Web Servers

I needed a little change of venue.

And the reason is is because if you've been following along in these episodes you
need to appreciate that we're about to enter kind of a brave new world here.

We've spent all of the previous episodes working very very hard to understand how
data gets from one application to another.

We've worked on cabling and Ethernet and IP and all of these and transport layer
trying to understand the entire process of what moves data from an application in
one computer to an application and the other computer.

So we're going to be spending the next few episodes getting deep and dirty in the
world of applications.

CompTIA on the network +.

Plus once you really understand things like HTTP or FTP.

Email and that's important and I agree because these are where a lot of the
problems run into were we as networked techs have to get in there with our
screwdrivers figuratively or literally and make the fixes.

So let's go ahead and get started with probably the granddaddy of them all.

HTTP stands for Hypertext Transfer Protocol and it is the basis of what we call the
worldwide web HTTP.

As you probably can tell by watching earlier episodes listens on port 80 and port
80 is unique to HTTP.

So what we're going to be doing is we're going to head back into the office here
and let's take a look starting with probably the more interested in the two ends of
this.

Let's take a look at a real web server.

I've got two computers here in front of me.

One of them is a web server and the other one is a web client.

Can you tell by looking.

Well you can't.

One of the problems that people run into is when we start saying the word server
we're always visualizing these big boxes that are put into big racks and they're
got tons of RAM and hundreds of terabytes of drive space.

But that's not really what a server is a server is just software.

And as long as I'm willing to run on a system that doesn't have quite the same
throughput as one of those big wreck systems I can run a web server.

Oh by the way it's on this one.

I can run a web server on any computer doesn't really matter.

When we talk about web servers really most of the industry is broken down into two
competing versions.

There is Microsoft's I guess Internet Information Service and the other one is
Apache which is an open source and also extremely popular.

Now I'm going to be using.

I ask because well I'm a Windows guy and Microsoft provides a free copy to me.

So let's go ahead and move over here and take a look at I as.

OK so let's take a look at I guess.

Now the thing I need to make sure you understand is that most server programs don't
really have an interface to actually see the program.

You have to scroll through your a little bit.

There it is.

So here's I guess running now if I want to make any configuration changes or

anything like that there's usually some type of management software I can run.

So I'm going to go ahead and fire that up.

And now this is the manager for my web server.

All right.

Now if we take a look at this we can set up a whole bunch of important stuff here.

For example we can say where is the initial l file that they're going to be looking
at.

We can set up.

You can even set up authentication.

Most people aren't aware of that.

But if you wanted to you can set up a web server where they have to log in with a
username and password so you can do a lot of stuff here.

Now once this is up and cooking.

Now you notice that I can actually restart or stop the actual server itself from
this tool but once it's up and running we tend to just leave it like this and let
it be.

There's nothing really that much for us to do.

Now the network plus isn't expecting you to become an expert at configuring web
servers like I or Apache.

However they do expect you to be able to predict certain things for example.

Is there a web server running on a particular system.

Man the best way to figure that out is to run a net stat minus a and see if it's
listening on port 80.

You probably have a web server running on that machine if you do.

Also you need to appreciate that you need to be able to get to a web server.

So if you've got a web server and people are getting to it you're going to take a
look at all kinds of different stuff to see as potential problems or what's between
you and that server that's keeping you from getting to it.

Net plus is real interest is on the client side.

Now Microsoft is a big contributor to competition.

And as a result of that most of the questions you're going to be seen on web
clients concentrate on Microsoft's Internet Explorer.

Now keep in mind there's a lot of choices here.

Me personally I'm a Google Chrome man.

I like Google Chrome but there's also Firefox Safari there's all kinds of other
choices when it comes to web clients.

But keep in mind network plus is mainly going to be asking questions about Internet
Explorer.

So let's go ahead and fire up Internet Explorer and let's check out my web site.

Now you'll notice that my web server is not very interesting it has a default web
page which is just the default I guess.

Now the only thing I really want to hit on here you're going to be having a lot of
questions on Net +.

Plus the talk about web issues but a lot of them are kind of specific So we'll be
doing this in other episodes.

For right now though what I want you to be aware of is that network plus will often
ask pathing questions on how to get to settings in Internet Explorer.

And they always say Tools Internet Options.

Now if you look here on version 10 there is no tools.

Well there really is.

