Abstract

This chapter examines devices and services that may be running on your network. Using tcpdump we examine and try to make sense of captured network activity in promiscuous mode. I also introduce the first Python script to perform a targeted promiscuous capture. The script attempts to make sense of which IP address (source or destination) is the client vs server and the script also extracts useful information that can be used for OS Fingerprinting. The chapter also introduces the concept of deductive and inductive reasoning and considers other applications of passive network mapping.