Alex Ndegwa’s Post

𝐖𝐡𝐚𝐭 𝐇𝐚𝐩𝐩𝐞𝐧𝐬 𝐖𝐡𝐞𝐧 𝐘𝐨𝐮 𝐓𝐲𝐩𝐞 𝐡𝐭𝐭𝐩𝐬://𝐰𝐰𝐰.𝐠𝐨𝐨𝐠𝐥𝐞.𝐜𝐨𝐦 𝐢𝐧 𝐘𝐨𝐮𝐫 𝐁𝐫𝐨𝐰𝐬𝐞𝐫 𝐚𝐧𝐝 𝐏𝐫𝐞𝐬𝐬 𝐄𝐧𝐭𝐞𝐫 Typing a URL into your browser triggers a series of processes, including DNS requests, TCP/IP connections, and data handling, to retrieve and display the webpage. 1. 𝐃𝐍𝐒 𝐑𝐞𝐪𝐮𝐞𝐬𝐭 The browser initiates a DNS request, translating the domain name (www.google.com) into an IP address. It checks its cache first, then the OS cache, and finally queries a recursive DNS resolver if needed. The resolver contacts root DNS servers, which refer to TLD servers (.com), then authoritative DNS servers for google.com, which return the IP address. 2. 𝐓𝐂𝐏/𝐈𝐏 With the IP address, the browser uses TCP/IP to connect to the server. The connection is established through a three-way handshake: the browser sends a SYN packet, the server replies with SYN-ACK, and the browser responds with ACK, completing the connection. 3. 𝐅𝐢𝐫𝐞𝐰𝐚𝐥𝐥 Firewalls monitor and control network traffic to protect servers from unauthorized access, ensuring safe and legitimate traffic during TCP connections. 4. 𝐇𝐓𝐓𝐏𝐒/𝐒𝐒𝐋 Google uses HTTPS with SSL/TLS to encrypt data, involving a handshake where the browser requests a secure connection, the server provides an SSL certificate, the browser verifies it and encrypts a session key, and the server decrypts it to establish a secure session. 5. 𝐋𝐨𝐚𝐝 𝐁𝐚𝐥𝐚𝐧𝐜𝐞𝐫 Large sites like Google use load balancers to distribute traffic for reliability, employing methods such as Round Robin, Least Connections, and IP Hash. 6. 𝐖𝐞𝐛 𝐒𝐞𝐫𝐯𝐞𝐫 The load balancer sends the request to a web server, which handles HTTP(S) requests and serves static content like HTML, CSS, JavaScript, and images. Common web servers include Apache, Nginx, and IIS. 7. 𝐀𝐩𝐩𝐥𝐢𝐜𝐚𝐭𝐢𝐨𝐧 𝐒𝐞𝐫𝐯𝐞𝐫 For dynamic content, the web server forwards the request to an application server, which processes backend logic, runs code, and interacts with databases to generate responses. Technologies include Node.js, Django, Ruby on Rails, and Spring Boot. 8. 𝐃𝐚𝐭𝐚𝐛𝐚𝐬𝐞 If the request involves data storage or retrieval, the application server queries the database. Databases store and manage data, providing the necessary information to fulfill the request. 9. 𝐑𝐞𝐬𝐩𝐨𝐧𝐬𝐞 After processing the request, the application server sends the response back through the web server to the load balancer, which routes it to the browser. The browser then receives the data and renders the webpage for the user. 𝐂𝐨𝐧𝐜𝐥𝐮𝐬𝐢𝐨𝐧 Understanding the journey from typing a URL to rendering a webpage reveals the complex processes of web interactions, including DNS resolution, encryption, load balancing, and server communication. Mastering these concepts enhances your technical skills and distinguishes you in the field of software engineering.

