PACKET SNIFFING USING PYTHON IN KALI LINUX

Student name
Guide name
ABSTRACT
This project is intended to develop a tool called Packet Sniffer. The Packet Sniffer allows the
computer to examine and analyze all the traffic passing by its network connection. When it is set
up on a computer, A packet sniffer in "promiscuous mode" allows IT professionals, end users or
malicious intruders to examine any packet, regardless of destination. Packet Sniffer is a tool that
sniff's without modifying the network's packet in anyway. It merely makes a copy of each packet
flowing through the network interface and finds the source and destination Ethernet addresses of
the packets. It decodes the protocols in the packets given IP (Internet Protocol). TCP
(Transmission Control Protocol), UDP (User Datagram Protocol). The output is appended into
normal text file, so that the network administrator can understand the network traffic and later
analyze it.

KEYWORDS

INTRODUCTION content.
A Packet Sniffer is a program that can see
all of the information passing over the LITERATURE REVIEW
network it is connected to. A Packet Sniffer
AUTHOR: Annu Ailawadhi, Dr. Anju
is a Wire-tapping device that plugs into
Bhandari, 2017
computer Networks and eavesdrop on the
network traffic. Approach to Detect Packets Using Packet
To capture the information going over the Sniffing. An administrator can pick out all
network is called sniffing. It is a "sniffing" types of packets and use the records to
program that lets someone listen in on pinpoint bottlenecks. Help to hold efficient
computer conversations. community facts transmission. Industrial
A packet sniffer (also known as a network packet sniffer has constructive aspect seeing
analyzer or protocol analyzer or. for that it is utilized in keeping network.
particular types of networks, an ethernet Whereas underground packet sniffer has bad
sniffer or wireless sniffer) is computer part due to the fact it is commonly utilized
software that can intercept and log traffic by attackers.
passing over a digital network or part of al
AUTHOR: P. Anu, Dr. S. Vimala, 2017
network. As data streams flow across the
network, the sniffer captures each packet Sniffing attacks on computer networks.
and eventually decodes and analyzes its Using the tool Gobbler, DHCP starvation
attack can be checked. Security measures DISADVTAGES EXISTING SYSTEM
are costly so it can’t be possible for small
It would be easier if we use the Scapy tool
scale organization.
which is used for manipulation and
monitoring of packets.
AUTHOR: Anubhi Kulshrestha, Sanjay Whereas other tools also works good but
Kumar Dubey, 2014 easier tools give the data formattability
easily.
Sniffing attacks in computer networks. It
Also it just records the data on a particular
reduces the threat on confidentiality as it
distinguished network.
stops the disclosure of data from attackers
The data isn’t organized for the factors
through modifying the databases. It consists
needed.
of different layer which provide various
The System works on a stored values which
threats in web application which leads to
the process makes slow and also the data
large number of attack.
will be not an updated one.

AUTHOR: Vishal Mishra1, Nidhi Verma, PROPOSED SYSTEM

2014
The Scapy is an interesting a tool which is
Security against Password Sniffing using used for organizing the data and also used
Database Triggers. The main advantage of for monitoring the data packets transferred
the model is using of the triggers to change throught the internet which the device is
the database before retrieval of the values. connected.
Can record any data transmitted and send it The System Monitors the data packets which
to a command and control (C&C) server for are Transferring inthe Network Traffic.
further analysis. The Network Traffic is analysed and
Segregates the packets.
EXISTING SYSTEM And the packets also gets further formatted
with the predefined parameters.
Existing system is used to capture only the
The systems also pull the HTTP requests
TCP/IP Packets and Analysed the data
and response from the selected interface.
inside the packet.
Which its used for tracking the packets of
The data traced and captured is limited and
source and destination.
minimal.
Trying to pullout the requests from HTTPS
This System worked on the Pekanburu
also.
Vocational Schools, where it analyzed the
topologies of the data packets are trasferred.
It stores the data in a .pcap file, where the ADVANTAGES OF PROPOSED
data is further monitored from the saved file. SYSTEM
And also the saved data is further monitored
We can detect the requests of the HTTP
with the larger tools like Wireshark e.t.c.,
responses.
It also can provide the estimated Username ORACLE BOX ( Virtual Machine )
and password captured inside the system. Operating System - KALI LINUX
Faster and Easier process. Language used - PYTHON
We can select the preferable Interface to IDE - PYCHARM
discover the Packets in the Network traffic.
Live data packets are sniffed and the data
Network Traffic Analysis
which is monitored gives the instant analysis
of the sniffing. A packet is a small amount of data sent over
a network, such as a LAN or the Internet.
Similar to a real-life package, each packet
SYSTEM ARCHITECTURE
includes a source and destination as well as
the content (or data) being transferred.
In networking, a packet is a small segment
of a larger message. Data sent over
computer networks*, such as the Internet, is
divided into packets. These packets are then
recombined by the computer or device that
receives them.
Packet switching makes nearly full use of
almost all available communication lines
and capacity. The Internet uses packet-
switched networks and the TCP/IP
communications protocol to send, route, and
assemble messages.
In the Internet Protocol (IP) there is a packet
named Internet Packet Protocol (IP Packet).

