Below chart plots total kilobytes sent to public Internet addresses over the entire capture time. Each data point is broken by networking protocol, such as HTTP or FTP.
There are two fundamental reasons
1. In order to send correct and relavent data, servers must know clients' configuration. For example, to provide the updates that your computer needs, update servers will need to know version of your product, as well as your hardware configuration.
2. Before downloading data, client and server will exchange specifics of the transfer. For example, at the beginning of the communication, client and server will establish a transmission channel by exchanging their respective sequence numbers. Additionally, communications over a secure channel requires the collaboration of the client. For example, client sends the encryption protocols it supports, or whether or not it agrees to the options provided by the server. Also, certain communication protocols like TCP require client to acknowledge receipt of data sent by server so that server knows whether or not it needs to retransmit the data. Although these so-called ACK (for acknowledgement) are small in size, they are frequent, adding up to total traffic that is sent to the server.
Transmission Control Protocol (TCP) is the underlying tranmission protocol for most Internet bound packets. TCP is usually used as a transport control mechanism for higher level protocols (e.g. HTTP or FTP). We only report TCP if no higher level protocol was detected.
User Datagram Protocol (UDP), similar to TCP, is another fundamental tranmission protocol. UDP is usually used as a transport control mechanism for higher level protocols (e.g. DNS). We only report UDP if no higher level protocol was detected.
Hypertext Transfer Protocol (HTTP) is the backbone of web traffic. Please keep in mind that although HTTP is best known for transferring data back and forth from web sites, it is commonly used as a general purpose transfer mechanism when accessing web services (e.g. weather data, checking and downloading updates, anti-virus definition downloads)
Network Time Protocol (NTP) helps keeping your computers time in sync with highly accurate atomic clocks.
File Transfer Protocol (FTP) is used for transferring files. It is commonly used for downloading updates.
Domain Name System (DNS) is used for resolving names (e.g. www.example.com) to their IP addresses (126.96.36.199).
Please refer to Understanding Computer Networks for a more detailed explanation of how computer networks work and what the different types of packages do.
Below tables list where your traffic goes and what kind of networking protocols are being used. What makes Traffic Hound based reports unique is the highly accurate hostname informations. Most other tools either do a reverse-DNS lookup (which is bad because IP assignments change frequently and a reverse lookup may yield stale information) or only a superficial analysis of DNS packets captured earlier (which only gives CDN locations like edge.akamai.com instead of the intended destination) Traffic Hound performs a deep analysis of DNS traffic, extracts CNAME records so that intended destination names can be reported.
Moreover, Traffic Hound extracts IPv6 over IPv4 Teredo tunnels, so that real protocol information can be captured instead of the default UDP for all tunnelled IPv6 traffic.
IP address geo-location is based on heuristics. Geo-location providers use a number of databases. A primary source for IP address data is the Regional Internet Registries. These are large, official organizations responsible for managing and distributing IP addresses in specific regions of the world. However there are other sources that is employed, some of these being trade secrets of providers. Although some of these databases are high confidence, sometimes location resolutio may need to employ less accurate, low confidence resources.
We use industry standard www.MaxMind.com IP Geo-Location service to resolve location information. It is one of the most respected service providers in this field. We frequently compare their results with competitors to ensure their accuracy.
Below table outlines number of outgoing packets and bytes to each country.
|Country||Total Packets||%||Total Bytes||%|
Below data can dynamically be filtered by clicking on regions in the map above.
|To (Geo Location)||To (Host Name)||To (IP)||Protocol||Total Bytes|