You will create a dictionary entry for each unique packet observered Unique Packets combination of SRC-IP,...
Fantastic news! We've Found the answer you've been seeking!
Question:
Transcribed Image Text:
You will create a dictionary entry for each unique packet observered Unique Packets combination of SRC-IP, DST-IP, Protocol you will keep track of the count of each unique packet in the dictionary STRUCT UNPACK FORMATTING NOTES Format с туре standard size X pad byte Python type no value с char bytes of length b signed char integer B unsigned char integer ? _Bool bool h short integer H unsigned short integer i int integer I unsigned int integer 1 long integer L unsigned long integer long long integer unsigned long long integer SAE2244400 co 8 1 1 1 1 8 CZU□sa a n ssize_t integer N size_t integer e (6) float f float float d double float 2400 4 8 S char[] bytes P char[] bytes void* integer ENCODING Character < Byte order Size Alignment little-endian standard none big-endian standard none ! network (big-endian) standard none IP Packet import socket import os from prettytable import PrettyTable # Get the HOST to Sniff From hostname = socket.gethostname() HOST = socket.gethostbyname (hostname) # HOST 'localhost' import ipaddress import struct class IP: def __init__(self, buff=None): header = struct.unpack('<BBHHHBBH4S4s', buff) self.ver header [0] >> 4. = self.ihl = header [0] & exf self.tos header [1] self.len = header [2] self.id = header [3] self.offset = header[4] self.ttl = header [5] self.protocol_num = header [6] self.sum = header [7] self.src = header [8] self.dst = header [9] #human readable IP addresses self.src_address = ipaddress.ip_address(self.src) self.dst address = ipaddress.ip_address(self.dst) #map protocol constants to their names self.protocol_map = {1: "ICMP", 6: "TCP", 17: "UDP"} def main(): socket_protocol = socket. IPPROTO_IP sniffer = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket_protocol) sniffer.bind((HOST, 0)) sniffer.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1) sniffer.ioctl(socket.SIO_RCVALL, socket. RCVALL_ON) captureDict = { for i in range(1,10000): packet = sniffer.recvfrom (65565) # Wait for Packet basePacket = packet[0] pckHeader = basePacket [0:20] ipOB] = IP (pckHeader) # Lookup the protocol name try: # Extract Packet Data from tuple # Extract the packet header # Create the IP Object protocolName = iрOBJ.protocol_map[ip08].protocol_num] except: protocolName = "Unknown" print("SRC-IP ", ip0B3.src_address) print("DST-IP ", ip0B3.dst_address) print("Protocol:", protocolName) Dictionary code HERE Once you have processed 10,000 packets update load your results into the prettytable and display. tbl = PrettyTable(["Occurs", "SRC", "DST", "Protocol"]) print(tbl.get_string (reversesort=True)) sniffer.ioctl(socket.SIO_RCVALL, socket. RCVALL OFF) if name == '__main__': main() You will create a dictionary entry for each unique packet observered Unique Packets combination of SRC-IP, DST-IP, Protocol you will keep track of the count of each unique packet in the dictionary STRUCT UNPACK FORMATTING NOTES Format с туре standard size X pad byte Python type no value с char bytes of length b signed char integer B unsigned char integer ? _Bool bool h short integer H unsigned short integer i int integer I unsigned int integer 1 long integer L unsigned long integer long long integer unsigned long long integer SAE2244400 co 8 1 1 1 1 8 CZU□sa a n ssize_t integer N size_t integer e (6) float f float float d double float 2400 4 8 S char[] bytes P char[] bytes void* integer ENCODING Character < Byte order Size Alignment little-endian standard none big-endian standard none ! network (big-endian) standard none IP Packet import socket import os from prettytable import PrettyTable # Get the HOST to Sniff From hostname = socket.gethostname() HOST = socket.gethostbyname (hostname) # HOST 'localhost' import ipaddress import struct class IP: def __init__(self, buff=None): header = struct.unpack('<BBHHHBBH4S4s', buff) self.ver header [0] >> 4. = self.ihl = header [0] & exf self.tos header [1] self.len = header [2] self.id = header [3] self.offset = header[4] self.ttl = header [5] self.protocol_num = header [6] self.sum = header [7] self.src = header [8] self.dst = header [9] #human readable IP addresses self.src_address = ipaddress.ip_address(self.src) self.dst address = ipaddress.ip_address(self.dst) #map protocol constants to their names self.protocol_map = {1: "ICMP", 6: "TCP", 17: "UDP"} def main(): socket_protocol = socket. IPPROTO_IP sniffer = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket_protocol) sniffer.bind((HOST, 0)) sniffer.