增加了web协议详解与抓包实战的笔记

linux/linux备份/mondorescue备份.md

@@ -1,5 +1,7 @@
 # 1、安装mondorescue
 
+## 1.1、centos7
+
 ```shell
 cd /etc/yum.repos.d
 wget ftp://ftp.mondorescue.org/centos/7/x86_64/mondorescue.repo
@@ -14,6 +16,51 @@ gpgkey=ftp://ftp.mondorescue.org//centos/7/x86_64/mondorescue.pubkey
 yum install mondo -y
 ```
 
+## 1.2、优麒麟
+
+```shell
+vim /etc/apt/sources.list
+#4.0.2桌面版本:
+deb http://archive.kylinos.cn/kylin/KYLIN-ALL 4.0.2-desktop main restricted universe multiverse
+
+#4.0.2-sp1桌面版本:
+deb http://archive.kylinos.cn/kylin/KYLIN-ALL 4.0.2sp1-desktop main restricted universe multiverse
+
+#4.0.2-sp2桌面版本:
+deb http://archive.kylinos.cn/kylin/KYLIN-ALL 4.0.2sp2-desktop main restricted universe multiverse
+
+#4.0.2服务器版本:
+deb http://archive.kylinos.cn/kylin/KYLIN-ALL 4.0.2-server main restricted universe multiverse
+
+#4.0.2-sp1服务器版本:
+deb http://archive.kylinos.cn/kylin/KYLIN-ALL 4.0.2sp1-server main restricted universe multiverse
+
+#4.0.2-sp2服务器版本:
+deb http://archive.kylinos.cn/kylin/KYLIN-ALL 4.0.2sp2-server main restricted universe multiverse
+
+#4.0.2-sp2 FT2000+服务器版本:
+deb http://archive.kylinos.cn/kylin/KYLIN-ALL 4.0.2sp2-server-ft2000 main restricted universe multiverse
+
+#4.0.2-sp3版本:
+deb http://archive.kylinos.cn/kylin/KYLIN-ALL 4.0.2sp3 main restricted universe multiverse
+
+#4.0.2-sp4版本:
+deb http://archive.kylinos.cn/kylin/KYLIN-ALL 4.0.2sp4 main restricted universe multiverse
+
+#V10版本:
+deb http://archive.kylinos.cn/kylin/KYLIN-ALL 10.0 main restricted universe multiverse
+
+#V10.1版本:
+deb http://archive.kylinos.cn/kylin/KYLIN-ALL 10.1 main restricted universe multiverse
+
+
+wget ftp://ftp.mondorescue.org/ubuntu/16.04/mondorescue.sources.list
+sh -c "cat mondorescue.sources.list >> /etc/apt/sources.list" 
+# sh -c "cat mondorescue-test.sources.list >> /etc/apt/sources.list"
+apt-get update 
+apt-get install mondo 
+```
+
 # 2、生成iso文件
 
 ```shell
@@ -44,4 +91,16 @@ mondoarchive
 
 ![image-20220605192912893](assets/image-20220605192912893.png)
 
-* 如果没有ip，直接重启即可
+* 如果没有ip，直接重启即可
+
+# 3、如果安装了docker需要安装时候忽略这个目录
+
+```shell
+/var/lib/docker/devicemapper/devicemapper/
+```
+
+# 注意：！！！！！
+
+**恢复这个镜像的磁盘空间必须大于原始镜像的磁盘空间！！！！！！！**
+
+**例如：初始选择40G构建一个镜像，那么恢复镜像就必须选择大于等于40G的硬盘空间**

tcp/Web 协议详解与抓包实战/1、HTTP1.1协议.md

@@ -0,0 +1,599 @@
+> [TOC]
+
+# 1、浏览器发起HTTP请求的典型场景
+
+![image-20220806144233998](assets/image-20220806144233998.png)
+
+![image-20220806144244409](assets/image-20220806144244409.png)
+
+# 2、HTTP协议
+
+## 2.1、定义
+
+​		一种无状态的、应用层的、以请求/应答方式运行的协议，它使用可扩展的语义和自描述消息格式，与基于网络的超文本信息系统灵活的互动
+
+## 2.2、基于ABNF定义的HTTP消息
+
+![image-20220806145420006](assets/image-20220806145420006.png)
+
+![image-20220806145434440](assets/image-20220806145434440.png)
+
+![image-20220807223707927](assets/image-20220807223707927.png)
+
+![image-20220806145915215](assets/image-20220806145915215.png)
+
+## 2.3、网络为什么要分层？
+
+**OSI三次模型**
+
+![image-20220806151123689](assets/image-20220806151123689.png)
+
+* 应用层：HTTP，P2P实际所在的层次，解决业务问题
+* 表示层：负责将网络消息转换为应用层可以读取的消息
+* 会话层：建立session，建立会话和管理
+* 传输层：进程之间的通讯，报文可达。TCP
+* 网络层：广域网，IP协议
+* 数据链路层：局域网中，二层路由器
+* 物理层：物理介质。交换机
+
+**TCP/IP协议**
+
+![image-20220806151624737](assets/image-20220806151624737.png)
+
+## 2.4、HTTP解决了什么问题？
+
+![image-20220806154100285](assets/image-20220806154100285.png)
