bg_image
header

Fully Qualified Domain Name - FQDN

The Fully Qualified Domain Name (FQDN) is the complete and unique name of a computer or host on the internet or a local network. It consists of multiple parts that reflect a hierarchical structure.

Structure of an FQDN

An FQDN is made up of three main components:

  1. Hostname – The specific name of a computer or service (e.g., www).

  2. Domain Name – The name of the higher-level domain (e.g., example).

  3. Top-Level Domain (TLD) – The highest level of the domain structure (e.g., .com).

Example of an FQDN:
👉 www.example.com.

  • www → Hostname

  • example → Domain name

  • .com → Top-Level Domain

  • The trailing dot (.) is optional and represents the root domain of the DNS system.

Why is the FQDN important?

Uniqueness: Each FQDN is globally unique and refers to a specific resource on the internet.
DNS Resolution: It is used by DNS servers to find the IP address of websites and servers.
SSL Certificates: An FQDN is often required for SSL/TLS certificates to ensure secure connections.
Email Delivery: Mail servers use FQDNs to send emails to the correct hosts.

Difference Between an FQDN and a Simple Domain

  • FQDN: mail.google.com (fully specified)

  • Simple Domain: google.com (can contain multiple hosts, e.g., www, mail, ftp)

In summary, the FQDN is the complete address of a device or service on the internet, while a simple domain is a more general address.


Secure Shell - SSH

SSH (Secure Shell) is a network protocol that establishes an encrypted connection between two computers. It is mainly used for securely logging into remote systems (e.g., servers) and executing commands.

Key Features of SSH

  • Security: Data is transmitted in an encrypted form, protecting against eavesdropping and manipulation.
  • Authentication: Access can be granted via passwords or SSH keys.
  • Tunneling Capability: Can be used to securely forward network traffic.
  • File Transfer: Allows file transfers between systems using SCP or SFTP.

Basic SSH Commands

  • Connect to a remote server:
ssh username@server-ip
  • Transfer files using SCP:
scp file.txt username@server-ip:/destination-folder/
  • Add your public SSH key (for passwordless login):
ssh-copy-id username@server-ip

SSH is commonly used by developers and system administrators to manage servers or establish secure connections for other applications.

 


Bearer Token

A Bearer Token is a type of access token used for authentication and authorization in web applications and APIs. The term "Bearer" means "holder," which implies that anyone in possession of the token can access protected resources—without additional verification.

Characteristics of a Bearer Token:

  • Self-contained: It includes all necessary authentication information.
  • No additional identity check: Whoever holds the token can use it.
  • Sent in HTTP headers: Typically as Authorization: Bearer <token>.
  • Often time-limited: Tokens have expiration times to reduce misuse.
  • Commonly used with OAuth 2.0: For example, when authenticating with third-party services.

Example of an HTTP request with a Bearer Token:

GET /protected-data HTTP/1.1
Host: api.example.com
Authorization: Bearer abcdef123456

Risks:

  • No protection if stolen: If someone intercepts the token, they can impersonate the user.
  • Must be securely stored: Should not be exposed in client-side code or URLs.

💡 Tip: To enhance security, use short-lived tokens and transmit them only over HTTPS.

 

 


Open Authorization - OAuth

OAuth (Open Authorization) is an open standard protocol for authorization that allows applications to access a user's resources without knowing their credentials (e.g., password). It is commonly used for Single Sign-On (SSO) and API access.

How Does OAuth Work?

OAuth operates using tokens, which allow an application to access a user's data on their behalf. The typical flow is as follows:

  1. Authorization Request: An application (client) requests access to a user’s protected data (e.g., Facebook contacts).
  2. User Authentication: The user is redirected to the provider's login page (e.g., Google, Facebook) and enters their credentials.
  3. Permission Granting: The user confirms that the application can access specific data.
  4. Token Issuance: The application receives an access token, which grants permission to access the approved data.
  5. Resource Access: The application uses the token to make requests to the API server without needing the user's password.

OAuth 1.0 vs. OAuth 2.0

  • OAuth 1.0: More complex, uses cryptographic signatures but is secure.
  • OAuth 2.0: Simpler, relies on HTTPS for security, and is the most commonly used version today.

