Skip to content
Skip to main content

About this free course

Download this course

Share this free course

Introduction to cyber security: stay safe online
Introduction to cyber security: stay safe online

Start this free course now. Just create an account and sign in. Enrol and complete the course for a free statement of participation or digital badge if available.

1.3 Datagrams on the move

We have seen how, in theory, datagrams of information move around the internet. It’s actually possible to see this in action, often with surprising results.

Each datagram is sent through a series of computer nodes that form the backbone of the Internet. There are many thousands of these nodes and often many different routes between them. Each of these nodes has an IP address. If you look up the IP address of the node using ‘whois’, some will provide a geographical location for the node. Some will provide only the country of that node, and some provide no location information.

On most computer systems you can run software that will follow the route from your computer to a destination IP address, and it will return a list of the nodes that it passes through. These are usually known as ‘Traceroute’ apps. See the wikihow page for information on how to run this Traceroute tool on your computer: https://www.wikihow.com/ Traceroute [Tip: hold Ctrl and click a link to open it in a new tab. (Hide tip)]

Instead of looking up the ‘whois’ for each node to see where it is located, you can use an online utility that does this looking up for you and plots the results on a map. Open https://peter-thomson.com/ leaflet-map-tutorial/ traceroute-mapper.html in your browser and paste in the output from running ‘Traceroute’ on your computer.

Activity 1 Datagrams

Timing: Allow about 15 minutes

Spend about 10 minutes exploring the routes to some of the following Australian organisations:

Be warned! You might be surprised at what you find – information is not necessarily coming from where you might expect it to. Also, bear in mind that things change frequently when it comes to the internet; not only might the route be different if you look at the same destination at different times, but even the location where the information comes from might be different.

Nodes increasingly don’t provide information – a security precaution. Nodes only identify a country – or the wrong country as they are using factory defaults. The destination might also not be the original server as sites may be cached or served from multiple locations.

Now use the site https://whois.domaintools.com/ to locate the Sydney Morning Herald.

Not where you expected?

The information for usyd.edu.au is less informative, but shows:

IP Location - New South Wales - Sydney - University Of Sydney

Discussion

You will have discovered that the route to the Sydney Morning Herald website did not terminate in Australia.

A URL ending in ‘.au’ is an Australian domain, but that doesn’t mean that the computer hosting the site has to be in Australia.

The Australian Domain Name Administrator (auDa) is responsible for licensing users of ‘.au’ names, and it has rules that require the licensees to have some connection with Australia (that is not the case with all countries; some authorities allow anyone to license their names). However, where the website is hosted – which computer the website is stored on – is a different question from who is using the URL. For example, Google (based in the USA) offers a service hosting websites (Google Sites). It’s possible to use a service with a ‘.eu’ (European) domain name, with the result that the ‘.eu’ site is in the USA.

You can look up the details of an address by using a ‘whois’ service. For example, you could use the site https://whois.domaintools.com/ and type innovations.ac.uk into the whois search box. Note that this domain is also associated with The Open University.

In addition, websites that receive heavy usage from a particular location might be cached locally – that is to say, copies of the website’s data might be temporarily stored on a computer closer to the location from which the information is being accessed. This saves making heavy use of long-distance connections.

How many stages did your information take? Did anything surprise you about the route your information took?

Use Trace Route and ‘whois’ to look up the location of other website domains that you use.