Hello, everyone, and welcome back to the course. Need 500. Thanks. True logs,
Amigo Vieira in After a brief review about application structure, let's talk about the GP. Anticipate E
first considered this information One of the difference between recipe and your GP is the recipe. Establish a connection, which a process called through a handshake? Is his information true or false?
There's a few missions. True,
the 300 shake is a process that recipe uses to establish the connection between the client and server. The your GP Do not do this.
It's only saying the packets.
That's why the CPS called connection oriented and GDP its connection. N'est ce.
Later, we'll talk about the impact off recipe through a handshake In the log. Analysis,
let's start talking about blowing up the shock troops
in this video. The loan of Jap ships are
a brief review off. It'd be
followed by a review off I p anticipate model
and after we will present our levy for structure.
So let's start talking about http
http. Means hypertension transfer protocol
in here. The definition off war is a protocol.
A protocol is a set off. Rules tell our communication
and the set off rules is the funding inner FC.
You can check it in this webpage.
As we said before, we fit you to be the clients. Has something to the server in this, Have you answer so that you could be is how the client in several top
two things are really important to know. First http methods
they are sent by the clients in just the Web. Seven. What they want to do
and the 2nd 1 is they started schooled. They started. Scold is a way that Web server sent to decline. What the seven date with their request
e summary. The brother of your sins are get,
and it's go through a network.
The website will receive its and answers back with a start. It's cold.
The Web client. You got the answer and you show the page.
So the method is like a common
in that teepee starts cold is a result off this common.
But what are these HDP methods
here? The Dave off methods
most common are they get in post methods.
They get request a resource like a file image or some other resource.
The Post sent something to the Web server like my user name or password, the RC classified the methods with some properties.
One off this properties is if the method is safe.
The safe definition means that the methods is read on Lee.
So the method should not change anything on the Web server.
However, as we have seen, this course get can be used to perform attacks like brute force. Oh, Http. Flu
Other profits can be found in this action for the Jew off the RFC.
Now they started school. They started schooled. We'll tell us how the Web seven processes that tried to request
the most common codes are inside five favorite off codes.
The hundreds that are informational
200 that I coached you *** for operations
three hundred's. That means read directions.
400 means client Aargh
The client performed are wrong request
and the five hundred's means this ever error
the Rebs. Irvin could not answer the request because often ever
attacks Miss configuration overload can cause this.
And this is lied. I resume off the most common start. It's cold.
It is important to know some off them. Let's just go some
This means that the Web's ever answered, and the client would get the answer.
300 into is the most common for head directions.
This happens when our base sent you to another one.
For example, after report your user name and password, the replication can send you to another Web page. The 404 happens when the Web seven doesn't find the requested resource.
It can be a typing there from the user. A wrong work Paige call in the cold. Are someone trying to find information?
You can check all the codes in the RFC
after this river review about http Lets talk about J C V I. P.
Http is an application protocol like the N S a. R a. Same tippy seems, http, is an application protocol.
It uses the application layer and it is located
at the top off the both martyrs. O aside and TCP I p
http uses lower layers to reach its destination. Like clients in servers. Usually they TTP uses TCP ports. 80
other ports, like 80 80 are possible, too.
If you see a yes alternated you be,
this stands for secure,
and it means that HDP restaurants were encrypted.
The most common port to https is 443
But like it should be, it's possible to see the GPS running in our knowledge. TCP ports.
But why should we care about recipe? I be
if the website in client use this HTTP.
As we said the GOP uses to c p i p
to clarify here we have a package capture
for our communication between clients in Web server.
The three first lines are the D. C P I. P. Communication. That three way handshake,
the TCP epic on vacation, is handled by the Web server operational system.
The TTP doesn't care about it.
If a client is a Web browser, it will say today, operational system the three way in shake your core and operational system built out of the Web browser. Hey, we are connected with this server. You can use this connection to say you're a tip information.
Then the next line is http request
here. I'll get this means that it should be and a GPS communications on Lee starts after the recipe to a handshake and the Web seven we own log Did you should be part https requests.
So for this communication, the website of it. We want we show one logline
and to finish here that apology that we were used during our course.
We have a new doctor machine
and they're vulnerable. Web application.
The replication is that all of us broken Web application projects application
and between the attacker in the application there is a firearm.
Everything here is viewed well,
so the process will be We use the tractor machine, just Dr Replication.
After the attack, you start the logs and you analyze them to identify the attack.
We also have a Web seven units to get some real logs, and those logs will be used as example.
Now answer the question.
I think the Web service starts cold on the left with its description on the right
Here you have the answer.
Just to remember, the 200 means succes are okay
for the next question. Consider this in a row.
You are a sock analysts and someone shows to you a packet Capture
the package capture below
Supposed I didn't need the Web. Seven logs.
How many lines we'll have the Web. Several logs to this communication.
A July ings Be four lines. See one line or d zero lines.
The answer is letter C one line. As we said before, the TTP communication starts after the three way handshake.
So we only have one. Http requests what means that we only have one logline
in this video we talked about http, is your important components http methods sent by the clients to the Web server and 80 to be stars codes sent from the Web. Seven to the clients as answer.
And finally, we review a little too c p I p Protocol
and how it is related to a T. T. P.
In the next video, we'll talk about logs and dizzy pardons. Where were we did find the key information in the Web, several logs and after you do some analyses on the most common website a social logs
like Apache in Jack's and Microsoft IIs.