Chapter 3a - DHCP DNS HTTP

Chapter 3
Translate
Get IP address Browser send HTTP requests Browser renders
URL to IP
from DHCP Server to Web Server HTML files
using DNS
192.168.1.1
Translate
Get IP address Browser send HTTP requests Browser renders
URL to IP
from DHCP Server to Web Server HTML files
using DNS
understand these 3
things
DHCP
DNS
HTTP
Dynamic Host Configuration
Protocol (DHCP)
assign dynamic IP address automatically

DHCP
Provides dynamic IP address to hosts in a LAN
• ANY hosts in a LAN need an IP address to communicate. IP can be static or dynamic.

• A DHCP server automatically assigns a dynamic IP address to the newly connected
hosts.
DHCP is a server to assign dynamic IP address automatically
important "DORA"
- How to assign IP to host in a LAND O R A
I F E
C
K
S F Q N
C E U O
W
O R E L
V S E
D
E T G
R E
DHCP DORA
• Using the DORA commands
• Discover discover packet
• Offer
• Request
• Acknowledge
(1) Discover:
process to request IP
When a device connects to a network, it sends a broadcast message called a
DHCP discover packet to request its configuration parameters. This packet is sent
to the broadcast address of the local subnet and is received by all devices on the
subnet, including the DHCP server.
(2) Offer:
If the DHCP server receives the discover packet, it responds with a DHCP offer
packet that includes an available IP address and other configuration parameters.
The offer packet is unicast (sent to a specific device) to the requesting device.
broadcast to add request the IP address, DHCP server reassigned and confirm the
address
(3) Request:
The requesting device responds with a DHCP request packet, acknowledging the
offer and requesting that the IP address and other parameters be assigned to it.
(4) Acknowledge:
If the DHCP server receives the request, it sends a DHCP acknowledge packet to
confirm the assignment of the IP address and other parameters to the requesting
device. The device is now configured and ready to communicate on the network.
DHCP DORA
Steps by steps DHCP Client DHCP Server
DISCOVER
0.0.0.0 1.1.1.1
sourceIP: 0.0.0.0
destIP: 255.255.255.255
OFFER
0.0.0.0 1.1.1.1
sourceIP: 1.1.1.1
destIP: 255.255.255.255
Offered IP: 1.1.1.2 server offer 1.1.1.2
REQUEST confirm the IP
0.0.0.0 1.1.1.1
sourceIP: 0.0.0.0
destIP: 255.255.255.255
ACKNOWLEDGE
1.1.1.2 1.1.1.1
sourceIP: 1.1.1.1
destIP: 255.255.255.255
IP-MAC DHCP Binding
How DHCP server always assign the same IP address to the same PC?
DCHP Server (1.1.1.1)
51:aa:bc:18:19:20
IP Address MAC address
1.1.1.2 51:aa:bc:18:19:20
1.1.1.3 11:22: :33:23:89:19
1.1.1.4 na
IP-MAC Address Binding (Cache)
after received IP, IP will not be changed

because the Server has set your MAC
address
ff
DHCP DEMO
(Packet Tracer)
Domain Name Service (DNS)
very important
DNS Translation
www.google.com -> DNS server -> 142.250.199.46
URL / domain name Web server IP

How DNS works? (3) The IP address of
www.avotechtv.com is 1.1.1.1
DNS
(2) What is the IP
Reply
address of
www.avotechtv.com? DNS Server
Client Device Web server

(Chrome)
(1) User browse to www.avotechtv.com HTTP
HTTP
DNS
avotech Reply
Request
(5) (4)
Web Web browser
server send send
HTTP_Reply to
HTTP_Request
containing to 1.1.1.1
the webpage php
www.avotechtv.com
IP: 1.1.1.1
Types of DNS Server
Root DNS: Manages top-level domain (TLD) DNS

servers. Only 13 in this world.
to find IP address
TLD DNS: Resolves domain names to authoritative
DNS servers.
.com, .my, .edu, .gov, etc
Authoritative DNS: Holds specific domain's DNS
records and provides authoritative responses.
google/ utar
Local DNS (Cache): Stores recently resolved DNS
recursive server queries for quicker future retrieval.
DNS Server Hierarchy
DNS Resolution if not identify,
Root
DNS
(Walking the tree)
.com .edu .org .net
Authoritative Authoritative Authoritative Authoritative

DNS DNS DNS DNS
TM Google cache (look like history)