+
+## 2.5、HTTP设计遵循的web架构原则
+
+![image-20220806154143306](assets/image-20220806154143306.png)
+
+![image-20220806155015178](assets/image-20220806155015178.png)
+
+* a路径：代理+反向代理+服务器
+* b路径：直接到达服务器
+* c路径：代理+服务器
+
+# 3、五类架构风格推到出HTTP的REST架构
+
+## 3.1、架构风格
+
+![image-20220806155335413](assets/image-20220806155335413.png)
+
+### 3.1.1、数据流风格
+
+![image-20220806155456202](assets/image-20220806155456202.png)
+
+### 3.1.2、复制风格
+
+![image-20220806162104407](assets/image-20220806162104407.png)
+
+### 3.1.3、分层风格
+
+![image-20220806162157828](assets/image-20220806162157828.png)
+
+![image-20220806162335706](assets/image-20220806162335706.png)
+
+### 3.1.4、移动代码风格
+
+![image-20220806162518481](assets/image-20220806162518481.png)
+
+### 3.1.5、点对点风格
+
+![image-20220806162745010](assets/image-20220806162745010.png)
+
+## 3.2、风格演化（LCODC$SS）
+
+![image-20220806163012278](assets/image-20220806163012278.png)
+
+# 4、URI的基本格式以及与URL的区别
+
+## 4.1、什么是URI
+
+![image-20220806202916858](assets/image-20220806202916858.png)
+
+![image-20220806203014182](assets/image-20220806203014182.png)
+
+## 4.2、URI的组成
+
+![image-20220806204504063](assets/image-20220806204504063.png)
+
+## 4.3、URI的格式
+
+![image-20220806204606335](assets/image-20220806204606335.png)
+
+![image-20220806204631447](assets/image-20220806204631447.png)
+
+![image-20220806204759320](assets/image-20220806204759320.png)
+
+## 4.4、相对URI
+
+![image-20220806204828999](assets/image-20220806204828999.png)
+
+## 4.5、URI编码
+
+### 4.5.1、为什么要进行URI编码？
+
+![image-20220806204928022](assets/image-20220806204928022.png)
+
+![image-20220806205027008](assets/image-20220806205027008.png)
+
+### 4.5.2、编码方式
+
+![image-20220806205107975](assets/image-20220806205107975.png)
+
+# 5、HTTP请求行
+
+## 5.1、请求格式
+
+![image-20220806205257838](assets/image-20220806205257838.png)
+
+![image-20220806205305103](assets/image-20220806205305103.png)
+
+![image-20220806205358329](assets/image-20220806205358329.png)
+
+## 5.2、常见方法
+
+![image-20220806205426999](assets/image-20220806205426999.png)
+
+![image-20220806205908230](assets/image-20220806205908230.png)
+
+# 6、HTTP响应
+
+## 6.1、HTTP响应行
+
+![image-20220806210436558](assets/image-20220806210436558.png)
+
+## 6.2、HTTP响应码
+
+![image-20220806210459359](assets/image-20220806210459359.png)
+
+![image-20220806210505853](assets/image-20220806210505853.png)
+
+![image-20220806210512198](assets/image-20220806210512198.png)
+
+![image-20220806210521437](assets/image-20220806210521437.png)
+
+![image-20220806210530673](assets/image-20220806210530673.png)
+
+![image-20220806210540664](assets/image-20220806210540664.png)
+
+![image-20220806210549017](assets/image-20220806210549017.png)
+
+![image-20220806210558017](assets/image-20220806210558017.png)
+
+![image-20220806210603899](assets/image-20220806210603899.png)
+
+![image-20220806210609644](assets/image-20220806210609644.png)
+
+![image-20220806210615289](assets/image-20220806210615289.png)
+
+# 7、长连接与短连接
+
+## 7.1、简单的短连接
+
+![image-20220806213308581](assets/image-20220806213308581.png)
+
+![image-20220806213250798](assets/image-20220806213250798.png)
+
+## 7.2、持久的长连接
+
+![image-20220806213257668](assets/image-20220806213257668.png)
+
+## 7.3、connect注意事项
+
+![image-20220806213614563](assets/image-20220806213614563.png)
