Monitoring Network Traffic with Scapy
Explore how to use Scapy's sniff function to monitor live network traffic, filter packets, and process incoming messages. Understand the difference between sending packets as a client and listening as a server or honeypot. Gain skills to implement honeypots by capturing and responding to network requests for better network security.
We'll cover the following...
We'll cover the following...
Sending vs. listening in Scapy
Port scanners and vulnerability scanners are clients, meaning they initiate a conversation with a server. For clients, we can use sr() and similar functions that send a packet and look for a response.
However, honeypots and other servers are the recipients of the SYN packet in a TCP handshake ...