Time
3 hours 28 minutes
Difficulty
Intermediate
CEU/CPE
4

Video Description

DNS, HTTP & HTTPS When it comes to domain protocols services, DNS, HTTP and HTTPS (the "s" designates secure) are tools network protocol type services that work in harmony with each other. DNS runs over port 53 and is both TCP and UDP just to refresh it looks up FQDN and translates to or from its IP address which is language the computer understands. HTTP, stands for Hypertext Transfer Protocol. It runs over port 80, interprets HTML (hypertext markup language), which defines how web browsers such as IE and Chrome define and communicate with web servers which is all in "clear text." As we mentioned earlier, clear text means an unsecured transactional environment. We'll also explain what's called a GET command, how it works, how the HTTP language is read and results display the web page visitors see and how the browser interprets the HTML code commands to present content, and other components such as display of images, pointers to interactive resources such as files stored on an FTP server or dialog boxes or web forms requiring input, as well as how navigations points to other locations are controlled within and beyond the web page itself. HTTPS is Secure HTTP which is a closed, encrypted, secure environment. It runs over port 443, we'll explains how it provides a significantly heightened level of security and what issues can occur that reinforce best practice for keeping security updates and patches current.

Video Transcription

00:04
now moving into some of our other networking protocols away from email networking protocols We have D N S D. N s we've talked about is our domain name service and D. N s allows us to translate from fully qualified domain name to an I P address or
00:21
the other way around from an i p address to a fully qualified domain name
00:24
Indian. This is running over port 53 it could be either TCP or UDP. We did mention earlier that D N S does
00:34
run over you tp a lot of times because that connection the connection packets for you t p r a lot or a bit smaller than TCP packets so it can send those without using as much network traffic. So Dean s may stick with T R u T p A lot of the times,
00:51
but our typical board is gonna be 53
00:54
again. Remember that D N s is used to look up
00:59
fully qualified domain name
01:00
such as www dot cyber readout. I t
01:04
to the I p address that a computer can understand. He's a different I p address every time for cyber dot i t. That's not our actual I p address, as far as I know,
01:15
but it is an example one.
01:17
So Dean s port 53
01:19
TCP or UDP, and it changes a fully qualified domain name to an I P address, or vice versa. Our next networking protocol, which is one that you'll probably see quite often if you browse the Internet. Is Http
01:33
Now http stands for hypertext transfer protocol is gonna be over Port 80. It's gonna be TCP. So what is hypertext? Some people that are watching this video may have heard of html.
01:48
Html stands for hypertext markup language. And it's
01:53
essentially our language of the Internet. It's the language is that we use to describe our Web pages. If you take a Web page and you view the source, then you'll see all of this information
02:06
with body headers. You'll see paragraph headers. You'll see
02:10
different words and bold. You'll see link addresses. You'll see star style, different style sheets. There's a lot of different aspects to h d m T M L, which allow us to have these
02:23
amazing, dynamic Web pages that we do today.
02:28
Now this HTML is translated by our browsers, but this hypertext markup language. This hypertext is transported back and forth between our Web server and our local machine using http Hypertext transfer protocol.
02:45
It's a very common port to see open because it's what we need
02:47
to use for the Internet. If you have Port 80 closed and servers trying to communicate with you, like google dot com is trying to talk with you over Port 80 to give you information for its website,
03:00
then it's not going to be able to. It's going to hit that close to port. It's not gonna be able to respond back to your requests. For information, Http essentially just
03:07
defines how our computer browsers are. Internet browsers such as Internet Explorer, Firefox, Google, Chrome Safari, etcetera all talk with Web servers. How they send and receive
03:21
commands. Toe Web servers. When we're sending information over http
03:25
Port 80
03:27
it is TCP because we want to make sure that we're getting all the packets and the pages are displaying properly and there are corrupted,
03:32
Um,
03:34
our computer are compete Internet browser sins. A get command to the server that it's trying to get the Web page from. It basically sends a command says,
03:44
can I get your Web page I want I want to get this.
03:47
Can I have this? And then our
03:51
web server
03:53
essentially responds back to that command Were essentially just issuing a command to the Web server saying, Give me your Web page lease and then the Web server responds by giving us the information to the site. All of this communication is going over. Http. Port 80 through TCP.