Have you ever wondered what happens behind the scenes when you type a URL like https://www.google.com into your browser and press Enter? Join me on a journey through the intricate layers of the web stack as we unravel the fascinating process of transforming a URL into a fully-rendered webpage. - DNS Request The journey begins with a Domain Name System (DNS) request. Your browser queries DNS servers to translate the human-readable domain name (e.g., www.google.com) into an IP address, allowing it to locate the corresponding web server. - TCP/IP With the IP address in hand, your browser establishes a Transmission Control Protocol (TCP) connection to the web server using the Internet Protocol (IP). TCP ensures reliable data transmission by breaking information into packets and confirming their delivery. - Firewall Before reaching the web server, the request may encounter a firewall, a barrier designed to monitor and control incoming and outgoing network traffic. The firewall evaluates the request based on predefined security rules, allowing legitimate traffic to pass through while blocking malicious or unauthorized attempts. - HTTPS/SSL As security becomes paramount, many websites utilize Hypertext Transfer Protocol Secure (HTTPS) with Secure Sockets Layer (SSL) or its successor, Transport Layer Security (TLS). This encryption protocol secures data transmission between the browser and the server, protecting against eavesdropping and tampering. - Load Balancer Upon reaching the server infrastructure, a load balancer may come into play, distributing incoming requests across multiple servers to optimize resource utilization and maintain high availability. This ensures that no single server becomes overwhelmed, enhancing scalability and resilience. - Web Server The web server receives the request, processes it, and retrieves the requested resources, such as HTML, CSS, and JavaScript files. Common web servers include Apache, Nginx, and Microsoft Internet Information Services (IIS), each with its own strengths and configuration options. - Application Server In dynamic web applications, an application server may handle business logic, database queries, and other server-side operations. Technologies like Node.js, Django, and Ruby on Rails empower developers to build robust and responsive web experiences. - Database Many web applications rely on databases to store and retrieve data efficiently. From traditional relational databases like MySQL and PostgreSQL to NoSQL databases like MongoDB and Redis, the choice depends on the specific requirements of the application and its scalability needs. By understanding the intricacies of this workflow, software engineers gain valuable insights into the functioning of the web stack, paving the way for more informed decision-making and efficient troubleshooting. Whether you're a front-end developer or a backend engineer, this knowledge proves beneficial in creating optimized web solutions.

Image of what happens when you enter www.google.com to the web browser Introduction: Greetings! Today, When you type https://www.google.com in your browser and press Enter, a series of complex processes occur to load the webpage. This journey involves several layers of technology and protocols that work together seamlessly. Here’s a breakdown of the steps: 1. DNS Request When you type a URL, the browser first checks its cache, then the operating system's cache, followed by the local router's cache, and finally the ISP's DNS server to resolve the IP address. If the IP address is still not found, the ISP's DNS server performs a recursive search, querying other DNS servers in a hierarchy until the IP address is located. This process is managed by the Domain Name System (DNS). 2. TCP/IP After obtaining the IP address for www.google.com, the browser begins a connection using the Transmission Control Protocol (TCP). This involves a three-way handshake to ensure a reliable connection: the client first sends a SYN (synchronize) packet to the server, the server replies with a SYN-ACK (synchronize-acknowledge) packet, and finally, the client responds with an ACK (acknowledge) packet. 3. Firewall Firewalls are security systems that monitor and control incoming and outgoing network traffic. Both the client and server firewalls check the packets to ensure they meet security criteria. 4. HTTPS/SSL Since the URL uses HTTPS, an encrypted connection is established using SSL/TLS (Secure Sockets Layer/Transport Layer Security). SSL Handshake: This involves the following steps: ClientHello, ServerHello, Certificate Exchange 5. Load Balancer Large-scale websites like Google use load balancers to distribute incoming traffic across multiple servers. Load Balancing Mechanism: The load balancer uses algorithms (e.g., round-robin, least connections) to determine which server should handle the request. 6. Web Server The load balancer forwards the request to a web server. The web server handles HTTP requests, serving static content like HTML, CSS, and JavaScript files. 7. Application Server For dynamic content, the web server forwards the request to an application server. Dynamic Processing: The application server executes server-side code, generates dynamic content, and handles business logic. Technologies involved could include server-side scripting languages like Python, Ruby, or Node.js. 8. Database If the request requires data storage or retrieval, the application server interacts with a database. Database Query: The application server sends a query to the database to store data. Response Handling: The database processes the query and sends back the results to the application server. 9. Rendering the Page Finally, the application server sends the processed data back to the web server, which then sends it to the client’s browser. The browser processes the HTML, CSS, and JavaScript to render the page for the user to see.

