import socket

# Change the following host and see what IP it prints!
host = "example.com"
ip = socket.gethostbyname(host)

print(ip)

93.184.216.34

with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
    s.connect((ip, 80))
    print("Successfully connected!")

Successfully connected!

Check-In ✅

1. What is an IP address?

A unique set of numbers that identifies a device (computer/phone) on the internet/network and allows the device to send and recieve information to another device on the same internet/network.

2. What is a TCP port?

It's like a numbered gateway that allows data to flow in and out of a device over a network. Each port is identified with a unique # between 0 and 65535, and specific applications/services are associated with specific port #s. Ex. web traffic sent over port 80 or 443, email traffic uses port 25 or 587
An easy way to think about it is that it is like a road that allows your car know where to go.
Purpose: By using different port numbers, multiple services/applications can run at the same time on the same device without interfering with each other's network traffic.

Slide Hacks

1. What does DNS stand for?

Domain Name Service

2. What is the purpose of DNS?

Its purpose is to assign an IP address to each domain name. Its purpose is to act like a phonebook for the internet, allowing users to access websites and other online resources by their familiar names rather than obscure numerical IP addresses.

3. How does DNS work?

When you type a domain name like www.googledocs.com into your web browser, your computer sends a request to a DNS server, asking for the IP address associated with that domain name. The DNS server then looks up the IP address associated with the domain name in its database, and sends it back to your computer. Your computer then uses that IP address to connect to the server hosting the website you requested.

4. What is a DNS resolver?

It is a computer program or service that helps your device find the IP address associated with a domain name you want to access on the internet. When you type in a domain name in your web browser, the DNS resolver translates that name into a corresponding IP address so that your device can connect to the appropriate server and display the website or other online resource you requested.

with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
    s.connect((ip, 80))

    # Send a GET request to "/"
    s.sendall(b"GET / HTTP/1.1\r\n\r\n")

    # Recieve & print 2048 bytes of data
    data = s.recv(2048)
    print(data.decode())

HTTP/1.1 200 OK
Date: Fri, 28 Apr 2023 03:35:28 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=ISO-8859-1
Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-Thh8XXEi_0dtzJiTWv-obA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Server: gws
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: 1P_JAR=2023-04-28-03; expires=Sun, 28-May-2023 03:35:28 GMT; path=/; domain=.google.com; Secure
Set-Cookie: AEC=AUEFqZcKRBPWib4KyVA5gUM7f_jMHvzlV7nK4XxRF_m6r0hpbqVuPZRVKNo; expires=Wed, 25-Oct-2023 03:35:28 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
Set-Cookie: NID=511=V6b-Onn2abuWFtZjuDnanbaabwKWVX_JrNGeIDYTa6xIqpJyIqmslAJQInfh8vfekdGCo_TZOGPWK-81cJEKvvxtLOUAoWA1C-eDC_5oAqwo6gbUdFFkQGZR_rOIl7hrzHbwZslnCbI-snNHMdzeX7gfnE-v34xw4PJr3ntrywc; expires=Sat, 28-Oct-2023 03:35:28 GMT; path=/; domain=.google.com; HttpOnly
Accept-Ranges: none
Vary: Accept-Encoding
Transfer-Encoding: chunked

5ca3
<!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="en"><head><meta content="Search the world's information, including webpages, images, videos and more. Google has many special features to help you find exactly what you're looking for." name="description"><meta content="noodp" name="robots"><meta content="text/html; charset=UTF-8" http-equiv="Content-Type"><meta content="/images/branding/googleg/1x/googleg_standard_color_128dp.png" itemprop="image"><title>Google</title><script nonce="Thh8XXEi_0dtzJiTWv-obA">(function(){window.google={kEI:'AD9LZJ_INZ_KkPIPs-u2yAY',kEXPI:'0,1359409,1709,4349,207,2414,2390,2316,383,246,5,1129120,1197661,45,695,380089,16115,28684,22430,1362,12319,2816,14764,4998,13228,3847,41316,2891,3926,213,7615,606,76014,432,3,346,1244,1,16916,2652,4,1528,2304,29062,13065,11442,2216,2980,1457,16786,5770,2587,4094,7596,1,11943,30211,2,1

import requests

# Change the URL to whatever you'd like
response = requests.get("https://academicsandathleticsforall.org/")

print("Status code:", response.status_code)
print("Headers:", response.headers)
print("Response text:", response.text[:100])

# Add a line to print the "Content-Type" header of the response
# Try an image URL!

Status code: 200
Headers: {'Link': '<//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.30.1.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/karla/v23/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lM.woff>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/karla/v23/qkBIXvYC6trAT55ZBi1ueQVIjQTDH52aE0lM.woff>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQsbh3o1vLImiwAVvYawgcf2eVer2q6bHU.woff>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQubh3o1vLImiwAVvYawgcf2eVeqlq-.woff>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/oldstandardtt/v18/MwQrbh3o1vLImiwAVvYawgcf2eVWEX-tS1ZZ.woff>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin', 'Cache-Control': 'max-age=30', 'Content-Security-Policy': "frame-ancestors 'self' godaddy.com *.godaddy.com", 'Content-Type': 'text/html;charset=utf-8', 'Vary': 'Accept-Encoding', 'Server': 'DPS/2.0.0-beta+sha-7828e72', 'X-Version': '7828e72', 'X-SiteId': 'us-west-2', 'Set-Cookie': 'dps_site_id=us-west-2; path=/; secure', 'ETag': 'af178185285a6a4e0ff255d0d7964520', 'Content-Encoding': 'br', 'Date': 'Fri, 28 Apr 2023 03:35:32 GMT', 'Connection': 'keep-alive', 'Transfer-Encoding': 'chunked'}
Response text: <!DOCTYPE html><html lang="en-US"><head><link rel="icon" href="//img1.wsimg.com/isteam/ip/8ede07fa-6

