14:[["$","$L132",null,{"props":{"lessonContent":{"components":[{"type":"SlateHTML","content":{"html":"

Putting the full packet together

Network packets are composed of several different layers. We’ve built different packet layers for a honeypot or server but haven’t put them together.

When building a SYN scanner, we built independent layers and then stacked them together. We can build a complete DNS packet, including an IP, UDP, and DNS layer, via the same process.

","comp_id":"kfni8feSkiyOZDxnF2wNw"},"hash":0},{"type":"Code","mode":"edit","content":{"version":"8.0","caption":"Building layers of a DNS packet and combining them into a single packet","language":"python38","title":"","theme":"default","additionalContent":[],"selectedIndex":0,"runnable":true,"judge":false,"staticEntryFileName":true,"judgeContent":"","judgeHints":"","allowDownload":false,"treatOutputAsHTML":false,"enableHiddenCode":false,"enableStdin":false,"evaluateWithoutExecution":false,"showSolution":false,"timeLimit":30,"hiddenCodeContent":{"prependCode":"\n\n","appendCode":"\n\n","codeSelection":"prependCode"},"dockerJob":{"key":"Sd9Ob5k-yeUwG7GFL9ofN","jobType":"Default","name":"Scapy","inputFileName":"main.py","runScript":"python3 main.py","runInLiveContainer":false},"selectedApiKeys":{},"selectedEnvVars":{},"specialInput":"no-input","solutionContent":"\n\n\n","judgeContentPrepend":"\n\n\n","evaluateLanguage":"","isCodeDrawing":false,"content":"from scapy.all import *\n\npackets = rdpcap('http.cap')\nrequest = packets[12]\nip = IP(src='145.253.2.203',dst='145.254.160.237')\nudp = UDP(sport=53,dport=3009)\ndns = request[DNS]\ndns.qr = 1\ndns.ancount = 1\nrr = DNSRR(rrname = request.qd.qname, rdata = '127.0.0.1')\ndns.an = rr\n\nresponse = ip/udp/dns\nresponse.show2()","comp_id":"CkTUMUwV5eVY1zGyKTSX1","entryFileName":"main.py","staticEntryName":false,"dockerExecutionContext":{"imageName":"author-6586453712175104-collection-5389361019617280-rev-6-container-5097808283828224-dockerfile","job":{"key":"Sd9Ob5k-yeUwG7GFL9ofN","jobType":"Default","name":"Scapy","inputFileName":"main.py","runScript":"python3 main.py","runInLiveContainer":false},"envs":[],"liveInstance":{"id":"ed-5203020602408960","url":"https://ed-5203020602408960.educative.run","live-app-id":"ed-5203020602408960-live-app","live-app-url":"https://ed-5203020602408960-live-app.educative.run","cloudlab-id":"ed-5203020602408960-cloudlab","cloudlab-url":"https://ed-5203020602408960-cloudlab.educative.run","vm-lease-time":false,"vscode":false,"vscode-url":"https://ed-5203020602408960-vscode.educative.run"}}},"iteration":0,"hash":1,"children":[{"text":""}],"contentID":"aozVO65Iugqz8x6954Cf7","saveVersion":1,"status":"normal"},{"type":"SlateHTML","content":{"html":"

In the code block above, we’ve created a DNS packet designed to be a response to the request ...

","comp_id":"YMvK9AOg0uz4zgzsNv_0O"},"hash":4}],"summary":{"titleUpdated":true,"description":"Learn how to combine packet layers into a single packet and validate the correctness of the response.","tags":["DNS Response","Scapy","Wireshark"],"title":"Verifying Response Packet Correctness"},"content":[{"type":"SlateHTML","content":{"html":"

Putting the full packet together

Network packets are composed of several different layers. We’ve built different packet layers for a honeypot or server but haven’t put them together.

When building a SYN scanner, we built independent layers and then stacked them together. We can build a complete DNS packet, including an IP, UDP, and DNS layer, via the same process.

In the code block above, we’ve created a DNS packet designed to be a response to the request ...

","comp_id":"YMvK9AOg0uz4zgzsNv_0O"},"hash":4}],"darkModeContent":[{"type":"SlateHTML","content":{"html":"

Putting the full packet together

Network packets are composed of several different layers. We’ve built different packet layers for a honeypot or server but haven’t put them together.

When building a SYN scanner, we built independent layers and then stacked them together. We can build a complete DNS packet, including an IP, UDP, and DNS layer, via the same process.