Title: The Fascinating Journey of a Web Request Introduction: Delve into the digital journey from typing "https://www.google.com" to seeing Google's homepage, unveiling the intricacies of web infrastructure with every keystroke. DNS Request: Our odyssey commences with a humble DNS request, where the cryptic domain "www.google.com" is translated into the numerical coordinates of Google's server. Like ancient cartographers charting unexplored territories, DNS servers navigate the vast expanse of the internet, guiding our request to its destination. TCP/IP: With the coordinates in hand, our quest sets sail across the digital seas, traversing the network landscape aboard the steadfast vessel of TCP/IP. Through the reliable transmission protocol of TCP and the addressing scheme of IP, our packets navigate the turbulent currents of cyberspace. Firewall: Yet, looming on the horizon stands the formidable firewall, a sentinel guarding the gateway to Google's realm. With unwavering vigilance, it scrutinizes each packet, permitting only the righteous to pass while repelling the advances of malicious intruders. HTTPS/SSL: As our packets brave the perils of the internet, they seek refuge within the sanctum of HTTPS fortified by the impregnable fortress of SSL encryption. Here, amidst the cryptographic citadel, our data finds sanctuary, shielded from the prying eyes of cyber adversaries. Load-Balancer: Upon reaching Google's shores, our packets encounter the masterful artisans of the load-balancer, whose skillful hands orchestrate the dance of distribution. With deft precision, they balance the burdens of traffic, ensuring a seamless and equitable journey for each packet. Web Server: Within the hallowed halls of the web server, our request is met with the nimble fingers of code, weaving the tapestry of Google's homepage. Here, HTML, CSS, and JavaScript converge to create a symphony of pixels that dance across our screens. Application Server: For quests of dynamic nature, our request ventures into the realm of the application server, where the alchemy of server-side code transforms data into dynamic content. With the incantations of PHP, Python, or Ruby, the server breathes life into the digital canvas. Database: Should our quest require the wisdom of the ages, our packets descend into the depths of the database server. Here, amidst the labyrinthine corridors of SQL, the guardians of data unveil the secrets of generations past, bestowing upon us the knowledge we seek. Conclusion: As our expedition draws to a close, we stand in awe of the marvels of the internet's infrastructure. From the humble request to the majestic response, each step along the way reveals the artistry and ingenuity of the architects who shape our digital world. Join us again as we embark on future journeys, unraveling the mysteries of the digital realm. Thanks for reading.

Ever wondered what happens when you type google.com in your browser and press Enter? We all take the magic of the internet for granted, but a surprising amount goes on behind the scenes when you type a web address and hit enter. Let's delve into each step of this journey: 1. DNS Lookup: Translating Names to Numbers Imagine a giant phonebook for the internet. That's what DNS (Domain Name System) is! When you type "google.com" your computer doesn't understand that. It needs an IP address, a unique numerical label for each device on the internet. So, your computer contacts a DNS server, which translates "google.com" to its corresponding IP address "142.250.189.174", like looking up a friend's phone number in a directory. 2. TCP/IP: Now with the IP address, your computer can initiate a connection with the Google server. They use a communication protocol called TCP/IP, which breaks down data into manageable packets and ensures they arrive correctly at their destination. 