+
+![image-20220806213640171](assets/image-20220806213640171.png)
+
+# 8、HOST头部
+
+![image-20220807193047285](assets/image-20220807193047285.png)
+
+## 8.1、如何传递IP地址到服务器？
+
+![image-20220807193318110](assets/image-20220807193318110.png)
+
+![image-20220807193522235](assets/image-20220807193522235.png)
+
+# 9、请求与响应的上下文
+
+## 9.1、User-Agent
+
+![image-20220807193726574](assets/image-20220807193726574.png)
+
+## 9.2、Referer
+
+![image-20220807194722974](assets/image-20220807194722974.png)
+
+## 9.3、From
+
+![image-20220807194844430](assets/image-20220807194844430.png)
+
+## 9.4、Server
+
+![image-20220807194911574](assets/image-20220807194911574.png)
+
+## 9.5、Allow 与Accept-Ranges
+
+![image-20220807194934580](assets/image-20220807194934580.png)
+
+# 10、内容协商
+
+## 10.1、定义
+
+![image-20220807195159024](assets/image-20220807195159024.png)
+
+## 10.2、分类
+
+![image-20220807195148845](assets/image-20220807195148845.png)
+
+### 10.2.1、Proactive
+
+![image-20220807195302609](assets/image-20220807195302609.png)
+
+### 10.2.2、Reactive
+
+![image-20220807195423426](assets/image-20220807195423426.png)
+
+## 10.3、协商要素
+
+![image-20220807195541807](assets/image-20220807195541807.png)
+
+![image-20220807195553855](assets/image-20220807195553855.png)
+
+![image-20220807195823150](assets/image-20220807195823150.png)
+
+# 11、HTTP包体的传输方式
+
+## 11.1、定义
+
+![image-20220807200050541](assets/image-20220807200050541.png)
+
+## 11.2、传输方式
+
+### 11.2.1、方式一
+
+![image-20220807200118145](assets/image-20220807200118145.png)
+
+![image-20220807202245823](assets/image-20220807202245823.png)
+
+### 11.2.2、方式二
+
+![image-20220807200139017](assets/image-20220807200139017.png)
+
+![image-20220807201551020](assets/image-20220807201551020.png)
+
+![image-20220807202120503](assets/image-20220807202120503.png)
+
+## 11.3、其他头部
+
+![image-20220807202328521](assets/image-20220807202328521.png)
+
+# 12、form表单提交协议
+
+## 12.1、定义
+
+![image-20220807202536077](assets/image-20220807202536077.png)
+
+## 12.2、关键属性
+
+![image-20220807220610447](assets/image-20220807220610447.png)
+
+![image-20220807221107421](assets/image-20220807221107421.png)
+
+![image-20220807221140643](assets/image-20220807221140643.png)
+
+# 13、断点续传与多线程下载
+
+## 13.1、实际场景
+
+![image-20220807221816578](assets/image-20220807221816578.png)
+
+## 13.2、HHTP Range规范
+
+![image-20220807221953545](assets/image-20220807221953545.png)
+
+![image-20220807222000149](assets/image-20220807222000149.png)
+
+![image-20220807222012403](assets/image-20220807222012403.png)
+
+> 若if-Range头部校验不通过，会返回0-end（end表示此次发送的结尾）这么多的数据
+>
+> 与if-match头部返回两次性能优化
+
+## 13.3、服务器响应
+
+![image-20220807222410199](assets/image-20220807222410199.png)
+
+![image-20220807222417961](assets/image-20220807222417961.png)
+
+![image-20220807223049652](assets/image-20220807223049652.png)
+
+# 14、cookie的格式和约束
+
+## 14.1、定义
+
+![image-20220807223443923](assets/image-20220807223443923.png)
+
+![image-20220807223729500](assets/image-20220807223729500.png)
+
+![image-20220807223803887](assets/image-20220807223803887.png)
+
+## 14.2、问题与限制
+
+![image-20220807224009675](assets/image-20220807224009675.png)
+
+![image-20220807224017199](assets/image-20220807224017199.png)
+
+# 15、session
+
+## 15.1、cookie与session
