Quote:
Originally Posted by PoP
Well I ran a 10 hour long tcpdump capture. My analysis doesn't reveal any realy interesting stuff.
Every hour:
The Kindle queries DNS for dogvgb9ujhyxbx.jfk1.cloudfront.net
and DNS answers with a series of 8 IP addresses in the range 204.246.169.XXX
The Kindle queries DNS for pins.amazon.com
and DNS answers with 184.73.176.172
Every 27 seconds:
The Kindle sends a UDP packet to 184.73.176.172
Every 30 minutes:
184.73.176.172 sends a UDP packet to the Kindle
The ports for UDP packets change every hour. The traceroute port 33434 is sometimes, but not always used. The content of the packet is *not* a trace route. I guess it is kind of a keepalive with some Kindle specific information. The Kindle UDP packet always contain the same data. The pins.amazon.com UDP packet data varies.
The UDP packets are possibly encrypted, wireshark doesn't decode the protocol, and at any rate the packet data is not otherwise human readable.
No log was ever sent to amazon, with or without the nolog hack applied.
No other traffic in the capture.
|
I'm beginning to think Amazon doesn't send logs all that often. In my tests (1 hour), there are little to no communication. @PoP, make sure you're looking for SSL packets. Amazon encrypts all communications. For a test, choose the "sync" menu option and see what packets are generated. Other connections should look that sync packets. Where did people find that Amazon sends packets, maybe it's changed in K3? Now that I think about it, each log is around 300KB - 1MB large. If Amazon sends these every few hours for millions of Kindles, they would lose ALOT of money because of 3G.