October 10th, 2011, 09:04 PM
python problem please help
I have no experience of python and got this assignment,unable to understand the objective ,don't know abt tcpdump but have found a tcpdump file but what to do?????can anyone help me please????
here is the task
create an ascii file of about 100 TCP (only) packets using tcpdump. The file will have one hundred lines, one for each packet, that looks like this:
17:52:10.583777 IP 188.8.131.52.2953 > 184.108.40.206.25: Flags [P.], seq 41:80, ack 241, win 65295, length 39
17:52:10.610460 IP 220.127.116.11.1929 > 18.104.22.168.25: Flags [.], ack 2355, win 64863, length 0
17:52:10.659837 IP 22.214.171.124.2679 > 126.96.36.199.25: Flags [P.], seq 92:98, ack 306, win 65230, length 6
17:52:10.671943 IP 188.8.131.52.2264 > 184.108.40.206.25: Flags [.], ack 1698, win 64285, length 0
17:52:10.687875 IP 220.127.116.11.2425 > 18.104.22.168.25: Flags [P.], seq 18:52, ack 202, win 65334, length 34
17:52:10.758886 IP 22.214.171.124.50215 > 126.96.36.199.25: Flags [.], seq 8839:10291, ack 474, win 64867, length 1452
17:52:10.766010 IP 188.8.131.52.4468 > 184.108.40.206.25: Flags [.], ack 1641181761, win 1460, length 0
Use the following command in to obtain such a file from your computer:
➢ tcpdump –i eth0 –n –c 100 ‘tcp’ > ascii_dump
Part 1: Write a Python program to accomplish the following:
1) Open the dump file and then split out each line for the src and dst IP addresses and ports
2) Create dictionary called ‘Pkts’. The keys of Pkts will be the unique IP addresses parsed from the dump. The element for each key will be a simple integer counter for the number of packets found to be associated with each IP address.
3) After parsing the full file, print out the keys and elements for the Pkts dictionary in a readable format
Part 2: Extend your program to do the following
1) Extend Pkts so that the elements are now lists instead of integers. Each list has two elements, the first is a packet counter, same as part 1. The second element is a list of unique ports associated with the respective IP address
2) Again print the dictionary Pkts in a readable format.
Tags for this Thread
Click Here to Expand Forum to Full Width