import socket

# Change the following host and see what IP it prints!
host = "safari.com"
ip = socket.gethostbyname(host)

print(ip)
75.2.70.75
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
    s.connect((ip, 80))
    print("Successfully connected!")
Successfully connected!

Check-In

  1. What is an IP address?

An IP address is an address that is assigned to a device or network that is used for locating and sending data across the internet.

  1. What is a TCP port?

A TCP port is Transmission control protocol in which uses ports to identify and transfer information between programs over a network.

with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
    s.connect((ip, 80))

    # Send a GET request to "/"
    s.sendall(b"GET / HTTP/1.1\r\n\r\n")

    # Recieve & print 2048 bytes of data
    data = s.recv(2048)
    print(data.decode())
HTTP/1.1 400 Bad Request
Date: Thu, 27 Apr 2023 18:55:56 GMT
Content-Type: text/html
Content-Length: 154
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>openresty</center>
</body>
</html>

import requests

# Change the URL to whatever you'd like
response = requests.get("https://www.google.com/url?sa=i&url=https%3A%2F%2Fstock.adobe.com%2Fsearch%3Fk%3D%2522smiley%2Bface%2522&psig=AOvVaw3JtGcsd7f8VfaHeSnF_LJD&ust=1682711751215000&source=images&cd=vfe&ved=0CBAQjRxqFwoTCPDZpv7ryv4CFQAAAAAdAAAAABAE")

print("Status code:", response.status_code)
print("Headers:", response.headers)
print("Response text:", response.text[:100])
print("Content-Type header:", response.headers.get("Content-Type"))

# Add a line to print the "Content-Type" header of the response
# Try an image URL! I did a smiley face image.
Status code: 200
Headers: {'Date': 'Thu, 27 Apr 2023 19:56:25 GMT', 'Pragma': 'no-cache', 'Expires': 'Fri, 01 Jan 1990 00:00:00 GMT', 'Cache-Control': 'no-cache, must-revalidate', 'Content-Type': 'text/html; charset=ISO-8859-1', 'Content-Security-Policy': "object-src 'none';base-uri 'self';script-src 'nonce-ipdkIqdKNz2pEDAR3TWVVQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other", 'P3P': 'CP="This is not a P3P policy! See g.co/p3phelp for more info."', 'Content-Encoding': 'gzip', 'Server': 'gws', 'X-XSS-Protection': '0', 'Set-Cookie': 'NID=511=aAicFG3GwuMAUjj_XgtI6IbHw1C8hvqX6z_IIxxURhT13htN1bDipRET2LT2FEmpDj4dA1tc-jHfPfpdo6VAvQ7ENgMcty8vXI45RUC3b_TA1jG3XB3laFz3nXuG4LhLUjL4inrnZ18lyOzMjiYUJLwNmnmushIIddCC8kcVfsQ; expires=Fri, 27-Oct-2023 19:56:25 GMT; path=/; domain=.google.com; HttpOnly', 'Alt-Svc': 'h3=":443"; ma=2592000,h3-29=":443"; ma=2592000', 'Transfer-Encoding': 'chunked'}
Response text: <html lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title
Content-Type header: text/html; charset=ISO-8859-1

NGINX

aws = "3.130.255.192"

response = requests.get("http://" + aws)
print(response.text)
<!doctype html>
<html>
<head>
<title>Cool site</title>
<meta name="description" content="cool site for apcsp">
</head>
<body>
Hello, this is my cool site. Check out my products:
<a href="/products">Products!!</a>
</body>
</html>

Configuration

server {
    // Listen on virtual "port 80"
    listen 80;
    listen [::]:80;
    server_name 3.130.255.192;

    location / {
        // Inform server about original client
        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;

        // Forward all requests transparently to the server running on our computer
        proxy_pass              http://localhost:9099;
    }
}

Load Balancing

upstream example.com {
    server server1.example.com;
    server server1.example.com;
}

HTTP Headers

server {
    add_header X-Cool-Header "I love APCSP!";

    location /pages {
        add_header X-Cooler-Header "This is my secret header!";
    }
}

Check In

  1. Research 1 HTTP header and describe, in detail, its purpose.

The header of an iPhone user on Safari:

GET /index.html HTTP/1.1 Host: www.example.com User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive

This header is the header of an iPhone user on Safari requesting for an example website. The first line specifies the HTTP method being used (ex."GET"), the the wanted information ("/index.html"), and the HTTP version being used ("HTTP/1.1" NOT 1.0 which is older). The next two lines provide the host name of the server being accessed, the user-agent string identifying the browser and operating system (in this case Safari), and the accepted content types and encodings. The client will receive "/index.html" from the server at www.example.com.