In the code block above, we’ve created a DNS packet designed to be a response to the request ...

","comp_id":"YMvK9AOg0uz4zgzsNv_0O"},"hash":4}]},"isPreviewLesson":false,"pageType":"collection_lesson","aiCoachVideoUrl":"https://youtu.be/kgl8y9J3O6c","collectionDetailsSSR":{"title":"Python Scapy for Network Security","summary":"Scapy is a powerful Python library used for network packet manipulation and analysis. It allows users to create, manipulate, send, and capture network packets. Scapy is particularly useful for network security professionals, developers, and researchers who need to interact with and analyze network traffic. Python Scapy empowers you to automate various cybersecurity tasks, both offensive and defensive.\n\nThis course will teach you how to use Python and Scapy to build a port, honeypot, and custom vulnerability scanner. You’ll start with a brief introduction to Scapy, then learn how to monitor network traffic, create valid responses to incoming packets, and develop simple servers with automated responses. You’ll also interact with an API and develop a port and vulnerability scanner.\n\nBy the end of this course, you should be familiar with Scapy and capable of working with network packets in Python.","details":"","clos":["An understanding of how to utilize Scapy for Network Packet Analysis","Working knowledge of how to create a functional port scanner using Python Scapy","Hands-on experience utilizing tools and databases like the National Vulnerability Database (NVD) for vulnerability research","The ability to monitor and filter network traffic, craft valid packet responses, and implement a functional DNS honeypot server using Scapy","Hands-on experience applying Scapy and Python scripting to automate both offensive and defensive cybersecurity tasks, including port scanning, vulnerability detection, and server emulation"],"arabic_available":false,"page_tags":{"5297648368353280":"Python,Scapy,PCAP","5425233542774784":"Python,Scapy,PCAP","5539263766855680":"Python,Scapy,PCAP","5075131145912320":"Python,Scapy,Network","4689412766302208":"TCP,SYN Scan,Port Scan","4784931027025920":"Scapy,OSI Model,TCP/IP Model","6080360440135680":"SYN Scan,Port Scanner,TCP Handshake","5566294814621696":"SYN Scanner,IP Layer,Scapy","4535990712795136":"Scapy,Python,TCP","5456702818484224":"Scapy,packet,SYN scanner","5239885621624832":"Scapy,Send/Receive,Python","5735640677482496":"Scapy,SYN Scan,Port Scanner","4588808073117696":"Scapy,Port Scanner,ACK Scan","6026532722311168":"Scapy,Vulnerability Scanning,Python","5382799936978944":"Python,Banner Grabbing,Vulnerability Scanning","6564328780333056":"","5777335230136320":"Python,Scapy,Traffic Sniffing","4875790170980352":"Python,Scapy,Berkeley Packet Filter","5668260593008640":"Python,Scapy,Network Monitoring","5350901936291840":"Python,Scapy,Network Monitoring","6291860886913024":"Vulnerability Scanning,Python,Credential Stuffing","6599492969431040":"Python,Credential Stuffing,HTTP Response","5351427012820992":"Python,Credential Stuffing,Dictionary Attack","6089105480089600":"TCP/IP,Honeypot,Scapy","6159023806349312":"IP Header,Scapy,TCP/IP","6520293151735808":"UDP,Scapy,Honeypot","6635217198776320":"Scapy,DNS,Honeypot","6667503524904960":"Scapy,HTTP,Honeypot","4644221170745344":"DNS Response,Scapy,Wireshark","5349972075872256":"DNS,Scapy,Honeypot","5467846983548928":"Scapy,DNS,Honeypot","4667885197983744":"","6272501127839744":"Python,Scapy","6125273742573568":"","6181902148173824":"","4525236306575360":"","5514671345106944":"","4605123906240512":"Scapy,Network Monitoring,Python","6442899677118464":"Scapy,Port