Highest Voted 'dpkt' Questions

0

votes

1 answer

Detecting half-open scans when reading PCAP files

I am trying to write a small script in Python 2.7 using "dpkt" wrapper library to parse the sample PCAP file. I did write successfully specific checks for the NULL scans such as if seq = 0 and flags not set, but how do I do that for the half-open…

asked Nov 21 '16 at 03:48

user629034

659
2
11
30

0

votes

1 answer

faster solution? : dpkt or pyshark via Cython

I'm looking to use dpkt or pyshark coupled with cython, to speed up parsing of a lot of data (GBs) in a pcap file. I wondered if anyone has run dpkt with cython OR pyshark with cython and could share the speed increases with me? Im specifically…

python parsing cython dpkt pyshark

asked Oct 05 '16 at 14:20

Jshee

2,620
6
44
60

0

votes

1 answer

Installing Snoopy-ng

I had a problem while installing Snoopy which I couldn't resolve and couldn't find any answers to, so I spent over 8 hours figuring it out and I'm going to post it here so others don't need to struggle. My problems were that the installation would…

python-imaging-library dpkt snoopy

asked Sep 29 '16 at 14:45

Petetheodddog

81
8

0

votes

1 answer

Parse pcap file into txt file

How do i parse a pcap file and convert it into a text file wherein each line in the text file is a packet? i tried writing it into text file as given below but special characters are showing up when i print eth. Therefore, when i try to write it…

python parsing pcap packets dpkt

asked Jan 04 '16 at 02:50

Normal one

145
1
2
12

0

votes

2 answers

virtual Lan(0x8100) support in dpkt in python

I have a packet which shows is a type of vlan. I am using dpkt 1.6 version to extract the fields. However it seems that the vlan type is not supported. when condition is applied as eth = dpkt.ethernet.Ethernet(header_sampled_packet) print…

python vlan dpkt

asked Dec 18 '15 at 09:53

Laxmi Kadariya

1,103
1
14
34

0

votes

1 answer

Questin about Wireshark pcap file

I found that in Wireshark gui, there is an info field describe the connection info such as HTTP GET or who has x.x.x.x. Just wondering if wireshark will store the info field into pcap dump file? I am trying to parse the pcap with dpkt python module.…

wireshark pcap dpkt

asked Jul 16 '15 at 17:39

zequn2001

1
1

0

votes

1 answer

Parsing PPPoE packets with dpkt

I am trying to retrieve 5-tuples information from a list of pcap files using the dpkt library. To parse the PPPoE packets with VLAN tags, I write codes like this(for test only): import dpkt import socket def decode(pc): for ts, pkt in pc: …

python parsing pppoe dpkt

asked Apr 14 '15 at 02:27

Xin

69
1
9

0

votes

1 answer

Set tcp MSS in python

I am trying to do the following: (1) Receive a network packet, (2) Change the tcp mss (max. segment size) to a different value, (3) Send the packet out. I am using python, iptables and dpkt to do this, but I am not able to change the MSS in the tcp…

python networking raw-sockets dpkt

asked Dec 21 '14 at 22:30

Groot

311
4
15

0

votes

1 answer

How do I get the snapshot length of a .pcap file using dpkt?

I am trying to get the snapshot length of a .pcap file. I have gone to the man page for pcap and pcap_snapshot but have not been able to get the function to work. I am running a VM Fedora20 and it is written in python First I try to import the file…

python networking pcap dpkt

asked Oct 19 '14 at 16:50

John

89
3
16

0

votes

1 answer

Impacket & dpkt sending features?

Is there any support for sending packets in impacket or dpkt libraries? I was able to find examples of sniffing, interpreting and constructing packets using these libraries, but they don't seem to support sending over network interfaces. Ping…

python networking dpkt impacket

asked May 26 '14 at 14:43

vda8888

689
1
8
19

Questions tagged [dpkt]