O'Reilly logo

Python Forensics by Chet Hosmer

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 9

Network Forensics

Part II

Abstract

This chapter provides a deep look into the creation, processing, and data extraction from raw network packets. The purpose is to create a pure Python Silent Network Monitoring Tool to allow the capture of TCP and UDP packets. The chapter covers Switched Port ANalyzer (or port mirroring) ports, Promiscuous Mode network interfaces that are used for silent network monitoring activities.

Keywords

Network Forensics

Network investigation

Promiscuous Mode

SPAN ports

Raw sockets

Unpack

Signal

Argument parsing

CSV

Logging

Decoding

Packets

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required