Develop a small sniffer tool from Python

Source: Internet
Author: User

The main goal of the Sniffer tool is to discover the surviving hosts in the target network based on UDP, because the UDP access process is less expensive.

Since many operating systems have a common denominator when dealing with the closure of UDP ports, we are using this commonality to determine if there are surviving hosts on this IP.

When we send a packet to a UDP interface that is closed on the host, if this interface returns an ICMP, it indicates that the target host is alive, and if there is no return, the target host does not exist.

  

#coding = Utf-8ImportOSImportSocket#target host, subject to availabilityHost ="192.168.1.1""#create the original socket, and then bind on the public interfaceifOs.name = ="NT": Socket_protocol=socket. Ipproto_ipElse: Socket_protocol=socket. Ipproto_icmpsniffer=Socket.socket (Socket.af_inet,socket. Sock_raw,socket_protocol) Sniffer.bind ((host,0) )#set the IP header to be included in the captured I packetSniffer.setsockopt (socket. Ipproto_ip,socket. ip_hdrincl,1)#on the WinDOS platform, the IOCTL needs to be set to enable promiscuous modeifOs.name = ="NT": Sniffer.ioctl (socket. Sio_rcvall,socket. RCVALL_ON)#reading a single packetPrint(Sniffer.recvfrom (65565))#then turn off promiscuous modeifOs.name = ="NT": Sniffer.ioctl (socket. Sio_rcvall,socket. Rcvall_off)

IOCTL (Input/Output control): a way to communicate with a component in user isolation mode that communicates with the component in kernel mode.

Promiscuous mode: Refers to a machine capable of receiving all traffic through it, regardless of whether the destination address is him or not. It is available to administrators for Network Diagnostics, where we take advantage of its features.

Develop a small sniffer tool from Python

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.