Linux Protects Your Servers with Scapy (part 1) - page 2
One of the key features of Scapy is the language it's written in, namely Python. With Python under the covers you can write scripts to automate any of the testing and analysis you want to accomplish. Once you install Scapy you have direct access to all features from the Python prompt. Scapy has its own interactive capability which is what you'll see if you simply type scapy in a terminal window. If you examine the /usr/local/bin/scapy file, you'll see a bunch of comment lines and two actual Python commands:
from scapy.main import interact
The power of Python simplifies the process of building scripts to send specific requests and then to format the return information into human-readable output. To interpret the output of the earlier ICMP request takes a single line of Python code as in:
>>> ans.summary( lambda(s,r) : r.sprintf("%IP.src% is alive"))
Other handy lambda functions include the following used with the sniff command:
>>> sniff(iface="eth1", prn=lambda x: x.show())
If you run this command in a terminal window, you'll see a verbose listing of all the traffic on eth1 until you stop it with the control-D key.
Scapy is a powerful tool especially for anyone with a little Python experience. It's relatively simple to build a quick utility program to capture traffic of interest. In the next installment we'll look at using Scapy in more of a forensic mode to proactively protect your network.
Solid state disks (SSDs) made a splash in consumer technology, and now the technology has its eyes on the enterprise storage market. Download this eBook to see what SSDs can do for your infrastructure and review the pros and cons of this potentially game-changing storage technology.
- 1Linux Top 3: CoreOS, Oracle Enterprise Linux 7 and Ubuntu 14.10
- 2Linux Top 3: Debian Dumps SPARC, Ubuntu Takes Over Linux 3.13 and the Core Infrastructure Initiative
- 3Linux Top 3: Fedora, Ubuntu and Gluster Lose Community Leaders
- 4Red Hat Enterprise Linux 7 Finally Hits the Big Time
- 5Linux Top 3: Tails 1.0, OpenMandriva Lx 2014.0 and Debian 7.5