3. Firewall: The Gatekeeper Before reaching Google's servers, your request might pass through a firewall, a security guard for your computer or network. It checks if the incoming data is safe. 4. HTTPS/SSL: Encryption for a Safe Journey When you see "https" before a URL, it means the communication is encrypted using SSL (Secure Sockets Layer). This scrambles the data being exchanged, making it unreadable to anyone snooping in the middle, like sending a secret message in code! 5. Load Balancer: Distributing the Crowd Large websites like Google often have multiple servers to handle heavy traffic. A load balancer acts like a traffic director, efficiently distributing incoming requests among multiple servers to prevent overloading. 6. Web Server: Delivering the Goods The request finally arrives at a Google web server. This server is the one that understands the website's code and files. It fetches the necessary data, like HTML pages, images, and stylesheets, to build the webpage you see. 7. Application Server: Dynamic Content Some websites use application servers behind the scenes to handle complex tasks or generate dynamic content. This may involve executing server-side code (e.g., Python, Node.js, Java) to generate personalized responses or interact with databases. 8. Database: Where Information Lives For websites that display frequently changing information, like news articles or product listings, a database might be involved. This acts like a giant digital storage room where the website's information resides, ready to be retrieved and displayed. This is a simplified explanation, but it hopefully gives you a glimpse into the fascinating world behind that simple act of typing google.com. #ALXAfrica #DoHardThings #networking #webdev

The Step-by-Step Process When You Enter a web address in Your Browser 🌐 Ever wondered what happens when you type any web address and hit Enter? 🤔 Let's break it down! 1. DNS Request 🌍 URL Entry: Browser checks cache for DNS record. Local DNS Cache: If not found, checks OS DNS cache. DNS Query: If still not found, sends a query to the DNS server. Recursive Query: DNS server performs recursive query if needed. Response: DNS server returns the IP address to the browser. 2. TCP/IP 🌐 Connection: Browser establishes connection using IP and port (80 for HTTP, 443 for HTTPS). Three-Way Handshake: SYN: Client sends SYN packet to server. SYN-ACK: Server responds with SYN-ACK. ACK: Client sends ACK to server, connection established. Data Transmission: Reliable data transfer ensured by TCP. 3. Firewall 🔥 Security: Monitors and controls network traffic. Packet Inspection: Filters out malicious traffic, ensuring only legitimate traffic reaches the server. 4. HTTPS/SSL 🔒 SSL Handshake: ClientHello: Client suggests SSL protocol and settings. ServerHello: Server responds with chosen settings. Server Certificate: Server sends SSL certificate for verification. Key Exchange: Cryptographic keys are exchanged. Session Keys: Both parties create session keys. Encrypted Communication: All communication is encrypted. 5. Load Balancer ⚖️ Request Routing: Distributes incoming requests to multiple servers. Health Checks: Sends traffic only to healthy servers. Session Persistence: Ensures client requests go to the same server. 6. Web Server 🖥️ Request Handling: Static Content: Serves HTML, CSS, JavaScript directly. Dynamic Content: Forwards request to application server. 7. Application Server 💻 Business Logic: Query Execution: Sends SQL query or NoSQL request to the database. Data Retrieval: Retrieves data and sends it back to the application server. Data Integrity: Ensures data consistency and security. 8. Database 📊 Database Management: Query Execution: Processes and retrieves data. Data Integrity: Ensures consistency and security. Final Steps 🏁 Response Generation: Application server compiles data into HTTP response. Serving Response: Web server forwards response to load balancer, which sends it back to the client. Client Rendering: Browser processes and displays the content. Conclusion Hope you enjoyed this deep dive into what happens when you enter any web address. 🚀 If you didn't, then that is because there was not enough space to explain in detail on LinkedIn. Check out the real article here! 👇 https://lnkd.in/deEwdjAp #WebDevelopment #Networking #CyberSecurity #Programming #TechExplained #WebTechnologies #FullStackDevelopment #DNS #TCPIP #LoadBalancing #SSL #HTTPS #WebServer #DatabaseManagement #LearnToCode #TechArticle