Scanning,Python","5342189803798528":"","5578787405430784":"Python,Server,Honeypot","5295676524724224":"","4531564238733312":"","5266720536788992":"","5643371451908096":"","5605492860256256":"","4688393694478336":"","5825840251797504":""},"collection_toc_is_enabled":true,"page_count":null,"docker":{"container":{"file":{"name":"Dockerfile.tar.gz","size":387},"imageName":"author-6586453712175104-collection-5389361019617280-rev-6-container-5097808283828224-dockerfile","buildStatusUrl":"https://www.educative.io/api/author/6586453712175104/collection/5389361019617280/containers/5097808283828224/build/status","buildLogUrl":"https://www.educative.io/api/author/6586453712175104/collection/5389361019617280/containers/5097808283828224/build/log","metadata":{"sizeInBytes":387},"id":-1,"tarballDownloadUrl":"https://www.educative.io/api/author/6586453712175104/collection/5389361019617280/containers/5097808283828224/download","rebuildImageUrl":"https://www.educative.io/api/author/6586453712175104/collection/5389361019617280/containers/5097808283828224/rebuild","buildStatus":"SUCCESS","track":false},"envs":[],"jobs":[{"key":"Sd9Ob5k-yeUwG7GFL9ofN","jobType":"Default","name":"Scapy","inputFileName":"main.py","runScript":"python3 main.py","runInLiveContainer":false},{"key":"yzlK6p-ELXlJpkzT_GeW6","jobType":"Live","name":"Scapy-SPA","inputFileName":"main.py","runScript":"ls","runInLiveContainer":true,"ports":"8080","startScript":"cd usercode\npython3 main.py\napt-get install tcpdump","forceRelaunchOnRun":true},{"key":"3_NXL-oJEA_388hjZkokw","jobType":"Live","name":"Scapy-SPA-copy","inputFileName":"main.py","runScript":"ls","runInLiveContainer":true,"ports":"8080","startScript":"cd usercode &&\napt-get update && apt-get install -y dnsutils &&\npython3 main.py &&\napt-get install tcpdump","forceRelaunchOnRun":true}],"testRunners":[],"version":3,"loaded":true},"discounted_price":29,"cover_image_id":5776587500421120,"cover_image_metadata":"{\"width\":1024,\"height\":512,\"sizeInBytes\":29272,\"name\":\"Python for Port Scanning, Honeypots, and Vulnerability Scanning (new bg) .png\"}","cover_image_serving_url":"/v2api/collection/6586453712175104/5389361019617280/image/5776587500421120","tags":["Python","Scapy","Network Traffic Analysis","Cybersecurity","Honeypot"],"intro_video_url":"","intro_video_thumbnail_url":"","aggregated_widget_stats":{"projects":1,"assessments":0,"SlateHTML":115,"codeExerciseCount":0,"codeRunnableCount":68,"codeSnippetCount":1,"illustrations":14,"Code":63,"Image":0,"TerminalWidget":2,"Quiz":4,"DrawIOWidget":14,"cloudlabs":0,"EditorCode":1,"WebpackBin":2,"RunJS":0,"Sandpack":1},"default_themes":{"code_themes":{"Code":"default","Markdown":"default","RunJS":"default","SPA":"default","isForced":{"Code":false,"Markdown":false,"RunJS":false,"SPA":false}}},"api_keys":{"api_keys":[]},"skills":[],"testimonials":[],"licensing":null,"target_audience":"intermediate","author_id":"6586453712175104","collection_id":"5389361019617280","approval_status":3005,"price":29,"is_private":false,"path_type":"regular","organization_id":null,"is_mini":false,"is_priced":true,"brief_summary":"Gain insights into Python Scapy for network security. Delve into creating, manipulating, and analyzing network packets. Learn about port scanning, honeypots, and custom vulnerability scanners.","approval_update_time":"2024-08-27T16:55:24.512Z","rating_visibility":true,"update_last_published_on_homepage":true,"show_developed_by":true,"udata_files":[],"CodeThemes":{"Code":"default","Markdown":"default","RunJS":"default","SPA":"default","isForced":{"Code":false,"Markdown":false,"RunJS":false,"SPA":false}},"is_marked_for_deletion":false,"transition_page_title":"","is_redirectable":false,"collection_type":"collection","adaptive_learning_mode":false,"HLOs_to_toc":{},"is_guide":false,"read_time":10800,"allow_logged_out_executions":false,"unique_live_widget_urls":false,"metadata_status":101,"palified_version":null},"pageSummarySSR":{"title":"Verifying Response Packet Correctness","description":"Learn how to combine packet layers into a single packet and validate the correctness of the response.","discourse_page_url":"https://discuss.educative.io/tag/verifying-response-packet-correctness__creating-servers-and-honeypots__python-scapy-for-network-security?open=true&ctag=python-scapy-for-network-security__cbca&cslug=python-scapy-for-network-security&pslug=verifying-response-packet-correctness"},"adaptiveLearningConfigConstantSSR":0,"enableLessonPageLockedBannerV2":true,"allowAllLessonPreview":false,"lockedBannerStatsSSR":{"b2cTrialStats":{"is_b2c_trial_active":true,"b2c_trial_active_duration":7,"b2c_trial_categories":"$133"},"b2cStatus":100,"learnerTags":"$134","workStats":1590,"interviewWorksStats":93,"inL2cStarterPack":false,"l2cWorkStats":44,"enableL2cStarterPackPaymentWidget":"false"},"pageTocSSR":"