SYSTEM REQUIREMENTS
HARDWARE REQUIREMENTS:
 
System - Windows 10+ or Above
Speed - 2.4GHZ
Hard disk - 100GB
RAM - 12GB above
Processor - Intel I5 or Above
 
SOFTWARE REQUIREMENTS:
Inside of IP PACKET
Machine - VMWARE or
Network Traffic Analysis CONCLUSION
In Internet Protocol we have 3 types of
packets:
REFERENCES
 TCP/IP - Transmission Control
[1] K. Friess, "Multichannel-Sniffing-
protocol
System for Real-World Analysing of Wi-Fi-
 UDP/IP - User Datagram Protocol
Packets," 2018 Tenth International
 ICMP - Internet Control Message
Conference on Ubiquitous and Future
Protocol
Networks (ICUFN), 2018, pp. 358-364, doi:
TCP/IP - The transmission control protocol 10.1109/ICUFN.2018.8436715.
(TCP) is the internet standard ensuring the [2] M. A. Qadeer, A. Iqbal, M. Zahid and
successful exchange of data packets between M. R. Siddiqui, "Network Traffic Analysis
devices over a network. and Intrusion Detection Using Packet
Sniffer," 2010 Second International
UDP/IP - User Datagram Protocol (UDP) is
Conference on Communication Software
a Transport Layer protocol. UDP is a part of
and Networks, 2010, pp. 313-317, doi:
the Internet Protocol suite, referred to as
10.1109/ICCSN.2010.104..
UDP/IP suite. Unlike TCP, it is an
[3] D. Álvarez Robles, P. Nuño, F.
unreliable and connectionless protocol. So,
González Bulnes and J. C. Granda Candás,
there is no need to establish a connection
"Performance Analysis of Packet Sniffing
prior to data transfer.
Techniques Applied to Network
ICMP - ICMP packets are IP packets with Monitoring," in IEEE Latin America
ICMP in the IP data portion. Transactions, vol. 19, no. 3, pp. 490-499,
March 2021, doi:
10.1109/TLA.2021.9447699..
Packets and It’s Structures
[4] A. Siswanto, A. Syukur, E. A. Kadir and
Suratin, "Network Traffic Monitoring and
Analysis Using Packet Sniffer," 2019
International Conference on Advanced
Communication Technologies and
Networking (CommNet), 2019, pp. 1-4, doi:
10.1109/COMMNET.2019.8742369.
[5] S. Ansari, S. G. Rajeev and H. S.
Chandrashekar, "Packet sniffing: a brief
introduction," in IEEE Potentials, vol. 21,
no. 5, pp. 17-19, Dec. 2002-Jan. 2003, doi:
10.1109/MP.2002.1166620.
[6] J. Yang, Y. Zhang, R. King and T.
Tolbert, "Sniffing and Chaffing Network
Traffic in Stepping-Stone Intrusion
Detection," 2018 32nd International
Conference on Advanced Information
Networking and Applications Workshops
(WAINA), 2018, pp. 515-520, doi:
10.1109/WAINA.2018.00137.5.