Chapter 4

Packet Capture Analysis

Abstract

This Chapter focuses on the development of P2NMAP-Analyze.py, a new Python script that performs analysis operations on .ipdict observation files that were created by the P2NMAP-Capture Script. This is accomplished by extending the ipObservationsDictionary Class to include several key analysis methods. These methods extract key information, such as observed servers and clients, as well as key server / client interactions.

Keywords

P2NMAP-Analyze.py

.ipdict files

port lookup

host lookup

geographic IP Mapping

STDOUT

client

server

port

IP Address

port description

histogram

“All great truths are simple in final analysis, and easily understood; if they are not, they are not great truths.”

Napoleon Hill

Get Python Passive Network Mapping now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Python Passive Network Mapping by Chet Hosmer

Packet Capture Analysis

Abstract

Keywords

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly