Python network data visualization

Most folks have pulled up Wireshark a time or two to troubleshoot an application or system problem. During forensics, packet captures (PCAPs) are essential. Often you are looking at things like top talkers, ports, bytes, DNS lookups, and so on. Why not automate this process with Python?

Scapy [1] is a great tool suite for packet analysis and manipulation. It is most often talked about in the realm of packet manipulation, but its ability to analyze packets is also top-notch.

Make Ready

First, you need to make sure you have Python 3 installed along with the following packages:

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Core Technologies

    Learn what's going on in your network, using Linux and its arsenal of packet capture tools.

    more »
  • ARP Spoofing Attacks

    ARP spoofing can be used to initiate denial-of-service attacks, network hijacking, and man-in-the-middle attacks on the Intranet. We look at how to prevent these incursions.

    more »
  • Security Visualization Tools

    Spot intruders with these easy security visualization tools.

    more »
  • Hping

    Don't let intruders crash your dance. We'll show you how to test your firewalls and intrusion detection systems with hping.

    more »
  • Perl – Build a Sniffer

    If you need to browse through packets rushing by on the local network, Wireshark provides a useful service. But, if you prefer to build your own tools, why not use the command-line version, TShark, and a terminal-friendly Curses UI?

    more »
comments powered by Disqus