Web Standards

HTTP Protocol

The web is run on port 80. You are probably wondering what "port 80" is, right (whether you actually are or not is irrelevant)? Well, the answer is easy (not really). See, the Internet and the web are different. The Internet is the infrastructure (ie the physical wires, the server hardware, etc) and the web is the ideas and the software. I say ideas because before the web the Internet was a mess of wires and powerful computers using POP3 and SMTP for communication, FTP for file transfer, and TELNET for remote shell access, among others. Then the web came along, and Internet use spread to the home and all across the world. See, in plain terms, a web server broadcasts HTML to all connected clients on port 80, so port 80 is the "HTTP port." HTTP is the protocol, or set of standards for port 80 and its software. The client software is your browser, (ie probably Internet Explorer but hopefully Firefox), and the server is something like Apache or IIS(uug). This relates to hacking, as you will see later, but first you need to know more about HTTP. (the spaces before the < & > are put in so this isnt thought of as HTML)

< html >

< body >

< img src="image.png" >< br >

< div align="center" >text< /div >

< /body >

< /html >

If Apache is serving that, and Firefox picks it up, It will replace the < img src... etc with the image found at image.png relative to the working directory of the page requested, (ie ./, current dir), and the < div... is turned into text printed in the middle of the page. Since the code is processed from top to bottom, the br means that the browser should skip down one line and start the rest from there. The top two and bottom two lines tell the browser what part of the page it is reading. You migh have noticed the < /div >, the < /body >, etc. They "close" the tag. Tag is a term for anything in s, and they must be opened (ie introduced) and closed (ie < /tag >). If you want to learn HTML tagging, just head over to our close friend Google and do a search.

Since you haven't gotten to the programming section, and currently I have not even wrote it, I will show you a web server example in the simplest form I can think of that will work on any OS you are currently using. So the obvious choice is JAVA:

import java.net.*; import java.io.*; import java.util.*;

public class jhttp extends Thread {

Socket theConnection;

static File docroot;

static String indexfile = "index.html";

public jhttp(Socket s) {

theConnection = s;

}

public static void main(String[] args) {

int thePort;

ServerSocket ss;

// get the Document root

try {

docroot = new File(args[0]);

}

catch (Exception e) {

docroot = new File(".");

}

// set the port to listen on

try {

thePort = Integer.parseInt(args[1]);

if (thePort < 0 || thePort > 65535) thePort = 80;

}

catch (Exception e) {

thePort = 80;

}

try {

ss = new ServerSocket(thePort);

System.out.println("Accepting connections on port "

+ ss.getLocalPort());

System.out.println("Document Root:" + docroot);

while (true) {

jhttp j = new jhttp(ss.accept());

j.start();

}

}

catch (IOException e) {

System.err.println("Server aborted prematurely");

}

}

public void run() {

String method;

String ct;

String version = "";

File theFile;

try {

PrintStream os = new PrintStream(theConnection.getOutputStream());

DataInputStream is = new DataInputStream(theConnection.getInputStream());

String get = is.readLine();

StringTokenizer st = new StringTokenizer(get);

method = st.nextToken();

if (method.equals("GET")) {

String file = st.nextToken();

if (file.endsWith("/")) file += indexfile;

ct = guessContentTypeFromName(file);

if (st.hasMoreTokens()) {

version = st.nextToken();

}

// loop through the rest of the input li

// nes

while ((get = is.readLine()) != null) {

if (get.trim().equals("")) break;

}

try {

theFile = new File(docroot, file.substring(1,file.length()));

FileInputStream fis = new FileInputStream(theFile);

byte[] theData = new byte[(int) theFile.length()];

// need to check the number of bytes rea

// d here

fis.read(theData);

fis.close();

if (version.startsWith("HTTP/")) { // send a MIME header

os.print("HTTP/1.0 200 OKrn");

Date now = new Date();

os.print("Date: " + now + "rn");

os.print("Server: jhttp 1.0rn");

os.print("Content-length: " + theData.length + "rn");

os.print("Content-type: " + ct + "rnrn");

} // end try

// send the file

os.write(theData);

os.close();

} // end try

catch (IOException e) { // can't find the file

if (version.startsWith("HTTP/")) { // send a MIME header

os.print("HTTP/1.0 404 File Not Foundrn");

Date now = new Date();

os.print("Date: " + now + "rn");

os.print("Server: jhttp 1.0rn");

os.print("Content-type: text/html" + "rnrn");

}

os.println("< HTML >< HEAD >< TITLE >File Not Found< /TITLE >< /HEAD >");

os.println("< BODY >< H1 >HTTP Error 404: File Not Found< /H1 >< /BODY >< /HTML >");

os.close();