If you look right here this little guy right here is the tools button.

So even though it doesn't say tools anymore like it did in other versions it has
little pop up that says tools.

This is tools.

So the path for almost anything in Internet Explorer is tools and here's internet
options.
But for right now just appreciate tools Internet Options will get you where you
need to go.

So I've got a client over here and I've got a web server over here.

So one of the really cool things about looking at any TCP/IP application is to
actually watch and see what it does.

So I've got wireshark running over here on my server and I'm going to access the
web page.

And let's watch what happens.

OK.

So while I tried to access that web page I had my capturer running.

So somewhere in here is the actual web page being captured.

Now luckily for us we've got lots of filtering when we go ahead and stop that
capture.

All right.

So what are going to do is I'm going to filter on HTTP.

So now we're only seeing HTTP stuff now right here at the bottom is the actual
incoming request.

Now I know the originating computer was 202 13 47 102 and the IP address for my
computer is 202 13 212 104.

So that's actually by little sneakiness here I can tell where things are started.

So this is where the conversation begins.

And this is a get command which is very common for each.

And it's basically getting that web page.

So it gets the web page.

Now I want to take a look at this.

In particular this get command.

There's some interesting stuff here.

Now you'll notice what the host says is two or two 11:47 one of four what's
happened right here is I actually typed in on my client 202 11:47 104.

Now if I had typed in W W W dot Mike has a great web page dot com that would have
shown up here.

That's really important that you have the host information because one web server
could be hosting lots and lots of different Web sites.

And it's this piece of information that allows it to tell which web page at once.
Keep in mind that this host only has one IP address.

So forgetting five or six different hosted Web sites on this one computer it uses
that information to keep them separated.

So as we go through here we'll see what it's starting to pull in.

So it says here's a pian files or get some graphics in.

Here's a jpeg.

And we're watching the entire page being pulled in and eventually we get a response
saying the page has been sent and these are OK's for each one of the images as
they're coming in.

Now it's kind of cool here and this is something that makes wireshark a lot of fun
as you can right click anywhere within this transaction and click on follow TCP
stream.

Now when we do this what you'll actually get is the real HTML commands as they're
being moved back and forth and it's just put in one big packet.

So this is what your computer's actually reading to make that particular web page.

All right.

Is that cool that wireshark allows you to put together your entire connection like
that if you're not sold on using Wireshark.

Now I don't know what else I could do.

OK.

Anyway the important thing is is that we used our client and he made a request on
port 80 to our server and we actually got to watch that request come in and we got
to watch the server send the web page to the client.

So that's pretty cool.

The problem with HTTP is exactly like you saw what we did the follow the TCP stream
everything's pretty much out in the clear.

You can see the entire transaction.

So that's bad if we want to do things like online banking or buy books or things
like that.

So what we have is a version of HTTP called HTTPS.

It's still HTTP but it adds a layer of security.

In essence encrypting that TCP stream we just saw so that nosy people can't read
it.

So let's go through the process again.

Now what I've done is on my server side I've set it up now to be able to support
HTTPS.
Yes.

And on my client all I'm going to do now is I'm going to type in HTTPS code and
call HTTPS call and whack whack.

And then the IP address.

So it comes over and let's see what wireshark pulls up this time.

OK.

So here's my wireshark connection then we'll just type in TCP this time.

OK.

So I'm going have to scroll through a little bit to find this.

So here's the transaction between 1 0 2 and 1 0 4.

OK.

Here it is.

So what I want you to see is this is the initial transaction coming in from the
client to the server.

You'll see that we see the term TLS HTTP uses two different protocols SSL which is
the old school way and then TLS which is a new way and what these are doing is
they're actually setting up the encryption to make HTTPS work.

So you can see that they're talking to each other and they're beginning to send
data.

Now the problem is well it's not a problem it's a good part is that you can't
really see any of the data.

So if we open this up and take a look at the data you can see that it's all this
encrypted Goobly Goc and that's good.

So I'm going to right click on this and try to follow it TCP string and you get
this ugly mess that is encrypted data and that is the beauty of HTTP.

It's now HTTP has uses either SSL or TLS to make all this encryption and these are
really cool
but they kind of need their own episodes so you're going to have to keep watching
in later episodes.

And we're going to cover all this in great detail.

