SATHYABAMA

INSTITUTE OF SCIENCE AND TECHNOLOGY C.S.E / I.T

Deemed to be University 2018-2022
2016-2020
Declared as category ‘A’ University by MHRD, Govt. of India
Jeppiaar Nagar, Rajiv Gandhi Salai, Chennai – 600 119, Tamil Nadu. India.

PACKET SNIFFING USING PYTHON IN

KALI LINUX

TEAM MEMBERS:
1.SAHUKARA SAMPATH - 38110478
2.SUBHASH REDDY G - 38110156

PROJECT GUIDE: Dr.Damodaran Sir., Ph.D.,

 Presentation Outline
• Introduction
• Literature Review
• Existing System
• Proposed System
• Objectives
• System Architecture
• References
 Introduction

 A Packet Sniffer is a program that can see all of the information passing over
the network it is connected to. A Packet Sniffer is a Wire-tapping device that
plugs into computer Networks and eavesdrop on the network traffic.
 To capture the information going over the network is called sniffing. It is a
"sniffing" program that lets someone listen in on computer conversations.
 A packet sniffer (also known as a network analyzer or protocol analyzer or.
for particular types of networks, an ethernet sniffer or wireless sniffer) is
computer software that can intercept and log traffic passing over a digital
network or part of al network. As data streams flow across the network, the
sniffer captures each packet and eventually decodes and analyzes its
content.
 Network Traffic Analysis

• A packet is a small amount of data sent over a network, such as a LAN or the
Internet. Similar to a real-life package, each packet includes a source and destination
as well as the content (or data) being transferred.
• In networking, a packet is a small segment of a larger message. Data sent over
computer networks*, such as the Internet, is divided into packets. These packets are
then recombined by the computer or device that receives them.
• Packet switching makes nearly full use of almost all available communication lines
and capacity. The Internet uses packet-switched networks and the TCP/IP
communications protocol to send, route, and assemble messages.
• In the Internet Protocol (IP) there is a packet named Internet Packet Protocol (IP
Packet).
Network Traffic Analysis

Inside of IP PACKET
 Network Traffic Analysis

• In Internet Protocol we have 3 types of packets :

 TCP/IP - Transmission Control protocol
 UDP/IP - User Datagram Protocol
 ICMP - Internet Control Message Protocol
• TCP/IP - The transmission control protocol (TCP) is the internet standard ensuring the
successful exchange of data packets between devices over a network.
• UDP/IP - User Datagram Protocol (UDP) is a Transport Layer protocol. UDP is a part of the
Internet Protocol suite, referred to as UDP/IP suite. Unlike TCP, it is an unreliable and
connectionless protocol. So, there is no need to establish a connection prior to data
transfer.
• ICMP - ICMP packets are IP packets with ICMP in the IP data portion.
 Packets and It’s Structures

TCP/IP Packet Structure UDP/IP Packet Sturcture

 Literature Review
YEAR OF
AUTHOR DESCRIPTIONS PROS CONS
PUBLICATION
Annu 2017 Approach to 1. An 1. Industrial
Ailawadhi, Detect Packets administrator packet sniffer
Dr. Anju Using Packet can pick out All has
Bhandari Sniffing. types of constructive
packets and aspect seeing
use the that it is utilized
records to in keeping
pinpoint network.
bottlenecks. 2. Whereas
2. Help tohold underground
efficient packet sniffer
community has bad part
facts due to the fact
transmission. it is commonly
utilized by
attackers.
 Literature Review
YEAR OF
AUTHOR DESCRIPTIONS PROS CONS
PUBLICATION
P. Anu, 2017 sniffing attacks on Using the tool security
Dr. S. Vimala computer Gobbler, DHCP measures are
networks starvation attack costly so it can’t
can be checked. be possible for
small scale
organization.

Anubhi 2014 Sniffing attacks in It reduces the It consists of

Kulshrestha, computer threat on different layer
Sanjay networks confidentiality which provide
Kumar Dubey as it stops the various threats
disclosure of in web
data from application
attackers which leads to
through large number of
modifying the attack.
databases.
 Literature Review
YEAR OF
AUTHOR PUBLICATIO DESCRIPTIONS PROS CONS
N
Vishal Mishra1, 2014 Security against  The main Can record any
Nidhi Verma Password Sniffing advantage of data transmitted
using Database the model is and send it to a
Triggers using of the command and
triggers to control (C&C)
change the server for
database further analysis.
before
retrieval of the
values.
 EXISTING SYSTEM

•Existing system is used to capture only the TCP/IP Packets and

Analysed the data inside the packet.
•The data traced and captured is limited and minimal.
• This System worked on the Pekanburu Vocational Schools,
where it analyzed the topologies of the data packets are
trasferred.
•It stores the data in a .pcap file, where the data is further
monitored from the saved file.
•And also the saved data is further monitored with the larger
tools like Wireshark e.t.c.,
 DISADVTAGES EXISTING SYSTEM

