Place Holder Products Code
Bash MySQL
Notes Return of the Fed Login
Admin Control Panel Email Control Panel Product Control Panel Debug Info Beacon Create Snippet Tag Control Panel

Notes

Computer Science

Economics

Other

*Most of these are works in progress


Computer & Network Security Notes

Web Security:

Basic Model: Browser <-HTTP-> Server
Complicated (modern) Model includes the addition of firewalls, Proxies (caching/non-caching), tunnels, Gateways, diverse client/server side languages

Vulnerability Analysis:
 - Protocol: Authing
 - Infrastructure: Response Splitting
 - Server-side: session/cookie handling, XSS, SQLInjection
 - Client-side: Browsers, general client-side security

HTTP Request:
 - Header, METHOD + Resource + Protocol Version
 - Body (optional), considered a byte stream
 - Fields separated by CRLF
 - Methods:
 	- GET: request a resource by URL
 	- HEAD: request only metadata
 	- POST: request processing of included data at URL
 	- OPTIONS: Request information about communication options
 		* URL = Server Options
 	- PUT: Store included data at URL

Resources:
 - Absolute URI: http://www.example.com/some/thing
 - Absolute PATH: /index.html

Host Field (in HTTP1.1) specifies which server at IP.

HTTP Response:
 - Header w/ protocol, status code, diagnostic text
 - Body is byte stream
 - Header Fields:
 	- General: Date, pragma, Cache-Control
 	- Request: Accept, Host, Authorization, From, User-Agent
 	- Response: Location, Server
 	- Entity: Allow, Content-Encoding, Content-Length, C-Type, etc.

URI Syntax: <scheme>://<authority><path>?<query>

Basic HTTP Auth:
 - Challenge/Response:
 	- Challenge and shcema (type) return w/ 401 (unauthorized)
 	- Auth request a Realm (a set of resources)
 	- Client supplies auth header w/ creds
 	- 401 includes www-Authenticate: realm="my_realm"
 - HTTP1.1 Auth:
 	- Server also sends nonce as challenge
 	- Client sends digest of nonce, user, pass HTTP method, and requested URL

HTTP is stateless!
How then do we maintain state?
 - URL embedded information
 - Hidden Fields (in the html for instance)
 - Cookies:
 	- Server stores on client
 	- Set with "Set-Cookie" header
 	- Further cookie use done in "Cookies" header
 	- Only accessible by site that set the cookie
 	- Cookie components:
 		- name=val: required key/val pair
 		- secure: cookie can only be sent over secure connections
 		- http-only: cookie not accessible by client-side scripts
 - Sessions:
 	- Time limited user-server interactions
 	- NOT an HTTP-level concept (implemented at web-app level)
 		- This can be supplemented, implemented with cookies, in URLs, and via hidden forms

SERVER-SIDE:

CGI (Common-Gateway Interface):
 - Used to invoke programs on server
 - Output returned to client
 - Input from URL/URL body (GET/POST)
 - Input is piped to CGIs stdin
 - Parameters passed as Environment variables
 - Parameters include: QUERY_STRING, SERVER_PROTOCOL, etc.

ASP (Active-Server Page) - MSs CGI:
 - Contains text, html, script (VB or JS), Server-Side includes

Servlet: Java program executed on server, similar to CGI

Java-Server Page: HTML mixed w/ java

PHP ("PHP Hypertext Processor"): 
 - Executed on server when page is requested 

WebApp Frameworks (Ruby on Rails, Pylon, etc.):
 - Rapid Web app dev/deployment
 - Often based on MVC

CLIENT-SIDE:

Java Applet:
 - Downloaded onto client, run in Browser context
 - Resource access limited by Java Security Manager

ActiveX Controls:
 - Binary
 - Downloaded/Executed in Browser context
 - Windows Browsers only

Native Client (NaCl):
 - Maybe C/C++
 - Runs in sandbox (one inner, one outer)
 	- Inner sandbox:
 		- Require: Reliable disassembly, valid jumps, use of segmentation
 		- Code Validator (<600 C statements)
 		- Validator guarantees that given instruction S, can only call in S.
 - NPAPI (Netscape standard) (Interprocess communication, or IPC)
 - RPC (IPC)
 - Provided with "safe" subset of POSIX calls
 - Internet access through JS

Client-Side Scripting:
 - Javascript, JScript, VBScript
 - Window:
 	- DOM (Document Object Model): Allows script to alter content
 	- BOM (Browser Object Model): Allows script to modify Browser properties

Javascript is Sanboxed, so:
 - No file access
 - No network resource access
 - No window under 100x100px (?: ref/detail)
 - No browser history (directly: link-color harvesting for instance could be used to gather history data)

Javascript policies:
 - Same Origin: JS can only access resources with the same origin (google.com)
 	- Origin: URI Scheme (protocol), hostname, port#

AJAX: Asynchronous Javascript and XML
 - Modify page based on result of request w/o user interaction
 - JS DOM manipulation & XML-HTTP request object

XML-HTTP Request: Allow JS to retrieve XML data