But for right now and for the network plus the big thing I want you to appreciate
is that HTTP is port 80 and HTTPS uses port 443 its on the exam.

Web servers host web site: web clients access web servers

HTTP uses TCP Port 80 by default

HTTPS uses TCP port 443 by default

FTP
Hi don't have long you've got to get all these files transferred.

In fact when it comes to the Internet file transfer is a big job and it's something
we do all the time.

Now today a lot of times what we'll do is we'll open up a web page and we can
actually download files and that's great.

But what I want to talk about is something called file transfer protocol or FTP has
been around for a long long time it predates the World Wide Web and it is still the
real common way that we use to transfer files in particular very very large files.

So to watch FTP work let's fire up a client and a server.

Ok so here we are back at the lab and once again I've got a FTP server and I've got
an FTP client now FTP is a little bit weird in particular because things like web
servers and email clients and things like that often come with operating systems.

FTP is not quite as common as being a built in application.

For example it would be tricky for you to find an FPP server built into Windows.

So we usually go to third party tools to make all this happen.

So let's go ahead and start by looking at the server itself.

So what we need to do here is set this guy up so that he can begin receiving
requests from clients.

So the first thing we're going to do is set up some accounts.

And so I've got an account called Dave now and he's got a password built into him.

Now the trick to FTP is that when someone connects they're going to have to be in a
directory.

Some some folder on your computer and we call that the home directory.

So with filezilah what we do is we set a particular directory.

And in this case it's actually my desktop a little bit hard to read but it's the
desktop on this computer.

And I could actually set what permissions I want this particular person logs in to
have.

So in this case all they can do is read and list and they can look at the
subdirectories.

So if I wanted people to be able to upload I would have to add right if I wanted

people to make directories in here which is usually a good idea for having people
upload 10 to one.

To put it in their own directories I can have them create directories as well.

So now when Dave logs in he'll be able to do whatever he needs to do the other
thing you need to appreciate is that FTP is a great place for doing really basic
like file downloads and stuff.
Now in order to do that we have to create a very very famous account and that
account is called Anonymous.

Now FTP servers have different ways to do this some FTP over say just allow
anonymous.

They have different ways this in this particular one to have to actually create an
account called Anonymous.

And I'm not even going to give it a password or anything.

And now what I need to do is say if someone logs in anonymously where do I want
them to go.

So I'm going to say they can come to my desktop.

OK.

And now they can come into my desktop and all they can do is read list and look at
subdirectories.

This is a very common thing we do if you want to download a bunch of files of that
type of thing.

This is how you would set up an anonymous account and remember Anonymous doesn't
have a password.

So we're going to hit.

OK.

And what we're looking at now is my FTP server ready to take some response.

Now just because you have the servers ready to go now we're going to need some FTP
clients.

There are zillions of FTP Clients In fact even Windows has built in FTP clients.

There's a command prompt which we'll see in a moment.

And even Internet Explorer can act as an FTP client.

But what we want to do is use a more robust client so I'm going to use the popular
WS FTP LE which is a free FTP client it works absolutely great.

Now keep in mind with that t.p we've got a server set up.

But in order to use that FTP clients send out requests on port 21 but FTP servers
will respond back on port 20.

So if you remember from earlier episodes this is a great example of where we would
no need to go into our router and setup port triggering on port 20.

OK.

So I think everything is set up.

Let's go ahead and fire up the client and see if we can log in to my FTP server.
Now I've started up a very popular FTP client this is Ipswitch ws FTP.

This is the LE or the free version.

They have a pro version as well and it's a pretty standard screen that you're going
to see here.

Usually you're going to have your computer on one side and then another directory
tree of the remote computer on the other side.

So the first thing we have to do is connect.

So let me just make a quick connection here.

And I'm going to use the user id of Dave and a password of total that I say that
out loud.

Well OK.

So this is a good connection.

The moment that connection shows up in any good FGP Kline's going to do this is
they're going to bring you into what's known as the home directory on the server so
this Dave account actually has access to the desktop over on the server.

So I can come in here and whatever I have access to I can do all kinds of fun stuff
for example if I want to transfer this file.

Now it's going to transfer to wherever I am right here.

So it's going to transfer right now to the root directory of my C-Drive which I'm
not a big fan of that.

Let's just go into games folder that'll work whatever world it takes great game.

And I'm going to make a new folder and I'm going to call it Dave because it's Dave
stuff.