• It would be easier if we use the Scapy tool which is used for

manipulation and monitoring of packets.
• Where as other tools also works good but easier tools give the
data formattability easily.
• Also it just records the data on a particular distinguished
network.
• The data isn’t organized for the factors needed.
• The System works on a stored values which the process
makes slow and also the data will be not an updated one.
 PROPOSED SYSTEM

• The Scapy is an interesting a tool which is used for organizing the

data and also used for monitoring the data packets transferred
throught the internet which the device is connected.
• The System Monitors the data packets which are Transferring
inthe Network Traffic.
• The Network Traffic is analysed and Seggregates the packets.
• And the packets also gets further formatted with the predefined
parameters.
• The systems also pull the HTTP requests and respones from the
selected interface.
• Which its used for tracking the packets of source and destination.
• Trying to pullout the requests from HTTPS also.
 ADVANTAGES OF PROPOSED SYSTEM

• We can detect the requests of the HTTP responses.

• It also can provide the estimated Username and password

captured inside the system.
• Faster and Easier process.
• We can select the preferrable Interface to discover the
Packets in the Network traffic.
• Live data packets are sniffed and the data which is monitored
gives the instant analysis of the sniffing.
 Objectives
 This project is intended to develop a tool called Packet Sniffer.
 The Packet Sniffer allows the computer to examine and analyze all the
traffic passing by its network connection.
 When it is set up on a computer, A packet sniffer in "promiscuous mode"
allows IT professionals, end users or malicious intruders to examine any
packet, regardless of destination. Packet Sniffer is a tool that sniff's
without modifying the network's packet in anyway. It merely makes a copy
of each packet flowing through the network interface and finds the source
and destination Ethernet addresses of the packets.
 It decodes the protocols in the packets given IP (Internet Protocol). TCP
(Transmission Control Protocol), UDP (User Datagram Protocol).
 The output is appended into normal text file, so that the network
administrator can understand the network traffic and later analyze it.
 System Architecture
Packets Packets
NETWORK
CLIENT SERVER
TAPPING

Requests

Packets Sniifing
HTTP Response
requirement

ORGANIZE THE
PACKETS DATA WITH
NETWORK SNIFFER
PREDEFINED
PARAMETERS

Analyze Traffic
Type
 SYSTEM REQUIREMENTS

• HARDWARE REQUIREMENTS:
•  
• System - Windows 10+ or Above
• Speed - 2.4GHZ
• Hard disk - 100GB
• RAM - 12GB above
• Processor - Intel I5 or Above
•  
• SOFTWARE REQUIREMENTS:
•
• Machine - VMWARE or ORACLE BOX ( Virtual Machine )
• Operating System - KALI LINUX
• Language used - PYTHON
• IDE - PYCHARM
 References

• [1] K. Friess, "Multichannel-Sniffing-System for Real-World Analysing of Wi-Fi-Packets," 2018

Tenth International Conference on Ubiquitous and Future Networks (ICUFN), 2018, pp. 358-364,
doi: 10.1109/ICUFN.2018.8436715.
• [2] M. A. Qadeer, A. Iqbal, M. Zahid and M. R. Siddiqui, "Network Traffic Analysis and Intrusion
Detection Using Packet Sniffer," 2010 Second International Conference on Communication
Software and Networks, 2010, pp. 313-317, doi: 10.1109/ICCSN.2010.104..
• [3] D. Álvarez Robles, P. Nuño, F. González Bulnes and J. C. Granda Candás, "Performance
Analysis of Packet Sniffing Techniques Applied to Network Monitoring," in IEEE Latin America
Transactions, vol. 19, no. 3, pp. 490-499, March 2021, doi: 10.1109/TLA.2021.9447699..
• [4] A. Siswanto, A. Syukur, E. A. Kadir and Suratin, "Network Traffic Monitoring and Analysis
Using Packet Sniffer," 2019 International Conference on Advanced Communication Technologies
and Networking (CommNet), 2019, pp. 1-4, doi: 10.1109/COMMNET.2019.8742369.
• [5] S. Ansari, S. G. Rajeev and H. S. Chandrashekar, "Packet sniffing: a brief introduction," in IEEE
Potentials, vol. 21, no. 5, pp. 17-19, Dec. 2002-Jan. 2003, doi: 10.1109/MP.2002.1166620.
• [6] J. Yang, Y. Zhang, R. King and T. Tolbert, "Sniffing and Chaffing Network Traffic in Stepping-
Stone Intrusion Detection," 2018 32nd International Conference on Advanced Information
Networking and Applications Workshops (WAINA), 2018, pp. 515-520, doi:
10.1109/WAINA.2018.00137.5.
 SATHYABAMA
INSTITUTE OF SCIENCE AND TECHNOLOGY C.S.E / I.T
Deemed to be University 2018-2022
2016-2020
Declared as category ‘A’ University by MHRD, Govt. of India
Jeppiaar Nagar, Rajiv Gandhi Salai, Chennai – 600 119, Tamil Nadu. India.

THANK YOU