Have you heard about Web Cache Deception? It's a Cache Poisoning issue that allows attackers to steal a user’s sensitive information. How does it work? - Attacker chooses a web page that is supposed to return sensitive information such as user PII. Say, for example, https://example[.]com/vault/passwords - Attacker sends a malformed link to the victim which would look something like this: https://example[.]com/vault/passwords/non-existent.css https://example[.]com/vault/passwords/;.js https://example[.]com/vault/passwords/%2e%2e/test.png - When the victim visits the link, their sensitive information will get saved to the application’s cache server - The attacker can then access the same URL, and they will receive a response from the cache server instead of the application backend leading to the victim’s sensitive information getting delivered to the attacker. Why does it work? Cache servers are configured to save static website assets such as images, scripts and CSS files. The presence of the extensions .js, .css, or .png tricks the cache server into believing that these are static assets, hence the response returned by the server is safe to be saved in cache. The response is saved and mapped to the URL that was requested by the victim. When the attacker sends the request for the exact same static asset URL that the victim had visited, the cache server performs a lookup of its own cache database to determine whether it has a copy of the asset saved locally. It finds a match, and hence returns the cached response. What are the prerequisites for this attack to work? The backend server should be tolerant to accept malformed URLs such as: https://example[.]com/vault/passwords/non-existent.css https://example[.]com/vault/passwords/;.js https://example[.]com/vault/passwords/%2e%2e/test.png The cache server should be configured to disregard the caching directive present in the response header and rely solely on the file extensions Web Cache Deception Test Methodology: 1. Identify a URL or endpoint that returns sensitive information. Send the request to Repeater 2. Add the following payloads to the URL: /non-existent.css /;.js /%2e%2e/test.png This is not a complete list. Comment below if you come across more payloads that work for Cache Deception. 3. If the server returns the same response with a malformed URL, try accessing the same URL by removing the cookies and any authorization headers. 4. Does the server still return the sensitive info? Congratulations, you have a confirmed Web Cache Deception vulnerability. ~~~ ✍️ What are your thoughts? ♻️ Reshare if this hits.

Day 26/100: 🌐 Understanding Important HTTP Request Headers in Web Security 📑 HTTP request headers are crucial components of HTTP (Hypertext Transfer Protocol) requests sent from clients (such as browsers) to servers. Important HTTP Request Headers and Their Functions: 1️⃣ User-Agent: Identifies the client making the request, including the type of browser, operating system, and version. This header helps servers tailor responses based on client capabilities. 🕵️♂️🖥️ 2️⃣ Host: Specifies the domain name of the server being requested. This header enables servers to handle requests for multiple domains hosted on the same IP address. 🌐🏛️ 3️⃣ Accept: Indicates the media types (content types) that the client can handle. Servers use this header to send an appropriate response format (e.g., HTML, JSON) based on client preferences. 📄👩💻 4️⃣ Authorization: Contains credentials (such as tokens or credentials) required for accessing protected resources. This header is crucial for implementing authentication and access control mechanisms. 