import socket

# Change the following host and see what IP it prints!
host = "youtube.com"
ip = socket.gethostbyname(host)

print(ip)

142.251.211.238

with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
    s.connect((ip, 80))
    print("Successfully connected!")

Successfully connected!

Check-In

  1. What is an IP address?
    • An IP adress is a series of numbers that identifies a device on a network.
  2. What is a TCP port?
    • A TCP stands for transmission control protocol and is port that establishes communication between a program and an IP address.
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
    s.connect((ip, 80))

    # Send a GET request to "/"
    s.sendall(b"GET / HTTP/1.1\r\n\r\n")

    # Recieve & print 2048 bytes of data
    data = s.recv(2048)
    print(data.decode())

HTTP/1.1 200 OK
Date: Thu, 27 Apr 2023 17:32:17 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=ISO-8859-1
Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-HJ8EzyKULr-0WUXb249ZJg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Server: gws
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: 1P_JAR=2023-04-27-17; expires=Sat, 27-May-2023 17:32:17 GMT; path=/; domain=.google.com; Secure
Set-Cookie: AEC=AUEFqZcGtUallSukZhiZvxvVHpjlLlqYKQDPChiWVohkKQ-aljIZiN3-wQ; expires=Tue, 24-Oct-2023 17:32:17 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
Set-Cookie: NID=511=hlLTKBHmcnFpODfV-rY63Fht3UWc45_Z8xIf-R52ukTQZedR8VZ8iCdQXB4fEOoiKpO-Qvp7W80acsXa8j7c4mdhrijkWBn1V0AAL1bvShQ3KqHx42aVliuDPWm4izvY44clFDMy7mGiiNTBzFexEmU37TJSShBy2W3HhyrFVho; expires=Fri, 27-Oct-2023 17:32:17 GMT; path=/; domain=.google.com; HttpOnly
Accept-Ranges: none
Vary: Accept-Encoding
Transfer-Encoding: chunked

5996
<!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="en"><head><meta content="Search the world's information, including webpages, images, videos and more. Google has many special features to help you find exactly what you're looking for." name="description"><meta content="noodp" name="robots"><meta content="text/html; charset=UTF-8" http-equiv="Content-Type"><meta content="/images/branding/googleg/1x/googleg_standard_color_128dp.png" itemprop="image"><title>Google</title><script nonce="HJ8EzyKULr-0WUXb249ZJg">(function(){window.google={kEI:'obFKZK_cL5e50PEP_Kmj-AY',kEXPI:'0,1359409,1709,4350,206,4804,2316,383,246,5,1129120,1197695,699,380097,16114,28684,22430,1362,12311,17588,4998,13228,3847,3600,32618,2226,2872,2891,3926,8434,58287,2403,2614,12710,432,3,346,1244,1,16916,2652,4,1528,2304,29062,13065,11443,2215,2980,1457,16786,5821,2536,4094,7596,1,42154,

import requests

# Change the URL to whatever you'd like
response = requests.get("https://youtube.com")

print("Status code:", response.status_code)
print("Headers:", response.headers)
print("Response text:", response.text[:100])

# Add a line to print the "Content-Type" header of the response
print("Content-Type:", response.headers.get("Content-Type"))

# Try an image URL!
response = requests.get("https://user-images.githubusercontent.com/111482658/234948199-e0e5437c-afac-4f61-a861-e706c6054c4f.jpg")
print("Status code:", response.status_code)
print("Headers:", response.headers)
print("Response text:", response.text[:100])
print("Content-Type:", response.headers.get("Content-Type"))

Status code: 200
Headers: {'Content-Type': 'text/html; charset=utf-8', 'X-Content-Type-Options': 'nosniff', 'Cache-Control': 'no-cache, no-store, max-age=0, must-revalidate', 'Pragma': 'no-cache', 'Expires': 'Mon, 01 Jan 1990 00:00:00 GMT', 'Date': 'Thu, 27 Apr 2023 17:45:31 GMT', 'Strict-Transport-Security': 'max-age=31536000', 'X-Frame-Options': 'SAMEORIGIN', 'Cross-Origin-Opener-Policy': 'same-origin-allow-popups; report-to="youtube_main"', 'Permissions-Policy': 'ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*', 'Origin-Trial': 'AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9', 'Report-To': '{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}', 'P3P': 'CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."', 'Content-Encoding': 'gzip', 'Server': 'ESF', 'X-XSS-Protection': '0', 'Set-Cookie': 'GPS=1; Domain=.youtube.com; Expires=Thu, 27-Apr-2023 18:15:31 GMT; Path=/; Secure; HttpOnly, VISITOR_INFO1_LIVE=hVRgv3rZSwI; Domain=.youtube.com; Expires=Tue, 24-Oct-2023 17:45:31 GMT; Path=/; Secure; HttpOnly; SameSite=none', 'Alt-Svc': 'h3=":443"; ma=2592000,h3-29=":443"; ma=2592000', 'Transfer-Encoding': 'chunked'}
Response text: <!DOCTYPE html><html style="font-size: 10px;font-family: Roboto, Arial, sans-serif;" lang="en" syste
Content-Type: text/html; charset=utf-8
Status code: 200
Headers: {'Connection': 'keep-alive', 'Content-Length': '1603102', 'Last-Modified': 'Thu, 27 Apr 2023 17:45:02 GMT', 'ETag': '"de376f0b3bce85447a2f05f8f1586a53"', 'x-amz-server-side-encryption': 'AES256', 'Cache-Control': 'max-age=2592000', 'Content-Type': 'image/jpeg', 'Accept-Ranges': 'bytes', 'Date': 'Thu, 27 Apr 2023 17:45:32 GMT', 'Via': '1.1 varnish', 'Age': '0', 'X-Served-By': 'cache-mia-kmia1760063-MIA', 'X-Cache': 'MISS', 'X-Cache-Hits': '0', 'X-Timer': 'S1682617532.962313,VS0,VE293', 'Content-Security-Policy': "default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;", 'X-Fastly-Request-ID': '506d1c0dacc22c961721cee15c4118e23d8c8bed', 'Server': 'GitHub Cloud', 'Strict-Transport-Security': 'max-age=31536000; includeSubDomains', 'X-Content-Type-Options': 'nosniff', 'Timing-Allow-Origin': 'https://github.com'}
Response text: ���� JFIF  H H  ��(ICC_PROFILE   appl   mntrRGB XYZ �        acspAPPL    APPL          
Content-Type: image/jpeg