+
+![image-20220807224428454](assets/image-20220807224428454.png)
+
+![image-20220807224528081](assets/image-20220807224528081.png)
+
+## 15.2、三方cookie
+
+![image-20220807224812200](assets/image-20220807224812200.png)
+
+# 16、浏览器的同源策略
+
+## 16.1、为什么需要？
+
+![image-20220807225300099](assets/image-20220807225300099.png)
+
+![image-20220807225411779](assets/image-20220807225411779.png)
+
+![image-20220807225446382](assets/image-20220807225446382.png)
+
+![image-20220807225638474](assets/image-20220807225638474.png)
+
+## 16.2、定义
+
+![image-20220807225703603](assets/image-20220807225703603.png)
+
+![image-20220807230346243](assets/image-20220807230346243.png)
+
+## 16.3、CSRF
+
+![image-20220807230932801](assets/image-20220807230932801.png)
+
+**这个方式已经被破解，攻击者可以获取你的全部cookie**
+
+![image-20220807231012250](assets/image-20220807231012250.png)
+
+## 16.4、CORS简介
+
+![image-20220808205400843](assets/image-20220808205400843.png)
+
+![image-20220808205649293](assets/image-20220808205649293.png)
+
+![image-20220808210506819](assets/image-20220808210506819.png)
+
+![image-20220808210844828](assets/image-20220808210844828.png)
+
+![image-20220808210851894](assets/image-20220808210851894.png)
+
+# 17、条件请求
+
+## 17.1、定义
+
+![image-20220808211110446](assets/image-20220808211110446.png)
+
+![image-20220808211349935](assets/image-20220808211349935.png)
+
+## 17.2、验证
+
+![image-20220808211457292](assets/image-20220808211457292.png)
+
+![image-20220808211536423](assets/image-20220808211536423.png)
+
+![image-20220808211547520](assets/image-20220808211547520.png)
+
+![image-20220808211700742](assets/image-20220808211700742.png)
+
+## 17.3、应用场景
+
+### 17.3.1、缓存更新
+
+![image-20220808211714562](assets/image-20220808211714562.png)
+
+![image-20220808211843742](assets/image-20220808211843742.png)
+
+### 17.3.2、增量更新
+
+![image-20220808211853255](assets/image-20220808211853255.png)
+
+![image-20220808211902719](assets/image-20220808211902719.png)
+
+![image-20220808211908257](assets/image-20220808211908257.png)
+
+![image-20220808212025760](assets/image-20220808212025760.png)
+
+### 17.3.3、更新丢失
+
+![image-20220808212342614](assets/image-20220808212342614.png)
+
+![image-20220808212358728](assets/image-20220808212358728.png)
+
+![image-20220808212410381](assets/image-20220808212410381.png)
+
+![image-20220808212453408](assets/image-20220808212453408.png)
+
+## 17.4、nginx模块如何条件验证
+
+![image-20220808212552355](assets/image-20220808212552355.png)
+
+# 18、HTTP缓存的工作原理
+
+## 18.1、原理
+
+![image-20220809211113345](assets/image-20220809211113345.png)
+
+![image-20220809211144105](assets/image-20220809211144105.png)
+
+![image-20220809211155084](assets/image-20220809211155084.png)
+
+## 18.2、私有与共享缓存
+
+![image-20220809211610966](assets/image-20220809211610966.png)
+
+![image-20220809211653355](assets/image-20220809211653355.png)
+
+## 18.3、缓存原理
+
+![image-20220809211729845](assets/image-20220809211729845.png)
+
+## 18.4、判断缓存是否过期
+
+![image-20220809211845226](assets/image-20220809211845226.png)
+
+![image-20220809212115550](assets/image-20220809212115550.png)
+
+![image-20220809212151863](assets/image-20220809212151863.png)
+
+## 18.5、Age 头部及 current_age 的计算
+
+![image-20220809212244390](assets/image-20220809212244390.png)
+