  1. Write a line in a sample NGINX configuration that will add that specific header to the /information location

location /information { add_header User-Agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36"; }

  1. Explain the purpose of the load balancing performed by NGINX

Load balancing performed by NGINX helps to distribute large amounts of incoming traffic across multiple servers to help with efficiency and reliability. One server may not be able to handle a lot of traffic from a specific website. Distributing the traffic to multiple servers prevents overloading and helps with response times.

  1. Modify the following code block to obtain the value of the secret header on /products of the AWS site
aws = "3.130.255.192"

response = requests.get("http://" + aws+ "/products")

secret_header = response.headers.get("X-Cooler-Header") # I got this name from above

print("The secret header is:", secret_header)
The secret header is: This is my secret header!

Hacks

  • Complete the above check-in questions and change the hosts (0.1)
  • Complete the above code-segment to retrieve the secret header (0.1)

Bonus (0.05)

Create a diagram showing the layers of abstraction that allow us to use HTTP (IP, TCP, etc.)

  • Internet Map

CORS Hacks

  1. Explain what CORS is and what it stands for

CORS stands for Cross-Origin Resource Sharing, and is responsible for adding security to vulnerable websites and online services by preventing access to certain domains without permission. This helps to avoid hackers or other people from accessing private information from a website or performing malicious acts on behalf of a user.

  1. Describe how you would be able to implement CORS into your own websites

In order to implement CORS into my own website, I can add new headers that restrict the origins of requests such as: 'Access-Control-Allow-Origin', '*'. I can also allow the methods of get, post, etc. to be used (you can pick and choose). The 'Access-Control-Allow-Headers' header would allow for requests to be made with listed headers so that CORS does not reject them.

  1. Describe why you would want to implement CORS into your own websites

CORS helps ensure that your resources are only accessible to trusted domains and reduce the risk of web-based attacks. CORS acts as a wall for hackers and people with malicious intentions, and checks for secure and trusted domains before allowing requests (get, post, etc.).

  1. How could use CORS to benefit yourself in the future?

I could use CORS in future websites to help protect my users from getting their content stolen. In the future, I hope to have users log in with more information and I want them to feel safe having more important information stored on the website. CORS will help with the security of my users.

Total: 0.2 points

KASM Hacks

  1. What is the purpose of "sudo" when running commands in terminal?

Sudo allows users who are not root-level to perform root-level commands. Sudo verifies a user's identity and gives them access to perform commands that were previously restricted.

  1. What are some commands which allow us to look at how the storage of a machine is set up as?

Some commands which allow us to look at how the storage of a machine is set up as are "df -h" and "du", which display the amount of used versus available disk space on a file system and estimates the disk space used by files and directories. These commands will help a user determine how much storage is on their device, how much they have used, and how much they have left.

  1. What do you think are some alternatives to running "curl -O" to get the zip file for KASM?

Some alternatives to running "curl -O" tp get the zip file for KASM include using wget to wget the file or going directly to the KASM website and downloading the file there.

  1. What kind of commands do you think the "install.sh" command has and why is it necessary to call it?

The "install.sh" command likely contains a series of commands to install and configure software on a system. It is necessary to call it to make sure all installations of software are installed the same way, allowing for easier updating and compatibility between software.

  1. Explain in at least 3-4 sentences how deploying KASM is related to/requires other topics talked about in the lesson and/or potential ways to add things mentioned in the lesson to this guide.

Deploying KASM involves using Docker, as mentioned in the lesson above. A user still needs to manage containers and know how to add security measures such as CORS. They also need to configure networking and security settings to ensure that the containers are accessible and secure. It would be helpful for this lesson to guide to compare and contrast deployment with KASM versus without. I liked how KASM helps decrease the digital divide by allowing chromebook users to access VScode and other useful programs.

Total: 0.2 points

AWS/RDS Hacks

DELETED from hacks