Networking & CGI
Common gateway interface (CGI), a standard that allows external applications located on personal computers or other devices to interact with information servers on the Internet. Developed in the 1990s, CGI is still used, but other methods such as PHP scripts are also utilized.
-
In order to create effective CGIs, developers need to know HTML, CGI, and HTTP commands.
-
CGI applications can be written in any computer programming language that is supported by the host computer.
-
CGI programs commonly use the HTTP methods GET and POST and the environment variables QUERY_STRING and PATH_INFO to facilitate communication between a client and a Web server.
-
In order to be effective, CGI transmissions must contain header messages expressing the return program’s data type.
-
Security is also essential to the employment of CGI programs because they can open the host system to unlimited Web access. In order to improve security, programs are placed in a directory called /cgi-bin. Access to it is often limited to certain users.
CGI allows a script on a web server to process input (for example, from a form) and return results to a requester:
- The Web surfer fills out a form and clicks, “Submit.” The information in the form is sent over the Internet to the Web server.
- The Web server “grabs” the information from the form and passes it to the CGI software.
- The CGI software performs whatever validation of this information that is required. For instance, it might check to see if an e-mail address is valid. If this is a database program, the CGI software prepares a database statement to either add, edit, or delete information from the database.
- The CGI software then executes the prepared database statement, which is passed to the database driver.
- The database driver acts as a middleman and performs the requested action on the database itself.
- The results of the database action are then passed back to the database driver.
- The database driver sends the information from the database to the CGI software.
- The CGI software takes the information from the database and manipulates it into the format that is desired.
- If any static HTML pages need to be created, the CGI program accesses the Web server computer’s file system and reads, writes, and/or edits files.
- The CGI software then sends the result it wants the Web surfer’s browser to see back to the Web server.
- The Web server sends the result it got from the CGI software back to the Web surfer’s browser.
A port is a virtual point where network connections start and end. Ports are software-based and managed by a computer's operating system. Each port is associated with a specific process or service. Ports allow computers to easily differentiate between different kinds of traffic: emails go to a different port than webpages, for instance, even though both reach a computer over the same Internet connection.
Ports are standardized across all network-connected devices, with each port assigned a number. Most ports are reserved for certain protocols — for example, all Hypertext Transfer Protocol (HTTP) messages go to port 80. While IP addresses enable messages to go to and from specific devices, port numbers allow targeting of specific services or applications within those devices.
Vastly different types of data flow to and from a computer over the same network connection. The use of ports helps computers understand what to do with the data they receive.
Suppose Bob transfers an MP3 audio recording to Alice using the File Transfer Protocol (FTP). If Alice's computer passed the MP3 file data to Alice's email application, the email application would not know how to interpret it. But because Bob's file transfer uses the port designated for FTP (port 21), Alice's computer is able to receive and store the file.
Meanwhile, Alice's computer can simultaneously load HTTP webpages using port 80, even though both the webpage files and the MP3 sound file flow to Alice's computer over the same WiFi connection.
- Ports 20 and 21: File Transfer Protocol (FTP). FTP is for transferring files between a client and a server.
- Port 22: Secure Shell (SSH). SSH is one of many tunneling protocols that create secure network connections.
- Port 25: Historically, Simple Mail Transfer Protocol (SMTP). SMTP is used for email.
- Port 53: Domain Name System (DNS). DNS is an essential process for the modern Internet; it matches human-readable domain names to machine-readable IP addresses, enabling users to load websites and applications without memorizing a long list of IP addresses.
- Port 80: Hypertext Transfer Protocol (HTTP). HTTP is the protocol that makes the World Wide Web possible.
- Port 3389: Remote Desktop Protocol (RDP). RDP enables users to remotely connect to their desktop computers from another device.
A firewall is a security system that blocks or allows network traffic based on a set of security rules.
Some attackers try to send malicious traffic to random ports in the hopes that those ports have been left "open," meaning they are able to receive traffic.
For this reason, firewalls should be configured to block network traffic directed at most of the available ports.
Properly configured firewalls block traffic to all ports by default except for a few predetermined ports known to be in common use. For instance, a corporate firewall could only leave open ports 25 (email), 80 (web traffic), 443 (web traffic), and a few others, allowing internal employees to use these essential services, then block the rest of the 65,000+ ports.
Network routing is the process of selecting a path across one or more networks. The principles of routing can apply to any type of network, from telephone networks to public transportation. In packet-switching networks, such as the Internet, routing selects the paths for Internet Protocol (IP) packets to travel from their origin to their destination. These Internet routing decisions are made by specialized pieces of network hardware called routers.
Consider the image below. For a data packet to get from Computer A to Computer B, should it pass through networks 1, 3, and 5 or networks 2 and 4? The packet will take a shorter path through networks 2 and 4, but networks 1, 3, and 5 might be faster at forwarding packets than 2 and 4. These are the kinds of choices network routers constantly make.
Routers refer to internal routing tables to make decisions about how to route packets along network paths. A routing table records the paths that packets should take to reach every destination that the router is responsible for. Think of train timetables, which train passengers consult to decide which train to catch. Routing tables are like that, but for network paths rather than trains.
Routers work in the following way: when a router receives a packet, it reads the headers* of the packet to see its intended destination, like the way a train conductor may check a passenger's tickets to determine which train they should go on. It then determines where to route the packet based on information in its routing tables.
Routers do this millions of times a second with millions of packets. As a packet travels to its destination, it may be routed several times by different routers.
Routing tables can either be static (for small networks - less computing power) or dynamic (medium-large networks - much more computing power but more effcient).
A router is a piece of network hardware responsible for forwarding packets to their destinations. Routers connect to two or more IP networks or subnetworks and pass data packets between them as needed. Routers are used in homes and offices for setting up local network connections. More powerful routers operate all over the Internet, helping data packets reach their destinations.