DNS DNS
127.0.0.1 202.188.18.188 8.8.8.8 search here first
Recursive
DNS
Dest
Your PC
Server
ipconfig/ displaydns 1.1.1.1
nslookup www.apple.com
nslookup www.utar.edu.my
DNS Resolution
(Walking the tree)
Root
DNS
.com .edu .org
Authoritative
DNS
DNSSEC
DNS Poisoning
• DNS request/response in cleartext
• DNS records can be modified by attackers during transit
• Attacker can also hack into the DNS servers to change the IP:URL mapping
8.8.8.8
LEGIT
DNS URL IP
avotechtv 11.11.11.11
Server 216.58.221.206
17.253.144.10
11.11.11.11
Web
Server normal server
IP: 10.10.10.10
192.168.1.1 URL:
middle got attackers intercept your IP REDIRECTED Rogue attacker server

Server
attacker server send a fake IP but the page is same with the
IP: 11.11.11.11
original
URL:
DNS Poisoning
8.8.8.8 URL IP
DNS avotechtv 10.10.10.10

216.58.221.206
Server 17.253.144.10
nslookup
Web
Server
IP: 10.10.10.10
192.168.1.1 URL:
Rogue
Server
IP: 11.11.11.11
URL:
How DNSSEC works?
DNS records DNS records + DNSSEC SIG
DNS Poisoning
8.8.8.8
URL IP
DNS avotechtv 10.10.10.10
google.com 216.58.221.206
Server
apple.com 17.253.144.10
nslookup
Web
Server
IP: 10.10.10.10
192.168.1.1 URL: avotechtv.com
Rogue
Server
IP: 11.11.11.11
URL: avotechtv.com
example for slide 22 / DNS Poisoning
Hypertext Transfer Protocol
(HTTP)
HTTP - NOT SECURE
HTTPS - SECURE
Browser
Browser
Chrome OS (browser OS)
HTTP
• For sending/receiving hypermedia documents (like HTML)
HTML - CREATE
WEBSITE
• Client send http_request, Server reply with http_response
FILE
FILE
DESTINATION
IP
IP
BUT WE SAW IS WEB PAGE
HTTP EXAMPLE
Client send http_request, Server reply with http_response
Web
http_request (GET/POST ‘main.html’)
Server
http_response (200 OK ‘main.html’) IP: 10.10.10.10

192.168.1.1 URL: avotechtv.com
main.html
HTTP Path
only http got port,
so no secure
http/https got deeper or shortcut to
www destination
https://avocafe1989.wixsite.com
https://avocafe1989.wixsite.com:8080
https://avocafe1989.wixsite.com:8080/main.html
https://avocafe1989.wixsite.com:8080/assessments.html
HTTP Versions
HTTP HTTPS
•Connections are not secure •Connections are secured with SSL/TLS
•Port 80 or Port 8080 •HTTP(s), Port 443
•Vulnerable to Man-in-the-Middle Attack •Data sent are encrypted.
•Passwords are sent in plaintext •Only the authorised users can see the
content.
WEB 1.0, 2.0, 3.0
•Web 1.0 - static webpages, to display information
•Web 2.0 - interactive webpages, content creation, video streaming, browser games
•Web 3.0 - like web2.0, but decentralised
HTML
•HyperText Markup Language (HTML) is the language websites are written in.
•Web browser like Chrome reads HTML document and display the website based on
the ‘code’ in the HTML file.
•Websites are primarily created using:

•HTML, to build websites and define their structure
•CSS, to make websites look pretty by adding styling option
•JavaScript, implement complex features on pages using interactivity

Chapter 3a - DHCP DNS HTTP

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Chapter 3a - DHCP DNS HTTP

Uploaded by

Copyright:

Available Formats

Chapter 3

assign dynamic IP address automatically

• ANY hosts in a LAN need an IP address to communicate. IP can be static or dynamic.

DCHP Server (1.1.1.1)

1.1.1.3 11:22: :33:23:89:19

IP-MAC Address Binding (Cache)

after received IP, IP will not be changed

www.google.com -> DNS server -> 142.250.199.46

URL / domain name Web server IP

Client Device Web server

Root DNS: Manages top-level domain (TLD) DNS

Authoritative Authoritative Authoritative Authoritative

TM Google cache (look like history)

.com .edu .org

middle got attackers intercept your IP REDIRECTED Rogue attacker server

DNS avotechtv 10.10.10.10

Client send http_request, Server reply with http_response

http_response (200 OK ‘main.html’) IP: 10.10.10.10

•Connections are not secure •Connections are secured with SSL/TLS

•Port 80 or Port 8080 •HTTP(s), Port 443

•Vulnerable to Man-in-the-Middle Attack •Data sent are encrypted.

•Websites are primarily created using:

You might also like