhegIgQz-CVOthiYgQW6Y5gTSj3PI-SEwnbEg; expires=Sat, 28-Oct-2023 03:30:06 GMT; path=/; domain=.google.com; HttpOnly
Accept-Ranges: none
Vary: Accept-Encoding
Transfer-Encoding: chunked

5331
<!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="en"><head><meta content="Search the world's information, including webpages, images, videos and more. Google has many special features to help you find exactly what
import requests

# Change the URL to whatever you'd like
response = requests.get("https://google.com")

print("Status code:", response.status_code)
print("Headers:", response.headers)
print("Response text:", response.text[:100])

# Add a line to print the "Content-Type" header of the response
# Try an image URL!
Status code: 200
Headers: {'Date': 'Fri, 28 Apr 2023 03:31:59 GMT', 'Expires': '-1', 'Cache-Control': 'private, max-age=0', 'Content-Type': 'text/html; charset=ISO-8859-1', 'Content-Security-Policy-Report-Only': "object-src 'none';base-uri 'self';script-src 'nonce-9Fm-swGrJC00FiO2aqUmJg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp", 'P3P': 'CP="This is not a P3P policy! See g.co/p3phelp for more info."', 'Content-Encoding': 'gzip', 'Server': 'gws', 'X-XSS-Protection': '0', 'X-Frame-Options': 'SAMEORIGIN', 'Set-Cookie': '1P_JAR=2023-04-28-03; expires=Sun, 28-May-2023 03:31:59 GMT; path=/; domain=.google.com; Secure, AEC=AUEFqZfakCKTD2Zo4MwxPfIx6aXFRBp18Wd-eZ5-aJGO4x8enONbN09KFw; expires=Wed, 25-Oct-2023 03:31:59 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax, NID=511=tewJR8jTYNuyjvwgnqL3CKgBqL_k6pR4MbygBcsBNjmhFP0nKH8lAtVCXiEzn6VbFQMzx26FF0fcQdXYjbzw3x7j1kBM-Fo66aExGqalSS1pgQjvjvw1bgsrRibiNxJ_bnRut21iyXJSao28OxdQlvtPssh7KiDJRycnI-1MUmI; expires=Sat, 28-Oct-2023 03:31:59 GMT; path=/; domain=.google.com; HttpOnly', 'Alt-Svc': 'h3=":443"; ma=2592000,h3-29=":443"; ma=2592000', 'Transfer-Encoding': 'chunked'}
Response text: <!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="en"><head><meta content

NGINX

aws = "3.130.255.192"

response = requests.get("http://" + aws)
print(response.text)
<!doctype html>
<html>
<head>
<title>Cool site</title>
<meta name="description" content="cool site for apcsp">
</head>
<body>
Hello, this is my cool site. Check out my products:
<a href="/products">Products!!</a>
</body>
</html>

Configuration

server {
    // Listen on virtual "port 80"
    listen 80;
    listen [::]:80;
    server_name 3.130.255.192;

    location / {
        // Inform server about original client
        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;

        // Forward all requests transparently to the server running on our computer
        proxy_pass              http://localhost:9099;
    }
}

Load Balancing

upstream example.com {
    server server1.example.com;
    server server1.example.com;
}

HTTP Headers

server {
    add_header X-Cool-Header "I love APCSP!";

    location /pages {
        add_header X-Cooler-Header "This is my secret header!";
    }
}

Check In

  1. Research 1 HTTP header and describe, in detail, its purpose.

One commonly used HTTP header is the "User-Agent" header. The User-Agent header provides information about the client making an HTTP request, typically in the form of a web browser or an application. It helps the server understand what kind of client is making the request, enabling it to provide a response tailored to the client's capabilities or requirements.

  1. Write a line in a sample NGINX configuration that will add that specific header to the /information location

See Below

  1. Explain the purpose of the load balancing performed by NGINX

The load balancing feature in NGINX distributes the incoming requests evenly across multiple servers. This helps improve the performance and reliability of the website as well as ensure that one server is not overwhelmed.

