For this assignment, we… setup a server with a public IP address closed most of the ports with UFW waiting for the UFW logs to fill up I left my server up for about a month and logged about 88k requests. Traffic Spike There is a noticeable spike on Oct 24 and 25. The additional traffic came in from two different countries, China and France. While the two country’s traffic spikes came about the same time, they were very different in quality.Read more
I did a bit of packet sniffing on my own laptop with Scapy. I started by capturing 5,000 packets. I found this notebook very helpful for parsing the results. Packets contain data and go both in and out from my device. The packets also have an IP address for source and destination. From there I could find who owned the IP ranges and the total data volume. I also took a look at which ports were active.Read more
Ping is a network utility tool for testing to see if a server is responsive.
Traceroute is a utility that builds on this idea and pings in a sequence to discover the route a network request takes.