NGINX 

aws = "3.130.255.192"

response = requests.get("http://" + aws)
print(response.text)

<!doctype html>
<html>
<head>
<title>Cool site</title>
<meta name="description" content="cool site for apcsp">
</head>
<body>
Hello, this is my cool site. Check out my products:
<a href="/products">Products!!</a>
</body>
</html>

Configuration 

server {
    // Listen on virtual "port 80"
    listen 80;
    listen [::]:80;
    server_name 3.130.255.192;

    location / {
        // Inform server about original client
        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;

        // Forward all requests transparently to the server running on our computer
        proxy_pass              http://localhost:9099;
    }
}

Load Balancing 

upstream example.com {
    server server1.example.com;
    server server1.example.com;
}

HTTP Headers 

server {
    add_header X-Cool-Header "I love APCSP!";

    location /pages {
        add_header X-Cooler-Header "This is my secret header!";
    }
}

Check In

  1. Research 1 HTTP header and describe, in detail, its purpose.

    • This is an example of an HTTP header a user could include in their HTTP request:
    • User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36
    • This header is very useful for the server that needs to respond to the request. Since the user sent this information along with the request, it gives much more helpful information that can help the server with things like compatiability, security, and analyitics.

  2. Write a line in a sample NGINX configuration that will add that specific header to the /information location

    • using your code/server from earlier, I can add a specific header to the '/information' location with this code

      ```nginx server { add_header X-Cool-Header "I love APCSP!";

      location /pages { add_header X-Cooler-Header "This is my secret header!"; }

      location /information { add_header Alexa-Header "This is cool"; } }

  3. Explain the purpose of the load balancing performed by NGINX

    • Load balancing by NGINX distributes network traffic among many servers/computers. This improves efficiency, reliability and availability of the application.
  4. Modify the following code block to obtain the value of the secret header on /products of the AWS site
import requests

aws = "3.130.255.192"

response = requests.get("http://" + aws + "/products")

secret_header = response.headers.get('X-Cooler-Header')

print("The secret header is:", secret_header)

The secret header is: This is my secret header!

Hacks

  • Complete the above check-in questions and change the hosts (0.1) ✅
  • Complete the above code-segment to retrieve the secret header (0.1) ✅

Bonus (0.05)

Create a diagram showing the layers of abstraction that allow us to use HTTP (IP, TCP, etc.)

  • My diagram showing the internet and HTTP: Alexa's Diagram

CORS Hacks

  1. Explain what CORS is and what it stands for

    • CORS stands for Cross-Origin Resource Sharing. CORS prevents unauthorized access or manipulation of data since it blocks applications from making requests to a different domain or origin than originally specified.

  2. Describe how you would be able to implement CORS into your own websites

    • I could implement CORS into my own websites by determining what orgins I want to restrict. I can then implement Access-Control-Allow-Origin: https://example.com to only allow this example origin. I could also use other CORS headers.

  3. Describe why you would want to implement CORS into your own websites

    • I would want to implement CORS into my websites for security purposes. CORS can prevent unwanted attacks and manipulation.

  4. How could use CORS to benefit yourself in the future?

    • CORS could benefit me in the future since I could have more secure websites as well as better preforming ones.

Total: 0.2 points

KASM Hacks

  1. What is the purpose of "sudo" when running commands in terminal?

    • "Sudo" overrides any issue needing permmision in the terminal. So, if I need to do a command that requires a higher-permmision than the root-user, I would put "sudo" in front of it.

  2. What are some commands which allow us to look at how the storage of a machine is set up as?

    • Some command whoch allow us to look at how the storage of a machine is set up as are "dir", "diskpart", "wmic logicaldisk get" and "diskmgmt.msc" (on windows).

  3. What do you think are some alternatives to running "curl -O" to get the zip file for KASM?

    • Some alternatives to running "curl -O" are to manually download the zip file using "wget" or to download and transfer it through something like Google-Drive.

  4. What kind of commands do you think the "install.sh" command has and why is it necessary to call it?

    • Checking for system requirements
    • Downloading necessary files
    • Setting up environment
    • Installing necessary packages or libraries
    • "install.sh" is called to make the the installation process easier and more likely to be sucessful.

  5. Explain in at least 3-4 sentences how deploying KASM is related to/requires other topics talked about in the lesson and/or potential ways to add things mentioned in the lesson to this guide.

    • Deploying KASM, the container-based streaming service, requires several components such as headers, NGINX, load balancing, configuration, DNS, and CORS. Headers are important for configuring security settings and enabling CORS for KASM. NGINX is used as a reverse proxy to handle incoming web traffic and load balancing is necessary for distributing the traffic among multiple server instances running KASM. Configuration is required to set up the KASM service and define the specific settings for the environment in which it will run. DNS is used to map the KASM domain name to its IP address, so users can access the service through a web browser. Overall, deploying KASM requires a comprehensive understanding of the technologies involved, including headers, NGINX, load balancing, configuration, DNS, and CORS. It is a complex process that requires careful planning and execution to ensure the service runs smoothly and securely.

Total: 0.2 points