Module 8: Networking

Topic: Socket Programming

Topic: Packet sniffing

Try

Packet analysis aims to

monitor network traffics
inspect network packets

Implementation of packet analysis is a socket programming. A socket object binds a specific IP and port.

    s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_IP)
    s.bind((HOST,0))

One question? - why port number 0 in the coding above?

Use the method recvfrom() to receive packet data, which takes the size of packet data at a time. The number as the parameter to recvfrom() can be between 1 and 65565.

dataa = s.recvfrom(65565)

Then the received data should be unpacked. A packet as a frame can be unpacked according to the way it was packed.

Each detailed piece of data can be found in network sorcery.

data = dataa[0]
ipData = struct.unpack('!BBHHHBBH4s4s4s' , data[:24])
theRest = data[24:]
protocol = ipData[6]
print("-- The protocol: ", protocol)

How the protocol data can be found and how it can be interpreted?
What do you mean by '!BBHHHBBH4s4s4s'?

Try in Python