For me, the most eye opening sections of this class were definitely surrounding the physical infrastructure of the internet. The birth of the internet from a military communication network on the outskirts of Washing DC, transforming the surrounding area into a telecoms hub for our country was a teaser of what the physical manifestation of the internet looks like. Specifically, our visit to the carrier hotel really solidified how the internet functions on the back of one hundred plus years of city planning and older, defunct technology. This not only firmly brings the concept of the web out of an amorphous, abstract cloud, but brings into focus the current trend of hyper scaling data centers and the massive expansions of both power and fiber lines into communities previously devoid of such infrastructure, whether they like it or not. The net requires real world resources, wires and human labor to expand and keep running.
Another point that has stayed with me is that for the web to function, we need to keep communicating as a whole. Many of the protocols we have looked at have some element of an established and agreed upon level of trust, and without that, things will break. When things break, people need to talk to each other to get the web back up and running. Specifically, I am recalling the reading from the CloudFlair engineer and how he needed to call his colleague at the Indonesian ISP to figure out the routing issue and get Google back online. This is a granular level of analog contact that I had not considered necessary for the internet to be running as a whole. URLs need to echo through the connected web in order to be properly indexed to allow other humans to connect to them. This and the previously mentioned incident casts an even further light on what cutting undersea cables entails and how that might not only affect the country it’s being done to, but our whole global net. Hunter mentioned how the ISPs will devolve into sloppy competitive behavior with each other without an independent entity that keeps that in line, and I think that contrasts starkly with the fact that for all of this to function the way we expect, there needs to be a level of cooperativeness I had not previously conceived of. Massive tech companies want their customers to think their products work in a frictionless abstracted world, yet their ability to connect relies on a very human level of connection.
While not TOTALLY network related, over the course of this semester I learned how much can be done via the terminal (I had almost zero interaction outside of file navigation and using git). While I still tend to need to have my handheld by a GPT for certain more in-depth tasks, my eyes are opened to the amount of analysis and web development that can be done. My simple server was deployed without drafting in VS code, and while I would not want to do this for something I want to actually design and use, it underscores the power of it, at least for me. Analyzing firewall logs and discovering the sheer amount of bots scanning the web was at first was shocking until I realized the amount of completely normal and banal reasons a bot might do that.
Many of the things that stick out to me from this semester helped my understanding of the internet shift from the abstract concept of the “cloud” to a more concrete, corporeal network, and the ways us as humans physically encounter it.
SYN Connection attempts to specific ports on my site. Anything without a bar has two attempts, I filtered everything else out.
Most of the SYN attempts/connections on my server occurred on port 443, which is the https:// encrypted port. This makes sense as I have my nginx droplet running, so lots of bots visiting my website (or people are excited to see pictures of my dog). I believe port 22 is related to ssh login, so it makes sense that that would also be a high priority port to try to get into. I do wonder what the random hits to all of these much higher number ports are intended to do. Is there a specific purpose or is it just general probing to see what you can get, e.g. casting a wide net?
I think the level of traffic to my site represents a very quiet server (what I expected) even though the numbers are quite big.
Out of the total packets monitored and based on the ports they accessed, these are top protocols (based off of port access) seen in my packet analysis. The 43.8% corresponds to port 443, where SSH represents port 22. ICMP actually had 8 packets but these make of a fraction of the total amount of packets.
Pasting my API here for posterity, since it sounds like we will go over these again. noahdorazio.com/api/time
const express = require("express");// loads express library
const app = express();//creates app object, an app object is sort of like the center of the server, recieving webrequests and how to deal with them.
app.get("/api/time", (req, res) => {// GET route, when someone requests "noahdorazio.com/api/time", the function within the brackets below will run
const now = new Date(); // accesses the server's system clock, defines it as now
res.json({
utc: now.toISOString(),//time from server's clock as ISO format
local: now.toLocaleString(),//time as local conputer's
unix: now.getTime()//time as milliseconds
});
});
app.listen(3000, "0.0.0.0", () => {//opens network port 3000, and 0.0.0.0 means it will accept connections from anywhere
console.log("Time API running on <http://127.0.0.1:3000>");
});