Chapter 2

What You DON’T Know About Your Network

Abstract

This chapter examines devices and services that may be running on your network. Using tcpdump we examine and try to make sense of captured network activity in promiscuous mode. I also introduce the first Python script to perform a targeted promiscuous capture. The script attempts to make sense of which IP address (source or destination) is the client vs server and the script also extracts useful information that can be used for OS Fingerprinting. The chapter also introduces the concept of deductive and inductive reasoning and considers other applications of passive network mapping.

Keywords

DMZ
VPN
Firewall
Application Firewall
DLP
SEIM
Maginot
detect
protect
react
wearable technology ...

Get Python Passive Network Mapping now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.