}

}

else { // method does not equal "GET" if (version.startsWith("HTTP/")) { // send a MIME header os.print("HTTP/1.0 501 Not Implementedrn"); Date now = new Date(); os.print("Date: " + now + "rn"); os.print("Server: jhttp 1.0rn"); os.print("Content-type: text/html" + "rnrn"); }

os.println("< HTML >< HEAD >< TITLE >Not Implemented< /TITLE >"); os.println("< BODY >< H1 >HTTP Error 501: Not Implemented< /H1 >< /BODY >< /HTML >"); os.close(); }

}

catch (IOException e) {

}

try { theConnection.close(); }

catch (IOException e) { }

}

public String guessContentTypeFromName(String name) { if (name.endsWith(".html") || name.endsWith(".htm")) return "text/html"; else if (name.endsWith(".txt") || name.endsWith(".java")) return "text/plain"; else if (name.endsWith(".gif") ) return "image/gif"; else if (name.endsWith(".class") ) return "application/octet-stream"; else if (name.endsWith(".jpg") || name.endsWith(".jpeg")) return "image/jpeg"; else return "text/plain"; }

}

I learned the basics of JAVA web server programming from "JAVA Network Programming" by Elliotte Rusty Harold. Now you don't need to know JAVA to be able to understand that, even though it might not seem like that at first. The important thing to look for when examining the code it the os.print("") commands. There is nothing fancy being used to get the data to the browser, you don't have to mutate the data, its sending plain HTML via a simple command. The plain and simple truth is that the browser is doing the majority of the difficult stuff, when speaking about this simple server. But in complicated servers there is server-side scripting, etc. Webs are much more complicated than just a simple server and Internet Explorer, such as Flash and JAVA Applets (run on clients machine in browser) and server-side stuff like PHP and PEARL (displayed on clients browser as plain HTML but executed as scripting on the server). T

he code above is a good way to learn the HTTP standards, even though the program itself ignores most of the regulations. The web browser not only understands HTML but also knows that incoming connection starting with 404 means that the page is missing, etc. It also knows that when "image/gif" is returned the file is an image of type gif. These are not terms the stupid server made up. They are web standards. Generally speaking, there are two standards. There is the w3 standard (ie the real standard based on the first web servers and browsers) and the Microsoft standard (ie the Internet Explorer, IIS and NT standards). The standards are there so anyone can make a server or client and have it be compatible with (nearly) everything else.

Hiding your Connection

If you have a copy of Visual Basic 6, making a web browser is easy, thanks to Winsock and the code templates included, so I will not put in an example of that. Instead I will explain cool and potentially dangerous things you can do to keep yourself safe. I know those words put together doesn't make sense (ie potentially dangerous and safe), but you will see in a moment. I'm talking about PROXIES. (anonymous proxy servers, to be exact). You connect to the internet on port 80 through the proxy server, thus hiding your real IP. There are many obvious applications for this, but it is also the only really potentially dangerous thing so far, so I will restate what I have written at the top: Whatever you do with this info is your responsibility. I provide information and nothing more. With that said, there is nothing illegal about using an anonymous proxy server as long as it is free and you are harming no one by using it. But if you think you are completely safe using one, you are deadly wrong. They can simply ask the owners of the proxy what your IP is if they really want to find you. If you join a high anonymous server, the chance of them releasing your IP is pretty low for something like stealing music, but if you do something that would actually warrant jail time, they probably will be able to find you. www.publicproxyservers.com is a good site for finding these servers.

The last trick related to web servers and port 80 is a simple one. First, find a free website host that supports PHP and use the following code:

If the address of this file is http://file.com/script.php, to download the latest Fedora DVD you would go to the following address: http://file.com/script.php?destfile=linuxiso.org/download.php/611/FC3-i386-DVD.iso &password=passwd

You can change "passwd" to whatever password you want. This will make any onlookers think you are connected to http://file.com. You are still limited to the speed of your connection, but you are using the bandwidth of the web host

Whatever you do with the above information is solely your responsibility.

Mike Vollmer --- eblivion
http://eblivion.sitesled.com

In The News:

This RSS feed URL is deprecated, please update. New URLs can be found in the footers at https://news.google.com/news

The Morning Sun

Can a holographic screen help a new phone break out?
The Morning Sun
Red's goals are modest — about 16 million units a year, based on Red's stated target of 0.5 percent of Samsung's sales. But Red will need customers beyond the tech elite and camera buffs; it'll need their friends and friends of their friends. It doesn ...

and more »

New York Times

What's Hot (and What's Not) This Black Friday
New York Times
This year, tech companies really want you to stuff your family's stockings with a smart home product, like a smart speaker, a Wi-Fi-connected light bulb or an internet security camera. The companies plan to aggressively slash prices for smart home ...


CBS News

The law that lets Europeans take back their data from big tech companies
CBS News
This has not been a great year for big tech; on Wall Street or in Washington. For decades, companies like Google, Facebook, and Amazon have made vast sums monetizing the personal information of their users with almost no oversight or regulation.