04:09
Another thing to keep in mind when we're transmitting information over http. Port 80. This is all in clear text. Well, what does this mean for us? If you're ever on a website is our website here? And the bar at the top of your screen will give you your web address. A lot of times, you'll see something like this. H t t p
04:28
colon
04:29
four slash board slash www dot sigh breath very dot
04:36
Hi. And you can't see the TV because it's off your bar. That, http means is communicating with the http protocol
04:46
is talking over port 80 or which a report is set up on your system for http traffic.
04:51
But when we say it's clear text, that means that if there's a user name and password field on this page or any other information for that matter, any information that you're seeing on this page, such as Welcome and then your name or any any news articles that you may be looking at or anything
05:11
Any information that you send to the Web server
05:14
while you only have this http up here
05:16
can be seen by anyone on your network. So you see, put in your user name Anthony password, and it looks like a bunch of stars.
05:26
You're like, Oh, that passwords secure. Nobody can see it. Well, just because it's a bunch of stars there in that block. As soon as you send that information over Port 80
05:34
that's in clear text. And anyone who is running
05:40
programs such as wire shark that can capture packets and look at those packets they'll see. Oh, there's a packet going over Port 80 from this computer. And if it can catch that information, if they're on your saying network that can actually look in that packet and they can pull out username user names and passwords, that's typically why
05:59
we don't see websites much anymore.
06:00
That air developed well that use Http for their user name and password pate, user name and password pages at all. Or any of their information for that matter that they were. Don't want transferred over. Clear. Text http is in clear. Text is uncorrupted. In order for us to get an encryption,
06:18
we see a lot of times we'll see a lock
06:21
up here.
06:23
And if this won't be http, it will be http s
06:28
for http. Secure as you can tell, that's our next protocol. Https runs a report for 43 is also TCP, and it is secure. Https uses a method of keys
06:43
that the sender has and the receiver has so that both parties know who the other person is
06:49
when I am logging into my Facebook. And there's the big Facebook server there. H t T P s lets me know that
07:01
I am talking to Facebook,
07:04
and Facebook is the one talking to me.
07:09
If it wasn't for the other way around, I could be talking to whoever I don't know. I'm talking to it. May or may not be Facebook. Anyone could start a website and then just make it look like the Facebook log in. But this https helps me Thio feel more comfortable that, eh?
07:26
My information is traveling over the network encrypted and be the person who I'm talking to is the person that I think that that I'm that I want to be talking to. This is the person that I think it, who it is,
07:38
who it is, is who they say they are.
07:40
Um, now
07:42
I will put a disclaimer with this. There are certain viruses that can infect your computer that will do something that's called a signing false certificates, and then you'll go to a Web page and
07:55
the certificate will look like it's good. You'll still get the little lock and everything.
08:00
But that information may be going to 1/3 party. So you do want to make sure that you always check your computer regularly for viruses. But generally speaking, as long as you have your lock up here
08:11
and you're using https
08:15
and you don't get ah, little warning that says, Hey, this connection is untrusted. I don't know who this is a lot of time, you're sometime. If you goto older websites with security policies or keys that haven't been updated in awhile, then you'll get that message. What says, Hey, untrusted connection. I don't know who that is.
08:33
That untrusted connection means
08:35
you may not be connecting to who you think you're connecting. Thio. I don't recognize this key. I don't understand. Not 100% sure that this is exactly who they say they are.
08:45
So you just want to make sure that when you're entering, log in information when you're visiting websites such as your banking website or your personal social media, What accounts? That you see that https? You see your lock and you don't get messages like this Websites unsecure. Um and you can know that
09:03
typically your information is going to be traveling over
09:05
port 443 over TCP.
09:07
And that is your difference between http, which is unsecure in clear text traveling over Port 80 in our https, which is secure and encrypt

Up Next

Strategic DNS Ops and Security

Domain Name Servers (DNS) are the Internet's equivalent of a phone book. They maintain a directory of domain names and translate them to Internet Protocol (IP) addresses

Instructed By

Instructor Profile Image
Anthony Harris
Senior Systems Engineer at ZenPoint Solutions
Instructor