Scribd
Upload
43 views

Chapter 3a - DHCP DNS HTTP

This document discusses the Domain Name System (DNS) and how it translates domain names to IP addresses in 3 steps: 1. A client device sends a DNS request for a domain name (e.g. www.google.com) to its local DNS server. 2. The local DNS server checks its cache and if no match, queries authoritative name servers to find the domain's IP address. 3. The authoritative name server replies with the domain's IP address which gets returned to the client and stored in caches. DNS uses a hierarchy of root, TLD, and authoritative name servers to resolve domain names efficiently.

Uploaded by

kiatang04
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
43 views

Chapter 3a - DHCP DNS HTTP

This document discusses the Domain Name System (DNS) and how it translates domain names to IP addresses in 3 steps: 1. A client device sends a DNS request for a domain name (e.g. www.google.com) to its local DNS server. 2. The local DNS server checks its cache and if no match, queries authoritative name servers to find the domain's IP address. 3. The authoritative name server replies with the domain's IP address which gets returned to the client and stored in caches. DNS uses a hierarchy of root, TLD, and authoritative name servers to resolve domain names efficiently.

Uploaded by

kiatang04
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 37

Chapter 3

Translate
Get IP address Browser send HTTP requests Browser renders
URL to IP
from DHCP Server to Web Server HTML files
using DNS
192.168.1.1

Translate
Get IP address Browser send HTTP requests Browser renders
URL to IP
from DHCP Server to Web Server HTML files
using DNS
understand these 3
things
DHCP

DNS

HTTP
Dynamic Host Configuration
Protocol (DHCP)

assign dynamic IP address automatically


DHCP
Provides dynamic IP address to hosts in a LAN

• ANY hosts in a LAN need an IP address to communicate. IP can be static or dynamic.


• A DHCP server automatically assigns a dynamic IP address to the newly connected
hosts.
DHCP is a server to assign dynamic IP address automatically
important "DORA"
- How to assign IP to host in a LAND O R A
I F E
C
K
S F Q N
C E U O
W
O R E L
V S E
D
E T G
R E
DHCP DORA
• Using the DORA commands
• Discover discover packet

• Offer
• Request
• Acknowledge
(1) Discover:
process to request IP
When a device connects to a network, it sends a broadcast message called a
DHCP discover packet to request its configuration parameters. This packet is sent
to the broadcast address of the local subnet and is received by all devices on the
subnet, including the DHCP server.

(2) Offer:
If the DHCP server receives the discover packet, it responds with a DHCP offer
packet that includes an available IP address and other configuration parameters.
The offer packet is unicast (sent to a specific device) to the requesting device.
broadcast to add request the IP address, DHCP server reassigned and confirm the
address
(3) Request:
The requesting device responds with a DHCP request packet, acknowledging the
offer and requesting that the IP address and other parameters be assigned to it.

(4) Acknowledge:
If the DHCP server receives the request, it sends a DHCP acknowledge packet to
confirm the assignment of the IP address and other parameters to the requesting
device. The device is now configured and ready to communicate on the network.
DHCP DORA
Steps by steps DHCP Client DHCP Server
DISCOVER
0.0.0.0 1.1.1.1
sourceIP: 0.0.0.0
destIP: 255.255.255.255

OFFER
0.0.0.0 1.1.1.1
sourceIP: 1.1.1.1
destIP: 255.255.255.255
Offered IP: 1.1.1.2 server offer 1.1.1.2
REQUEST confirm the IP
0.0.0.0 1.1.1.1
sourceIP: 0.0.0.0
destIP: 255.255.255.255

ACKNOWLEDGE
1.1.1.2 1.1.1.1
sourceIP: 1.1.1.1
destIP: 255.255.255.255
IP-MAC DHCP Binding
How DHCP server always assign the same IP address to the same PC?

DCHP Server (1.1.1.1)

51:aa:bc:18:19:20
IP Address MAC address
1.1.1.2 51:aa:bc:18:19:20

1.1.1.3 11:22: :33:23:89:19

1.1.1.4 na

IP-MAC Address Binding (Cache)

after received IP, IP will not be changed


because the Server has set your MAC
address
ff
DHCP DEMO
(Packet Tracer)
Domain Name Service (DNS)
very important
DNS Translation

www.google.com -> DNS server -> 142.250.199.46

URL / domain name Web server IP


How DNS works? (3) The IP address of
www.avotechtv.com is 1.1.1.1

DNS
(2) What is the IP
Reply
address of
www.avotechtv.com? DNS Server

Client Device Web server


(Chrome)
(1) User browse to www.avotechtv.com HTTP
HTTP
DNS
avotech Reply
Request
(5) (4)
Web Web browser
server send send
HTTP_Reply to
HTTP_Request
containing to 1.1.1.1
the webpage php
www.avotechtv.com
IP: 1.1.1.1
Types of DNS Server

