Understanding Networks / Week 12 / REST API


Group Project: Kenzo Nakamura and Anne-Michelle Gallero


Description: For this portion of the REST project, we were given another group’s project to create the hardware for. Below is types of requests and web interface for Koji and Patrick’s “Basics Guide to Blockchain.”




Video: Displaying the ‘BLOCKCHAIN’ hardware that includes 3 buttons to display the PRICE, BLOCKS, and MINING TIME on a LCD display and a servo using a Arduino MKR1000 with WiFi connectivity.


Understanding Networks / Week 8 / Packet Analysis

PACKET ANALYSIS: For this homework assignment, I used both Herbivore and Wireshark to learn about packet analysis to capture and analyze traffic on my home network. This particular capture had 8 devices on the network router one morning while getting myself and the kid ready for school.

NAVIGATING HERBIVORE: When I started playing with the packet analysis programs, Herbivore was the easiest to navigate initially with it’s simple and visual interface. The first thing that I did with Herbivore was to figure out which devices belonged to what IP address on the network. I had 8 devices on the network and since it was the morning, the last IP address that I was trying to match was my partner, who was the last to awake that morning. Once he started using his cell phone to check his email and read his top news articles, I was pretty surprised by all the sites that were popping up on Herbivore. At first I was fixated on a very suspicious web address, so I looked up it’s IP address and checked the message boards to find any info on the site and learned that it was probably some sort of Malware that is blocked on Chrome. Then, I started scrolling more through his feed and saw lots of activity on vogue.com and wondered why on earth was he was reading that when he asked me to cancel my subscription. We figured out that he was reading a Conde Nast article and not only were there tons of random ads, but also links on the web page to other Conde Nast publications like Teen Vogue, Vanity Fair, W Magazine, The New Yorker and Wired, which can also be seen in the packet sniffing. I found that Herbivore was really good at getting detailed capture of what sites you can see at that very moment and I later took all the IP addresses and website data from this capture to start mapping out a list of ad and marketing companies associated with specific content sites and media companies.

DATA COLLECTING FOR POINTS OF REFERENCE: In order to read and analyze the relationships faster, I started collecting IP addresses that were popping up in my packets to create my own personal ‘yellow pages.’  By doing this, I could read the IP address faster and concentrate more on understanding the conversations and actual activity. Below is a snapshot of the companies that I see often.

The packet capture that I saw on Herbivore gave me a quick glance at some of the ads and marketing companies associated with a website or media company. By getting those IP addresses and weblinks, I was able to define some of the major and minor companies for Content Delivery, Data Centers, Internet Providers, Commercial Advertising, Marketing and Technology companies in the digital space. For me knowing the players gives me a better overall view of how everything is related to one another. Through this exercise, I also found some questionable IP addresses that didn’t seem to be reputable companies and by keeping some sort of history or list, I could keep track of or flag certain IP addresses or companies that show up on my network.




NAVIGATING WIRESHARK:  When I first tried to use Wireshark, I wasn’t getting any packet captures, so I watched a couple of YouTube videos and referenced the Wireshark website to understand the interface and utilize the program. Figuring out what everything means and the amount of data captured for 8 devices is very overwhelming. I found myself trying to define all the the different protocols and ports to better my understanding of it’s makeup. Below is a little cheat sheet of PROTOCOLS with it’s varying LENGTHS that I came across in this particular capture as my reference points for analyzing the packets. For PORTS, this wikipedia page has a reference chart for port numbers and a description of the system processes.

What I like about Wireshark in comparison to Herbivore, is the flexibility in filtering and sorting the data to focus on a particular PROTOCOL or conversations between specific IP addresses. To analyze and dissect the protocols and conversations further, I exported this particular capture as a CSV file and opened it in excel so I could sort and group each protocol into individual tabs more freely. By separating the packets by protocols in each tab, I can then sort by length or info to see how a certain characteristics is linked to a certain function or activity. For instance in the snapshot below, I’ve isolated a UDP protocol at the 215 length and see that it’s mostly associated to a IP broadcast address of, which I suspect might be the web streaming to the TV. I’m still in the process of exploring and understanding the data, and my next steps are to focus on the activity that goes on in each protocol and understanding payloads and varying lengths of the packets, as well as learning to find the vulnerable spots within a network. With all the references and rulers that I’ve made for myself, I’m finding it easier to read the packets and to better understand my home network to help me zoom in on questionable activity.




Understanding Networks / Week 4 / Traceroute

PROJECT: In exploring Traceroute, I choose to look at news/media sites and everyday websites that I frequent from 3 different locations (school, work and home). My main intention was to plot the hops on a map in Illustrator or Processing, but I ended up plotting the points on Google Maps in order to see the paths on a more detailed map that you can zoom in and out of to analyze and see patterns.

NEWS SITES: The New York Times, The Washington Post, The Guardian

The New York Times = Blue; The Washington Post = Yellow/Orange; The Guardian = Green



EVERYDAY SITES: Chase, Amazon.com

Traceroute from: Blue = School; Orange = Home; Yellow = Work



As I was gathering the data for this exercise, I was trying to purchase tickets to shows that sold out in second after tickets were released (on Ticketfly) or the site broke down (on Eventbrite), so I did a traceroute on the sites out of curiosity.

SHOWS & TICKETING SITES: Eventbrite, Ticketfly

Eventbrite = Blue; Ticketfly = Yellow/Orange
http://www.ip2location.com/  (*NOTE: this site was able to give me more information when the the yougetsignal.com couldn’t find info on an IP address)