This project provides a live visual representation of all websites and services students use at Hunter College. It is using a wireshark module for Python (pyshark) to capture network traffic. The capturing device (a Raspberry Pi) will run on a specific wireless network on the Hunter College campus. It will capture ‘Every’ packet on that interface from all the users connected to it, will scrape basic information from every packet(destination, time, size of packet, etc), analyze them, and store them on a JSON file. The JSON file will be sent to the server hosting the website, where the data will be displayed in multiple ways. The update time interval when the website is live is 10 seconds at the moment. The site allows for 3 sorting methods, 'users' which will display the nodes based on the number of users currently using the service, 'traffic' which measures the overall sum of the size of all packets going to that destination (in KBs), and 'Packets' which will sort based on the number (count) of packets going.
No. Although we might see packets coming from your device, these packets are encrypted. We see the header of the packet, which contains metadata such as source, destination, browser version, timestamps, etc. We also don’t keep track of IP addresses.
No. The script will only capture the traffic flowing through the repeater where our capturing device is connected.
Yes, and No. Some websites are hosted in an environment that might return a different hostname than what the GET request is when you attempt to access it. We are using the 'gethostbyaddr()' function from Python's Socket Module. Whatever host name this returns, will be the host appended to the node on the page. We have a static dictionary of static IPs popular services (Facebook, Youtube, Instagram, etc), we first compare the destination IPs to this dictionary, if it does not match any, we use gethostbyaddr(destinationIP).
No. If the network is open, open in the sense that it only requires you to agree to some terms (Starbucks), or enter a username and password on a web portal AFTER BEING ALREADY CONNECTED TO THE NETWORK (Hunter Campus), then it will work. If the network is password protected, whether WEP, WPA, WPA2, 802.1x, etc, then it will not work. There are ways to set it up so that you can decrypt packets on these specific protocols as they come in, but it is not needed at Hunter College.