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1) sniffer.ioctl(socket.SIO_RCVALL, socket. RCVALL_ON) captureDict = { for i in range(1,10000): packet = sniffer.recvfrom (65565) # Wait for Packet basePacket = packet[0] pckHeader = basePacket [0:20] ipOB] = IP (pckHeader) # Lookup the protocol name try: # Extract Packet Data from tuple # Extract the packet header # Create the IP Object protocolName = iрOBJ.protocol_map[ip08].protocol_num] except: protocolName = "Unknown" print("SRC-IP ", ip0B3.src_address) print("DST-IP ", ip0B3.dst_address) print("Protocol:", protocolName) Dictionary code HERE Once you have processed 10,000 packets update load your results into the prettytable and display. tbl = PrettyTable(["Occurs", "SRC", "DST", "Protocol"]) print(tbl.get_string (reversesort=True)) sniffer.ioctl(socket.SIO_RCVALL, socket. RCVALL OFF) if name == '__main__': main()
Expert Answer:
Related Book For
Horngrens Cost Accounting A Managerial Emphasis
ISBN: 9780135628478
17th Edition
Authors: Srikant M. Datar, Madhav V. Rajan
Posted Date:
Students also viewed these accounting questions
-
Mixie Company has the following data for last year: Sales Contribution margin Operating income Average operating assets Actual Cost of capital 1. What is Division A's margin? 2. What is Division A's...
-
What skills and knowledge can be gained from a Principles of Finance course?
-
CANMNMM January of this year. (a) Each item will be held in a record. Describe all the data structures that must refer to these records to implement the required functionality. Describe all the...
-
GoFast Corp. wishes to renovate the property so that he can sell it at a higher price.The after-tax cash flow over next year up to RM320,000 if the property was renovated.The renovation cost is...
-
Explain how to scale up or down the complexity of project planning and management tools and what effect, if any, this might have on the project life cycle.
-
"Policymakers would never respond by stabilizing output in response to a temporary positive supply shock." Is this statement true, false, or uncertain? Explain your answer.
-
Consider a household similar to that of exercise 5, except this households utility takes the following form: where wm, ww are, respectively, the mans income and the womans income; w = wm + ww, and y...
-
The Alfredo Fragrance Company produces only one product, a perfume called Hint of Elegance. Hint of Elegance consists of two secret ingredients blended into an exclusive fragrance, which is marketed...
-
1 point Mac is 5 feet tall and casts a 4 foot 6 inch shadow. At the same time, a nearby tree casts a 20 foot shadow. Which is the closest to the height of the tree? 22 feet 18 feet 22 feet 2 inches...
-
Janis has borrowed $100,000 from the bank to buy a rare Pokmon card. Her debatable financial judgement aside, the bank has agreed to lend her this money at an interest rate of 13% p.a. effective....
-
A firm is currently financed with 40% equity and 60% debt. The firm generates perpetual net income of $2 million per year. The firm's cost of equity is 16% , its cost of debt is 5%, and it has a tax...
-
Apple Company Financial Statement Analysis How much did the company report as the current portion of long-term debt at the most recent years balance-sheet date? Why is this portion of long-term debt...
-
Steve takes out a $175,000 mortgage for 20 years. He makes monthly payments and at the end calculates that he has paid $255,125 toward the mortgage. What was the approximate APR of the loan?
-
Merchandise is purchased on account, $3,600 plus freight charges of $300. Terms of the sale were FOB shipping point. Payment is made for the cost of merchandise and the freight charge.
-
Julian and Casper were discussing how the CEO of their company recently managed a critical issue, which could have negatively impacted the company. They both stated that the CEO would normally ask...
-
Q14. Squash Delight Please offer a detailed explanation of how to work the problem, along with the answer. Thank you. Squash Delight Incorporated has the following balance sheet: Assets Cash Accounts...
-
What mass of H2 will be produced when 122 g of Zn are reacted? Zn(s) + 2HCl(aq) ( ZnCl2(aq) + H2(g)
-
Explain revenue management drivers in relation to Kimes and Chases four quadrants model.
-
Within an environment with which you are familiar (hospitality, tourism or events) analyse how revenue management could be applied.
-
Why does revenue maximisation not always lead to profit maximisation?
Study smarter with the SolutionInn App