Root DNS: Manages top-level domain (TLD) DNS


servers. Only 13 in this world.
to find IP address
TLD DNS: Resolves domain names to authoritative
DNS servers.
.com, .my, .edu, .gov, etc
Authoritative DNS: Holds specific domain's DNS
records and provides authoritative responses.
google/ utar
Local DNS (Cache): Stores recently resolved DNS
recursive server queries for quicker future retrieval.
DNS Server Hierarchy
DNS Resolution if not identify,
Root
DNS
(Walking the tree)
.com .edu .org .net

Authoritative Authoritative Authoritative Authoritative


DNS DNS DNS DNS

TM Google cache (look like history)


DNS DNS
127.0.0.1 202.188.18.188 8.8.8.8 search here first
Recursive
DNS
Dest
Your PC
Server
ipconfig/ displaydns 1.1.1.1
nslookup www.apple.com
nslookup www.utar.edu.my
DNS Resolution
(Walking the tree)
Root
DNS

.com .edu .org

Authoritative
DNS
DNSSEC
DNS Poisoning
• DNS request/response in cleartext
• DNS records can be modified by attackers during transit
• Attacker can also hack into the DNS servers to change the IP:URL mapping

8.8.8.8
LEGIT
DNS URL IP
avotechtv 11.11.11.11
Server 216.58.221.206
17.253.144.10

11.11.11.11
Web
Server normal server
IP: 10.10.10.10
192.168.1.1 URL:

middle got attackers intercept your IP REDIRECTED Rogue attacker server


Server
attacker server send a fake IP but the page is same with the
IP: 11.11.11.11
original
URL:
DNS Poisoning
• DNS request/response in cleartext
• DNS records can be modified by attackers during transit
• Attacker can also hack into the DNS servers to change the IP:URL mapping

8.8.8.8 URL IP

DNS avotechtv 10.10.10.10


216.58.221.206
Server 17.253.144.10

nslookup

Web
Server
IP: 10.10.10.10
192.168.1.1 URL:

Rogue
Server
IP: 11.11.11.11
URL:
How DNSSEC works?
DNS records DNS records + DNSSEC SIG
DNS Poisoning
• DNS request/response in cleartext
• DNS records can be modified by attackers during transit
• Attacker can also hack into the DNS servers to change the IP:URL mapping

8.8.8.8
URL IP
DNS avotechtv 10.10.10.10
google.com 216.58.221.206
Server
apple.com 17.253.144.10
nslookup

Web
Server
IP: 10.10.10.10
192.168.1.1 URL: avotechtv.com

Rogue
Server
IP: 11.11.11.11
URL: avotechtv.com
example for slide 22 / DNS Poisoning
Hypertext Transfer Protocol
(HTTP)
HTTP - NOT SECURE
HTTPS - SECURE
Browser
Browser
Chrome OS (browser OS)
HTTP
• For sending/receiving hypermedia documents (like HTML)
HTML - CREATE
WEBSITE
• Client send http_request, Server reply with http_response
FILE
FILE

DESTINATION

IP

IP
BUT WE SAW IS WEB PAGE
HTTP EXAMPLE

Client send http_request, Server reply with http_response

Web
http_request (GET/POST ‘main.html’)
Server

http_response (200 OK ‘main.html’) IP: 10.10.10.10


192.168.1.1 URL: avotechtv.com

main.html
HTTP Path
only http got port,
so no secure
http/https got deeper or shortcut to
www destination

https://avocafe1989.wixsite.com

https://avocafe1989.wixsite.com:8080

https://avocafe1989.wixsite.com:8080/main.html

https://avocafe1989.wixsite.com:8080/assessments.html
HTTP Versions

HTTP HTTPS

•Connections are not secure •Connections are secured with SSL/TLS

•Port 80 or Port 8080 •HTTP(s), Port 443

•Vulnerable to Man-in-the-Middle Attack •Data sent are encrypted.

•Passwords are sent in plaintext •Only the authorised users can see the
content.
WEB 1.0, 2.0, 3.0
•Web 1.0 - static webpages, to display information
•Web 2.0 - interactive webpages, content creation, video streaming, browser games
•Web 3.0 - like web2.0, but decentralised
HTML
•HyperText Markup Language (HTML) is the language websites are written in.
•Web browser like Chrome reads HTML document and display the website based on
the ‘code’ in the HTML file.

•Websites are primarily created using:


•HTML, to build websites and define their structure
•CSS, to make websites look pretty by adding styling option
•JavaScript, implement complex features on pages using interactivity

You might also like