HTTP Hypertext Transfer Protocol

History: Is it really used only for hypertext (an image…)?




Others (head)

Status codes

100 continue

200 Success

300 redirect

400 errors

500 server errors


Keep Alive

MIME type

Accepted encoding (compression)

HTTP version (1.0 limitation – compression and Keep alive)



  1. Signing (Identification)
  2. Encryption

RSA (Rivest, Shamir & Adleman)

Using two (big) Prime numbers, Power and Modulus to create hard to reverse encryption function.

Multiplying two numbers are easy, but factoring a number is very hard.

Public / Private keys

Encrypt – using public key

Sign – using private key

SSL – Secure Socket Layer

Using RSA to create a secured channel for transfer symmetric cipher (Handshake)

Which then used to secure the rest of the traffic.


HTTP Protocol over SSL connection

Certificate Authority

Comes install on the OS

Can add more

They only validate you are who you claim before granting a certificate

Certificate validation

Authority Chain


Host name (Wildcard vs. Subject Alternative Name vs. single)

Man in the middle – Fiddler sample

Handshake failure




Web Server / App Server

Web Server – HTTP and HTTPS of static files

IIS Demo

Application Server


Oracle WebLogic

Apache Tomcat

IBM WebSphere

Java vs. .NET vs. PHP vs. etc.


Open Source vs. Proprietary

. Net on Linux (Mono)

. NET become open source (will run on Linux and Mac)

Mandatory: Mapping, Booking, Searches ( 1 type)

Post-Sale: As much commercial info as possible

Pre-development: technical info

Caching-storing data that is more accessible

Sorting is important based on promotions (price, location, etc.)

Destination web service is most effective way of doing mapping

Exact Destination – Specific (Compared to surrounding)

Compression – make file smaller

Supplement – resort, tax, cleaning

Caching – 30 minutes

Gethoteldetails -> Pulls static data

Understand the difference in classes: Class A, Class B, Class C

There is a service to hide IP’s called hidemyip; which is a VPN

You can change administration on your machines

DNS-Domain Naming System-Will tell you the IP address of a domain

Server replies to NS system names

Option to buy host names and IP addresses

Organization is divided names by country and

  • .com, .ac, .edu, .org, .net, .gov,, to look up domain names

Just search DNS server for websites that you cannot reach

Click on Internet Access->Open Network and Sharing Center->Local Area Connection->Details->Properties

Security-Firewall (Problems in China)

Ping allows you to see speed you expect from a website and allows you to see the IP address

Tracert-using pings

Windows Powershell: measure-command {nslookup}

Ipconfig /flushdns


Broadcasting vs. Direct Communication

Gateway-server (software, hardware); if you want to send something out


DNS has capability to point to another Domain

What is a CDN?

Data Cacheing

Proxy=Fiddler, Akamaki; can cache external sites/do not need to external sites to get

Lookback-speak with yourself

Protocol-the method of communication

A dedicated line

Clearing cache in settings, incognito mode,

CPCU works with 32/64 bits

Microsoft message analyzer-instead of a proxy, sits on your network card and listens to every package of information that is going on

Compression-ZIP, RAM, gzip (protocol for compression), deflate

Check what we know about the client: Are they data cacheing, what’s the speed

Fiddler is for http;

Why ping is block or why it is sending some, voice over ip=not fiddler

Telnet is a good tool for you to see if something is open

Control Panel->All Control Panel Items->Programs and Features

Ping doesn’t have to go far so that is why it is so fast

Sometimes the server is too small to compress

Compression takes a lot of power from CPU

Task Manager

Motherboard-has a socket that can hold CPU

Compression requirements (Can use Wireshark)


  • http 1.1
  • Accept encoding header
  • Via proxy header (Default)

Server side:

  • Mine type declared for Compression enabled (dynamic/static)
  • Folder exists (static)
  • File size
  • CPU load

Can you look for requests from Client and see if it is compressed.

Second option is to have the client install Wireshark

Web Server-Application that listens on port 80 until send someone sends an http request; Microsoft gives you ISS; Give you static information only

Remote Desktop=Telnet;

Internet Information Services

You can use different ports for different sites with the same IP

Application Server

ASP, THEN ASP.NET, allow you to create pages on the fly

HTTPS-Encrypt data by using the client and server and both have the right cyphers;

Key transfer was the main problem with encryption

1)         We will only encrypt a key

2)         We will change keys

View certificate to see key

Trusted Root Certification Authorities

GUI-Graphical User Interface

-Disadvantage: Extra data/unneeded\

-It’s slower

-No commitment from the company

Contain lots of additional not needed data; therefore slow

Changed frequently (wo a notice, wo\

Scraping-taking some automation to get information from a website

Scraping fees the revenue management tool


Adjacent format-used in mobile applications; the data can be parsed easily


Cons: Jason is hard to read

XML-markup language; based on tags to share data

Ted Talk about a guy breaking into codes with graphical interface to detect binary code

Go to W3 schools and get XML Certification

File->New->XML File->

Schemes are used to declare an XML

Leave a Reply

Your email address will not be published. Required fields are marked *