  1. Modify the following code block to obtain the value of the secret header on /products of the AWS site

For number 2

server { add_header X-Cool-Header "Claire Zhao";

location /information {
    add_header X-Cooler-Header "Specific Header";
}

}

aws = "3.130.255.192"

response = requests.get("http://" + aws+ "/products")

print("The secret header is:", "...")
print(response.headers)
The secret header is: ...
{'Server': 'nginx/1.18.0 (Ubuntu)', 'Date': 'Fri, 28 Apr 2023 05:18:28 GMT', 'Content-Type': 'text/html', 'Transfer-Encoding': 'chunked', 'Connection': 'keep-alive', 'Last-Modified': 'Thu, 20 Apr 2023 20:42:12 GMT', 'X-Cooler-Header': 'This is my secret header!', 'Content-Encoding': 'gzip'}

Hacks

  • Complete the above check-in questions and change the hosts (0.1)
  • Complete the above code-segment to retrieve the secret header (0.1)

Bonus (0.05)

Create a diagram showing the layers of abstraction that allow us to use HTTP (IP, TCP, etc.)

Slides Hacks

  1. What does DNS stand for?

Domain Name Service

  1. What is the purpose of DNS?

It's purpose is to translate human-readable domain names into the numerical IP addresses that computers and network devices use to communicate with each other.

  1. How does DNS work?

A user types a domain name into their web browser, the browser sends a request to a DNS server to look up the IP address associated with that domain name. The DNS server then responds with the corresponding IP address, allowing the browser to establish a connection and load the requested website.

  1. What is a DNS resolver?

A DNS resolver is like a translator that converts domain names (e.g., www.example.com) into the numerical IP addresses (e.g., 192.0.2.1) needed for computers and network devices to communicate over the internet.

CORS Hacks

  1. Explain what CORS is and what it stands for

CORS stands for cross-origin security. CORS is a security mechanism implemented in web browsers to protect users from potential malicious activities that can occur when making requests across different origins

  1. Describe how you would be able to implement CORS into your own websites

When reading from the API that is given in the project we used mode CORS. This was done in the read function and was in Javascript brackets.

  1. Describe why you would want to implement CORS into your own websites

CORS is able to protect the website from bad activity and that will allow for more security especially since my website has personal information stored.

  1. How could use CORS to benefit yourself in the future?

Add to future websites to make sure that data is not stolen and have the best security in the website for the users experience.

Total: 0.2 points

KASM Hacks

  1. What is the purpose of "sudo" when running commands in terminal?

Adding administrative properties when running. This needs access and permissions which is why we use a password when running anything that has sudo in it.

  1. What are some commands which allow us to look at how the storage of a machine is set up as?

df: Run the command df -h in the terminal to view information about file system disk space usage, including the device, total size, used space, available space, and mount points.

diskutil: Run the "diskutil" command-line utility to view information about disks and partitions. Open the Terminal and type "diskutil list" to see a list of all the disks and partitions on your system.

  1. What do you think are some alternatives to running "curl -O" to get the zip file for KASM?

Using a web browser allows for the zip file for KASM to be downloaded. You can just download it from the website and have access to the zip file.

  1. What kind of commands do you think the "install.sh" command has and why is it necessary to call it?

setting permissions, create directory, and install softwares or packages

  1. Explain in at least 3-4 sentences how deploying KASM is related to/requires other topics talked about in the lesson and/or potential ways to add things mentioned in the lesson to this guide.

Application isolation, security, load balance, and remote access are just a few of the associated subjects that must be understood in order to deploy KASM. It is necessary to grasp security concepts and best practices in order to use KASM, which offers a secure and isolated environment for running applications. KASM can be accessed remotely, but doing so requires familiarity with the relevant tools and protocols. Load balancing is needed to distribute traffic equally among several server instances running KASM. These are all topics of how KASM is related to the lesson talked about before.

Total: 0.2 points