O'Reilly logo

Python Passive Network Mapping by Chet Hosmer

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 5

PCAP Extractor and OS Fingerprinting

Abstract

This chapter focuses on two key capabilities: 1) the ability to extract key data from pcap files to convert them into the .ipDict and .osDict format. 2) the development of an extensible method of Passive OS Fingerprinting based on a truth table, which is based on the core data stored in the osDict.

Keywords

P2NMAP-Capture
P2NMAP-Analyze
P2NMAP-PCAP-Extractor
PCAP
dpkt
truth table
TTL
TOS
DF
Window Size
SYN
IP
Port

“It is by doubting that we come to investigate, and by investigating that we recognize the truth.”

Peter Abelard

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required