🔐🔑 5️⃣ Cookie: Sends cookies previously stored by the server on the client's browser. Cookies are used for session management, user tracking, and personalization. 🍪👤 6️⃣ Content-Type: Specifies the media type of the request payload (e.g., application/json, application/x-www-form-urlencoded). This header is essential for servers to correctly parse and process request data. 📝📩 7️⃣ Referer: Indicates the URL of the previous web page from which the current request originated. This header can provide information about the user's browsing history. 🔄🌍 8️⃣ Accept-Encoding:Specifies the encoding schemes (e.g., gzip, deflate) supported by the client for response content compression. Servers use this header to optimize data transmission. 📦💨 9️⃣ Connection: Indicates whether the client wishes to keep the connection open for multiple requests (keep-alive) or close it after a single request (close). 🤝🔌 🔟 Origin: Specifies the origin of the request in Cross-Origin Resource Sharing (CORS) scenarios. It indicates the domain from which the request is initiated. 🚀🔗 1️⃣1️⃣ If-Modified-Since: Used in conditional requests to retrieve a resource only if it has been modified since a specified date/time. This helps in efficient caching and bandwidth optimization. 📅⏳ 1️⃣2️⃣ Content-Length:Specifies the size of the request body in bytes. Servers use this header to read and process the request payload accurately. 📏🔢 These request headers play a critical role in web security and functionality by enabling proper content negotiation, authentication, session management, and data handling between clients and servers. 🛡️💻 #HTTPHeaders #WebSecurity #RequestHeaders #DataProtection #Authentication #SessionManagement #TechSecurity #InformationSecurity #LinkedInPost #100DaysOfCyber

We all know typing a URL leads us to a website, but what's the magic behind the scenes? It's a captivating interplay between your device, the vast internet, and powerful web servers. 𝗕𝗿𝗲𝗮𝗸𝗱𝗼𝘄𝗻 𝗳𝗼𝗿 𝘁𝗵𝗲 𝗧𝗲𝗰𝗵-𝗠𝗶𝗻𝗱𝗲𝗱: 1. 𝗗𝗡𝗦 𝗟𝗼𝗼𝗸𝘂𝗽: 𝗙𝗿𝗼𝗺 𝗛𝘂𝗺𝗮𝗻-𝗥𝗲𝗮𝗱𝗮𝗯𝗹𝗲 𝘁𝗼 𝗠𝗮𝗰𝗵𝗶𝗻𝗲-𝗙𝗿𝗶𝗲𝗻𝗱𝗹𝘆:    - Forget the days of memorizing IP addresses! The Domain Name System (DNS) acts as the internet's phonebook, translating user-friendly domain names (e.g., "example . com") into numerical IP addresses computers can understand. This involves clever caching by your browser or communication with remote DNS servers. 2. 𝗖𝗼𝗻𝗻𝗲𝗰𝘁𝗶𝗼𝗻 & 𝗥𝗲𝗾𝘂𝗲𝘀𝘁: 𝗔 𝗧𝗮𝗹𝗲 𝗼𝗳 𝗣𝗿𝗼𝘁𝗼𝗰𝗼𝗹𝘀:    - Once the IP address is acquired, your browser initiates a TCP/IP handshake with the web server. TCP/IP, the workhorse of internet communication, ensures reliable data transmission. The browser then sends an HTTP request, specifying the desired resource (like the homepage) using methods like GET or POST. 3. 𝗦𝗲𝗿𝘃𝗲𝗿 𝗥𝗲𝘀𝗽𝗼𝗻𝘀𝗲: 𝗧𝗵𝗲 𝗖𝗼𝗻𝘁𝗲𝗻𝘁 𝗗𝗲𝗹𝗶𝘃𝗲𝗿𝘆 𝗦𝘆𝗺𝗽𝗵𝗼𝗻𝘆:    - The web server, upon receiving the request, swings into action. It locates the requested resource, processes it, and sends back an HTTP response. This response is an orchestra of data, including the webpage content, status codes (think of them as success or error messages), and additional information. 4. 𝗥𝗲𝗻𝗱𝗲𝗿𝗶𝗻𝗴 𝘁𝗵𝗲 𝗣𝗮𝗴𝗲: 𝗙𝗿𝗼𝗺 𝗖𝗼𝗱𝗲 𝘁𝗼 𝗩𝗶𝘀𝘂𝗮𝗹 𝗗𝗲𝗹𝗶𝗴𝗵𝘁:    - Your browser takes center stage now. It skillfully interprets the received HTTP response, parsing the HTML code, applying CSS styles for visual flair, and executing any embedded JavaScript to bring the webpage to life. Images and other resources are fetched concurrently to complete the picture. 5. 𝗧𝗵𝗲 𝗨𝘀𝗲𝗿 𝗜𝗻𝘁𝗲𝗿𝗳𝗮𝗰𝗲: 𝗬𝗼𝘂𝗿 𝗚𝗮𝘁𝗲𝘄𝗮𝘆 𝘁𝗼 𝘁𝗵𝗲 𝗪𝗲𝗯:    - Finally, the masterpiece unfolds! Your browser renders the webpage on your screen, allowing you to interact with the content and navigate the website. 𝗕𝗲𝘆𝗼𝗻𝗱 𝘁𝗵𝗲 𝗕𝗮𝘀𝗶𝗰𝘀: 𝗔 𝗧𝗲𝗰𝗵𝗻𝗶𝗰𝗮𝗹 𝗗𝗶𝘀𝗰𝘂𝘀𝘀𝗶𝗼𝗻 𝗣𝗿𝗼𝗺𝗽𝘁 This post merely scratches the surface. Let's leverage the comments section for a stimulating technical discussion. What are your preferred methods for DNS resolution optimization? How do you handle complex HTTP requests with multiple resources? Share your insights and favorite tools!

Very useful to know for QA Engineers performing web testing