NGINX

aws = "3.130.255.192"

response = requests.get("http://" + aws)
print(response.text)

<!doctype html>
<html>
<head>
<title>Cool site</title>
<meta name="description" content="cool site for apcsp">
</head>
<body>
Hello, this is my cool site. Check out my products:
<a href="/products">Products!!</a>
</body>
</html>

Configuration

server {
    // Listen on virtual "port 80"
    listen 80;
    listen [::]:80;
    server_name 3.130.255.192;

    location / {
        // Inform server about original client
        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;

        // Forward all requests transparently to the server running on our computer
        proxy_pass              http://localhost:9099;
    }
}

Load Balancing

upstream example.com {
    server server1.example.com;
    server server1.example.com;
}

HTTP Headers

server {
    add_header X-Cool-Header "I love APCSP!";

    location /pages {
        add_header X-Cooler-Header "This is my secret header!";
    }
}

Check In ✅

1. Research 1 HTTP header and describe, in detail, its purpose.

HTTP (Hypertext Transfer Protocol) is a protocol used for transmitting data over the internet. When a client sends a request to a server, it includes an HTTP header, which contains additional info ab request/client.

"Content-Type" header - The purpose of this header is to provide information to the server about the type of data that is being sent in the body of the HTTP request or response.

Ex. if a client sends a POST request to a server with a JSON payload in the body, the Content-Type header would be set to "application/json". This tells the server that the body of the request contains JSON data and helps the server understand how to parse and process the data. Similarly, when a server sends a response back to the client, it includes a Content-Type header that specifies the type of data being sent. This is important because the client needs to know how to interpret the data.

2. Write a line in a sample NGINX configuration that will add that specific header to the `/information` location

location /information {
  add_header X-Custom-Header my-header-value;
  #other configuration directives
}

3. Explain the purpose of the load balancing performed by NGINX

The purpose of load balancing performed by NGINX is to distribute incoming traffic across multiple servers or instances. This helps make websites faster and more reliable by dividing incoming traffic across multiple servers or computers, preventing one server from getting too much traffic and slowing down the website.

4. Modify the following code block to obtain the value of the secret header on `/products` of the AWS site ✅

aws = "3.130.255.192"

response = requests.get("http://" + aws+ "/products")

print("The secret header is:", "'X-Cooler-Header': 'This is my secret header!'")

The secret header is: 'X-Cooler-Header': 'This is my secret header!'

Hacks

Complete the above check-in questions and change the hosts ✅
Complete the above code-segment to retrieve the secret header ✅

Bonus (0.05)

Create a diagram showing the layers of abstraction that allow us to use HTTP (IP, TCP, etc.)

CORS Hacks ✅

1. Explain what CORS is and what it stands for

CORS = Cross-Origin Resource Sharing. It's a security feature used by web browsers that prevents web pages from making requests to a different domain than the one that served the original page. If a website wants to make a request to a different domain, the domain that is being accessed must explicitly allow it by sending special headers in the response. CORS allows for controlled access to web resources that would otherwise be restricted.

2. Describe how you would be able to implement CORS into your own websites To implement CORS in your website, you need to configure your server to include specific headers in the response that indicate which origins are allowed to access your resources. The most important header is the Access-Control-Allow-Origin header, which specifies the domain(s) that are allowed to make requests to your server. You can also use other headers to allow specific HTTP methods or headers.

3. Describe why you would want to implement CORS into your own websites

You would want to implement CORS in your own website if you need to make requests to a different domain to access resources like APIs or to embed content from other websites.

4. How could use CORS to benefit yourself in the future?

If you plan on developing websites that need to interact with resources on other domains (such as APIs or embedded content), implementing CORS can help you avoid security issues and access those resources safely. It can also help you provide a better user experience by allowing your website to communicate with other websites and services seamlessly.

KASM Hacks ✅

1. What is the purpose of "sudo" when running commands in terminal?

The "sudo" command stands for "superuser do" and it allows users to run commands with administrative privileges in the terminal. When a command is run with sudo, it temporarily grants the user administrative access, giving them the ability to perform tasks that require special permissions, such as installing software or modifying system files.

2. What are some commands which allow us to look at how the storage of a machine is set up as?

Some commands to look at how a machine's storage is set up include "df" to see the amount of disk space avaliable on the file system, "du" to estimate file space usage, and "mount" to see what file systems are currently being used.

3. What do you think are some alternatives to running "curl -O" to get the zip file for KASM?

A web browser, a download manager app, or a different command-line tool like "wget".

4. What kind of commands do you think the "install.sh" command has and why is it necessary to call it?

"install.sh" is a command that installs and configures the KASM software on your computer. It is necessary because it contains the necessary commands to install software or packages and automates the installation process, making it easier and more efficient for users.

5. Explain in at least 3-4 sentences how deploying KASM is related to/requires other topics talked about in the lesson and/or potential ways to add things mentioned in the lesson to this guide.

To deploy KASM, a container-based streaming service, various elements such as headers, NGINX, load balancing, configuration, DNS, and CORS are essential. Headers are significant to configure security settings and enable CORS for KASM, while NGINX functions as a reverse proxy to manage incoming web traffic. Load balancing is necessary to distribute traffic equally among several server instances running KASM. Configuration is required to configure the KASM service and determine the specific environment settings. Finally, DNS is used to map the KASM domain name to its IP address, so users can access the service through a web browser.