Filtering Incoming Packets

Explore how to filter incoming network packets using Scapy's sniff function with Berkeley Packet Filter syntax. Understand filtering by protocol and port to efficiently manage traffic for honeypots and servers, focusing only on relevant inbound packets.

We'll cover the following...

Introduction to filtering with Scapy
Filtering traffic by protocol
Combining BPF filters

Introduction to filtering with Scapy

Previously, we used Scapy’s sniff function to monitor network traffic. Instead of sending packets and looking for responses, sniff provides access to all traffic that is visible to the system.

However, we might not always want to inspect all types of network traffic. For example, if we’re implementing a honeypot or a server, we may want to focus on certain types of traffic. For this, we’ll need to filter the traffic that Scapy sniffs and only analyze certain types of traffic.

Filtering traffic by protocol

As mentioned previously, sniff can take various arguments, and one of these arguments is ...

1.Introduction to Scapy

2.Port Scanning with Scapy

3.Developing Custom Vulnerability Scans

4.Creating Servers and Honeypots

Mini Project

5.Conclusion

Filtering Incoming Packets

Introduction to filtering with Scapy

Filtering traffic by protocol