Real-World Uses of OAuth

  • "Sign in with Google/Facebook/Apple" buttons
  • Third-party apps accessing Google Drive, Dropbox, or Twitter APIs
  • Payment services like PayPal integrating with other apps

 


Entity Header

Entity headers are HTTP headers that provide information about the body of a message. They can appear in both requests and responses, describing properties of the content such as type, length, encoding, or last modification date.

Important Entity Headers:

1. Content-Type

  • Specifies the media type (MIME type) of the content.
  • Example:
Content-Type: application/json; charset=UTF-8

2. Content-Length

  • Indicates the size of the content in bytes.
  • Example:
Content-Length: 1024

3. Content-Encoding

  • Shows if the content has been compressed (e.g., gzip).
  • Example:
Content-Encoding: gzip

4. Content-Language

  • Specifies the language of the content.
  • Example:
Content-Language: de-DE

5. Cache-Location

  • Indicates the URL or storage location of the actual resource.
  • Example:
Content-Location: /files/document.pdf

6. Last-Modified

  • Specifies when the content was last changed.
  • Example:
Last-Modified: Tue, 30 Jan 2025 14:20:00 GMT

7. ETag

  • A unique identifier for a version of the resource, useful for caching.
  • Example:
ETag: "abc123xyz"

8. Expires

  • Indicates when the content should be considered outdated.
  • Example:
Expires: Fri, 02 Feb 2025 12:00:00 GMT

9. Allow

  • Lists the allowed HTTP methods for a resource.
  • Example:
Allow: GET, POST, HEAD

10. Refresh  (Not standardized but often used)

  • Instructs the browser to refresh the page after a specified time.
  • Example:
Refresh: 10; url=https://example.com

These headers help describe the content of an HTTP message, optimize caching strategies, and ensure correct rendering.




Response Headers

Response headers are HTTP headers sent from the server to the client. They contain information about the server’s response, such as status codes, content types, security policies, or caching rules.

Important Response Headers:

1. Server

  • Indicates which software or technology the server is using.
  • Example:
Server: Apache/2.4.41 (Ubuntu)

2. Date

  • Specifies the date and time of the server’s response in GMT format.
  • Example:
Date: Wed, 31 Jan 2025 12:34:56 GMT

3. Content-Type

  • Defines the media type of the response.
  • Example:
Content-Type: text/html; charset=UTF-8

4. Content-Length

  • Indicates the size of the response in bytes.
  • Example:
Content-Length: 3456

5. Cache-Control

  • Determines the caching behavior of the response.
  • Example:
Cache-Control: max-age=3600, must-revalidate

6. Set-Cookie

  • Sends cookies to the client for storage and future requests.
  • Example:
Set-Cookie: sessionId=abc123; Path=/; Secure; HttpOnly

7. ETag

  • A unique identifier for a specific version of a resource, used for caching optimization.
  • Example:
ETag: "5d8c72a5f8d9f"

8. Location

  • Specifies a redirect URL if a resource has moved.
  • Example:
Location: https://www.new-url.com/

9. Access-Control-Allow-Origin

  • Enables cross-origin requests (CORS).
  • Example:
Access-Control-Allow-Origin: *

10. Strict-Transport-Security (HSTS)

  • Enforces HTTPS for future requests.
  • Example:
Strict-Transport-Security: max-age=31536000; includeSubDomains

Response headers help the client interpret the received response correctly, enforce security measures, and optimize caching strategies.


HTTP Request headers

Request headers are HTTP headers sent by a client (e.g., a web browser or API request) to the server, providing additional information about the request, the client, or the desired content.

Important Request Headers:

1. Host

  • Specifies the target domain or IP address of the server.
  • Example:
Host: www.example.com

2. User-Agent

  • Contains information about the client, such as browser type or operating system.
  • Example:
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64)

3. Accept

  • Defines which content types the client can accept.
  • Example:
Accept: text/html, application/json

4. Accept-Language

  • Specifies the client's preferred language(s).
  • Example:
Accept-Language: de-DE, en-US

5. Accept-Encoding

  • Indicates which compression formats the client supports.
  • Example:
Accept-Encoding: gzip, deflate, br

6. Referer

  • Provides the previous page from which the user navigated.
  • Example:
Referer: https://www.google.com/

7. Authorization

  • Used for authentication when accessing protected resources.
  • Example(Basic Auth):
Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=

8. Cookie

  • Contains cookies previously set by the server.
  • Example:
Cookie: sessionId=abc123; theme=dark

9. Content-Type (for POST/PUT-Anfragen)

  • Specifies the data format of the request body.
  • Example:
Content-Type: application/json

10. Origin

  • Indicates the origin URL and is often used in Cross-Origin requests.
  • Example:
Origin: https://www.example.com

These headers help the server understand the request and respond accordingly by providing details about the client, preferred content, and security aspects.