","authorId":"6586453712175104","collectionId":"5389361019617280","pageId":"4644221170745344","isCollectionPageLockedCachingEnabled":true,"aceFeatureFlags":{"enableAceEditor":true,"enableAceEditorForAnswers":true},"meta":{"type":["Article","TechArticle"],"title":"Verifying Response Packet Correctness","name":"Python Scapy for Network Security","description":"Learn how to combine packet layers into a single packet and validate the correctness of the response.","image":"https://educative.io/api/collection/6586453712175104/5389361019617280/image/5776587500421120.png","isAccessibleForFree":false,"keywords":"$134","provider":"Educative","publisher":"Educative","id":"courses/python-scapy-for-network-security/verifying-response-packet-correctness","author":"Educative","educationalLevel":"intermediate","noIndex":true,"isForcedNoIndex":true,"noFollow":false,"redirectInfo":{"isDeletedCollectionPageRedirectable":false},"page_titles":{"5297648368353280":"Loading Packet Captures in Scapy","6080360440135680":"Inside the TCP Handshake","5239885621624832":"Sending Packets in Scapy","4588808073117696":"Writing Custom Port Scanners","4784931027025920":"Introduction to Packet Structure in Scapy","6026532722311168":"Introduction to Vulnerability Scanning","6564328780333056":"Finding Vulnerabilities in the NVD","5351427012820992":"Automating Credential Stuffing","5777335230136320":"Monitoring Network Traffic with Scapy","4875790170980352":"Filtering Incoming Packets","6159023806349312":"Developing a Valid IP Layer Response","5349972075872256":"Dynamically Responding to Query Packets","5350901936291840":"Logging Received Packets","5467846983548928":"Creating a Honeypot Server","4689412766302208":"Introduction to SYN Scanning","5566294814621696":"Building the IP Header","4535990712795136":"Building the TCP Header","5456702818484224":"Putting the Packet Together","5735640677482496":"Analyzing Packet Responses","5382799936978944":"Identifying Services Through Banner Grabbing","6291860886913024":"Searching for Weak Credentials","6599492969431040":"Analyzing Login Responses","5425233542774784":"Viewing Packet Contents","5539263766855680":"Modifying Packet Fields","5075131145912320":"Simple Packet Send and Response","5668260593008640":"Defining Actions for Packets","6089105480089600":"Developing a Valid TCP Layer Response","6520293151735808":"Developing a Valid UDP Layer Response","6635217198776320":"Developing a Valid DNS Response","6667503524904960":"Crafting an HTTP Response Packet","4644221170745344":"Verifying Response Packet Correctness","4667885197983744":null,"6272501127839744":"Getting Started","6125273742573568":null,"4741199727689728":"","6181902148173824":null,"4525236306575360":null,"5514671345106944":null,"4605123906240512":"Quiz: Introduction to Scapy","6442899677118464":"Quiz: Port Scanning with Scapy","5342189803798528":"Quiz: Custom Vulnerability Scans","5578787405430784":"Quiz: Monitoring Network Traffic with Scapy","5295676524724224":"Wrap Up","4531564238733312":"Develop a Honeypot Authentication Server","5266720536788992":null,"5643371451908096":"Task 2: Configure Logging","5605492860256256":"Task 3: Create the Request Handler","4688393694478336":null,"5825840251797504":null},"is_marked_for_deletion":false,"transition_page_title":"","is_redirectable":false,"deleted_course_lesson_redirect":{"author_id":null,"collection_id":null,"page_id":null,"redirect_url_slug":null},"metadata_status":101,"additional_course_alternatives":[]},"requestUrl":"/courses/python-scapy-for-network-security/verifying-response-packet-correctness","requestUrlInfo":{"authorId":6586453712175104,"collectionId":5389361019617280,"pageId":4644221170745344,"courseUrlSlug":"python-scapy-for-network-security","pageUrlSlug":"verifying-response-packet-correctness"},"isExternalContent":false}}],[["$","script",null,{"id":"generate-data","type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"$135"}}],false,"$undefined"]]