+![image-20220809212444480](assets/image-20220809212444480.png)
+
+# 19、Cache-Control 头部
+
+## 19.1、定义
+
+![image-20220809212726752](assets/image-20220809212726752.png)
+
+## 19.2、请求的含义
+
+![image-20220809212911441](assets/image-20220809212911441.png)
+
+## 19.3、响应的含义
+
+![image-20220809212945172](assets/image-20220809212945172.png)
+
+![image-20220809213116535](assets/image-20220809213116535.png)
+
+# 20、什么样的响应会被缓存？
+
+## 20.1、定义
+
+![image-20220809213328323](assets/image-20220809213328323.png)
+
+![image-20220809213537383](assets/image-20220809213537383.png)
+
+## 20.2、使用条件
+
+![image-20220809213601029](assets/image-20220809213601029.png)
+
+![image-20220809213630731](assets/image-20220809213630731.png)
+
+![image-20220809213645854](assets/image-20220809213645854.png)
+
+## 20.3、如何缓存更新频率不同的资源
+
+![image-20220809213823569](assets/image-20220809213823569.png)
+
+![image-20220809213828831](assets/image-20220809213828831.png)
+
+![image-20220809213958809](assets/image-20220809213958809.png)
+
+![image-20220809214025329](assets/image-20220809214025329.png)
+
+# 21、HTTP重定向
+
+## 21.1、为什么需要 URI 重定向？
+
+![image-20220809214131056](assets/image-20220809214131056.png)
+
+## 21.2、重定向流程
+
+![image-20220809214222467](assets/image-20220809214222467.png)
+
+![image-20220809214241598](assets/image-20220809214241598.png)
+
+## 21.3、重定向响应返回码
+
+![image-20220809214319604](assets/image-20220809214319604.png)
+
+![image-20220809214329100](assets/image-20220809214329100.png)
+
+## 21.4、重定向循环
+
+![image-20220809214753825](assets/image-20220809214753825.png)
+
+# 22、Http Tunnel 隧道
+
+## 22.1、目的
+
+![image-20220811204734585](assets/image-20220811204734585.png)
+
+## 22.2、请求行
+
+![image-20220811205055394](assets/image-20220811205055394.png)
+
+## 22.3、常见应用
+
+![image-20220811205114071](assets/image-20220811205114071.png)
+
+ ![image-20220811205128401](assets/image-20220811205128401.png)
+
+# 23、网络爬虫
+
+## 23.1、定义
+
+![image-20220811205252126](assets/image-20220811205252126.png)
+
+## 23.2、对待爬虫的态度
+
+![image-20220811205447322](assets/image-20220811205447322.png)
+
+![image-20220811205456536](assets/image-20220811205456536.png)
+
+![image-20220811205505728](assets/image-20220811205505728.png)
+
+![image-20220811205514497](assets/image-20220811205514497.png)
+
+## 23.3、网络爬虫如何抓取数据？
+
+![image-20220811205532682](assets/image-20220811205532682.png)
+
+![image-20220811205626891](assets/image-20220811205626891.png)
+
+![image-20220811205644784](assets/image-20220811205644784.png)
+
+# 24、HTTP资源的认证
+
+## 24.1、定义
+
+![image-20220811211040737](assets/image-20220811211040737.png)
+
+![image-20220811212654282](assets/image-20220811212654282.png)
+
+## 24.2、响应
+
+![image-20220811212738439](assets/image-20220811212738439.png)
+
+# 25、DNS协议解析域名
+
+## 25.1、定义
+
+![image-20220811221104618](assets/image-20220811221104618.png)
+
+## 25.2、结构
+
+![image-20220811221123327](assets/image-20220811221123327.png)
+
+![image-20220811221139774](assets/image-20220811221139774.png)
+
+## 25.3、查询与响应
+
+![image-20220811221236488](assets/image-20220811221236488.png)
+
+![image-20220811221347329](assets/image-20220811221347329.png)
+
+![image-20220811221516540](assets/image-20220811221516540.png)
+
+![image-20220811221525905](assets/image-20220811221525905.png)