Client Server Architecture

The client-server architecture is a common concept in computing that describes the structure of networks and applications. It separates tasks between client and server components, which can run on different machines or devices. Here are the basic features:

  1. Client: The client is an end device or application that sends requests to the server. These can be computers, smartphones, or specific software applications. Clients are typically responsible for user interaction and send requests to obtain information or services from the server.

  2. Server: The server is a more powerful computer or software application that handles client requests and provides corresponding responses or services. The server processes the logic and data and sends the results back to the clients.

  3. Communication: Communication between clients and servers generally happens over a network, often using protocols such as HTTP (for web applications) or TCP/IP. Clients send requests, and servers respond with the requested data or services.

  4. Centralized Resources: Servers provide centralized resources, such as databases or applications, that can be used by multiple clients. This enables efficient resource usage and simplifies maintenance and updates.

  5. Scalability: The client-server architecture allows systems to scale easily. Additional servers can be added to distribute the load, or more clients can be supported to serve more users.

  6. Security: By separating the client and server, security measures can be implemented centrally, making it easier to protect data and services.

Overall, the client-server architecture offers a flexible and efficient way to provide applications and services in distributed systems.

 


Jekyll

Jekyll is a static site generator based on Ruby. It was developed to create blogs and other regularly updated websites without the need for a database or a dynamic server. Here are some of the main features and advantages of Jekyll:

  1. Static Websites: Jekyll generates static HTML files that can be served directly by a web server. This makes the sites very fast and secure since no server-side processing is required.

  2. Markdown Support: Content for Jekyll sites is often written in Markdown, making it easy to create and edit content.

  3. Flexible Templates: Jekyll uses Liquid templates, which offer great flexibility in designing and structuring web pages.

  4. Simple Configuration: Jekyll is configured through a simple YAML file, which is easy to understand and edit.

  5. Integration with GitHub Pages: Jekyll is tightly integrated with GitHub Pages, meaning you can host your website directly from a GitHub repository without additional configuration or setup.

  6. Plugins and Extensions: There are many plugins and extensions for Jekyll that provide additional functionality and customization.

  7. Open Source: Jekyll is open source, meaning it is free to use, and the community constantly contributes to its improvement and expansion.

Jekyll is often preferred by developers and tech-savvy users who want full control over their website and appreciate the benefits of static sites over dynamic websites.

 


Wireshark

Wireshark is a free and open-source network protocol analysis tool. It is used to capture and analyze the data traffic in a computer network. Here are some key aspects of Wireshark:

  1. Network Protocol Analysis: Wireshark enables the examination of the data traffic sent and received over a network. It can break down the traffic to the protocol level, allowing for detailed analysis.

  2. Capture and Storage: Wireshark can capture network traffic in real-time and save this data to a file for later analysis.

  3. Support for Many Protocols: It supports a wide range of network protocols, making it a versatile tool for analyzing various network communications.

  4. Cross-Platform: Wireshark is available on multiple operating systems, including Windows, macOS, and Linux.

  5. Filtering Capabilities: Wireshark offers powerful filtering features that allow users to search for and analyze specific data packets or protocols.

  6. Graphical User Interface: The tool has a user-friendly graphical interface that facilitates the analysis and visualization of network data.

  7. Use Cases:

    • Troubleshooting: Network administrators use Wireshark to diagnose and resolve network issues.
    • Security Analysis: Security professionals use Wireshark to investigate security incidents and monitor network traffic for suspicious activities.
    • Education and Research: Wireshark is often used in education and research to deepen the understanding of network protocols and data communication.

Wireshark is a powerful tool for anyone looking to gain deeper insights into the functioning of networks and the interaction of network protocols.