Fortune

Facebook Is the Least Trusted Major Tech Company When it Comes to Safeguarding Personal Data, Poll Finds
Fortune
Facebook is the least trustworthy of all major tech companies when it comes to safeguarding user data, according to a new national poll conducted for Fortune, highlighting the major challenges the company faces following a series of recent privacy ...


The Oakland Press

Purging long-forgotten online accounts: Worth the trouble?
The Oakland Press
Yahoo, for instance, didn't allow users to delete accounts or change personally identifying information they shared, such as their birthday, until pressured to do so after the breach. Even without these hurdles, real life gets in the way. There are ...


Forbes

Holiday Gift Guide 2018: The 13 Best Travel Gadgets For Tech Lovers
Forbes
For the tech-savvy jetsetter in your life, gadgets that hit both marks will be instant winners, because while there's no doubt that technology has made traveling easier, it can also make globetrotting much more fun. From the latest in photo- and video ...


New York Times

Social Media's Re-engineering Effect, From Myanmar to Germany
New York Times
How do New York Times journalists use technology in their jobs and in their personal lives? Max Fisher, a reporter based in London who co-writes The Interpreter column and newsletter, discussed the tech he's using. You travel all around the world for ...

and more »

CNN

Setback for Walmart: Flipkart CEO resigns after misconduct investigation
CNN
The head of Flipkart, the Indian online retailer Walmart bought in May, stepped down on Tuesday following an independent investigation into allegations of "serious personal misconduct." Binny Bansal, co-founder and CEO of Flipkart, resigned after the ...
Flipkart CEO Binny Bansal resigns over allegations of 'serious personal misconduct'TechCrunch

all 676 news articles »

New York Times

How to Find the Video Games of Your Youth - The New York Times
New York Times
Video games hit their 60th birthday in October, if you start counting (as many do) with Tennis for Two, a rudimentary Pong ancestor cobbled together by the ...

and more »

The Oakland Press

Silicon Valley congressman introduces Internet Bill of Rights
The Oakland Press
Ro Khanna, D-Calif., aims to see the House of Representatives pass landmark legislation shielding consumers from the onslaught of data breaches and the anxiety and confusion over the misuse of their personal information on the web. To nudge such ...

Google News

Is Digital Camera Technology Making Film Obsolete?

Perhaps not yet, but the handwriting might be on the... Read More

Cisco Certification: What To Expect On Exam Day

Cisco Certification: Taking Your First Certification ExamYou've studied hard; you've... Read More

The Advantages of Portable MP3 Players

With their solid-state technology, compact size, and abundant memory, portable... Read More

2 PC Annoyances and How To Solve Them!

I have a love-hate relationship with my computer.In fact, often... Read More

Cisco CCNA / CCNP Certification: OSPF ASBRs Explained And Illustrated

When I first started studying for my CCNP, some of... Read More

How To Have Two (Multiple) Copies Of Windows

Having two operating systems is not as difficult as many... Read More

How To Speed Up Your Aging PC And Make It Healthier Too

With a little tweaking and with proper tools, you can... Read More

How to Save an Image in a SQL Server Database?

Most of the web applications have a lot of images... Read More

Basic Problem in a PC

I have a p3 500MHz PC with 128MB RAM, 10.2... Read More

Computer Performance Tips

Introduction In this article I will clearly spell out the... Read More

How To Buy An MP3 Player

Are you looking for an MP3 player but am not... Read More

Home Video? Bring it On

So you got yourself a digital camcorder. If you want... Read More

Best PC Pocket GPS

Stop Getting LostOne of the greatest uses for a pocket... Read More

10 Easy Steps to Speed Up Your Computer - Without Upgrading

1. Empty the Temp directory regularly. To do this, make... Read More

Be Prepared in the Event Computer Disaster Strikes

ComputersBusinesses and individuals alike have all grown to rely on... Read More

Bluetooth Technology: Tips for Buying Headsets or Headphones

The technological horizon has always got something new to offer,... Read More

COOKIES - What Are They!!

Cookies, not the kind that Mom makes, but the computer... Read More

Computer Consulting 101 PC Troubleshooting Advice

While most small businesses really do need to find a... Read More

Cisco Certification: Building Your Home Lab, Part II

In the first part of this home lab tutorial, CCNA... Read More

Password Nightmares

Good Morning Mr. Sampson. Please type in you Personal Identification... Read More

New Computer? Steps to Protect Your Computer Before Connecting to the Internet

Getting a new computer should be an exciting and gratifying... Read More

The Newbies Guide to Personal Computer Maintenance

When you turn on your computer, does it act like... Read More

Image Conversion In Computers

JPEG, GIFF/JIFF, BMP, and TIFF are the most commonly used... Read More

Make Windows XP Run Faster!

A friend told me: "My computer startup seems to be... Read More

Digital Cameras: How Many Pixels Do I Need?

With the bewildering number of digital cameras on the market,... Read More