Python network data visualization

Data Harvest

© Lead Image © Mark Bridger, 123RF.com

© Lead Image © Mark Bridger, 123RF.com

Article from Issue 220/2019
Author(s):

The Scapy packet manipulation program lets you analyze and manipulate packets to create incident response reports or examine network security.

Most folks have pulled up Wireshark a time or two to troubleshoot an application or system problem. During forensics, packet captures (PCAPs) are essential. Often you are looking at things like top talkers, ports, bytes, DNS lookups, and so on. Why not automate this process with Python?

Scapy [1] is a great tool suite for packet analysis and manipulation. It is most often talked about in the realm of packet manipulation, but its ability to analyze packets is also top-notch.

Make Ready

First, you need to make sure you have Python 3 installed along with the following packages:

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Core Technologies

    Learn what's going on in your network, using Linux and its arsenal of packet capture tools.

  • ARP Spoofing Attacks

    ARP spoofing can be used to initiate denial-of-service attacks, network hijacking, and man-in-the-middle attacks on the Intranet. We look at how to prevent these incursions.

  • Security Visualization Tools

    Spot intruders with these easy security visualization tools.

  • Hping

    Don't let intruders crash your dance. We'll show you how to test your firewalls and intrusion detection systems with hping.

  • Network Analysis

    The nightmare of any admin is a user who can't resisting clicking on an unknown attachment labeled Application.exe. This article draws on a real-world example to show how you can use built-in Linux resources to detect unauthorized traffic that might have been invited in by a trigger-happy user.

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News