And because I've made this folder over here anything I copy from here is going to
go into that folder.

So let me pick something nice and small and all these FTP clients tend to be noisy
I don't know why they all do that but they do.

But anyway I've just transferred a file that's pretty much all that we need to do
to make that happen.

Clients like this are absolutely fantastic.

You've got some other options for example pretty much any web browser makes a
pretty good FTP client too.

Now because a web browser thinks he's a web browser first and foremost you'd always
have to type in FCT so it knows that you don't want it to be a web browser you want
it to be an FTP client So I'm going to go ahead and do FTP coding whack whack.

Then I type in the IP address of the server and Tada.

So now what you're looking at is your web browser is basically just gear shifted
himself into being an FTP client.

So he is not quite as good as a full blown FTP client for example uploading and
things like that are kind of painful but it's a really good way for quick and dirty
downloads and that's why we see see if this works it usually does.

So for example here's the famous Microsoft dot com FTP site and there are hundreds
and hundreds and hundreds of different things that you can download in here.

It's not the easiest thing to read but it absolutely works this way.

So Web browsers is a good way to do it as well.

Now there's a third way to do it and this is on the network plus I want to make a
quick mention of it.

And that is Windows pretty much all operating systems come with a built in FCP
client but it's a command prompt.

So you type in FTP and then usually the name of the server you want to connect you
didn't just hit FTP and then we could do things like for example open and now wants
me to log in.

So I'm now logged in.

If you're not sure which commands typing just type help.

We're going to type dir and it's going to show me the connection so I can do
things.

At this point I can use commands like get or I can put commands like put to send
files back and forth and it works exactly like this.

So there's a lot of different ways to make FTP work from the client side however
from the server side you're going to need an FTP server.

All right.

Now the other thing I want to show you right now is we're going to go back in and
this time I'm going to watch the capture that goes on from my FGP client here over
to my FTP server.

So let's get wireshark going and let's watch an FPP capture actually take place.

All right.

Now what I did this time is I went over to my client I connected over to the server
here on this computer.

So I logged in and I grabbed one file and then that's pretty much it.

So let's take a look and watch this process so I need to sort this filter out the I
just look at FTP information OK.

So first of all here we can actually see the connection beginning to take place.

So what we're doing is we're seeing the connection from 104 which is my computer to
102.
So for some reason I missed the actual Hello are you here but so I'm missing one
packet.

But anyway here come the packets as the server responds back to the client saying
here's who I am blah blah blah.

And now it's prompting for a logon so I can see the user logged in anonymously.

And here's the password I want to take a look at when you log in anonymously it's
considered good manners to use an e-mail address as a password so the user didn't.

It's not required but it's just good manners.

So the users client throws in this WS FGT 90@ at just you know because they're
trying to advertise their client is really all boils down to.

So there's the response back and it sets it's directory and it's ready to do
whatever needs to be done.

So the first thing is we sent a list command so we could see what the server has to
offer.

And it changed directories.

And it transferred some kind of.

Here it is the transfer to a file called World of Tanks.

So let me show you what happens here if we follow this TCP stream.

The important thing I want you to appreciate more than anything else here is that
FTP by definition is totally in the clear.

So usernames and passwords are absolutely wide open and anybody can read them.

So the important thing I want you to appreciate here is that FTP has no security
whatsoever we could see the username passwords everything.

So that's what we call a bad thing.

If you want to do secure stuff you would have to use secure protocols like s FTP
secure FTP which uses encryptions like SSL NTFS to actually encrypt the stream
itself.

Now there is one other type of that I want to make a quick mention of.

It's not FTP but it kind of looks like and it's called trivial FTP or TFT TFT
doesn't have nearly the robustness that FTP does and it's a UDP protocol and it
runs on port 69.

So I would need a TFT server and a TFT client to show it to you.

But really except for a few things it's pretty much identical except it's a lot
more lightweight.

All right.

So that's FTP remember FTP runs on port 21.

All those servers will respond back on port 20.

And remember that you can make user accounts and such but Good ol anonymous account
is the common public way we use when we're playing with FTP.

FTP is a file transfer protocol, consider SFTP as a more secure method

FTP Servers listen on port 21 and send data back to the client on port 20

FTP is NOT ENCRYPTED so all passwords and data are sent in the clear..