Assignment #2 - Exploring Network Protocols with Scapy and Wireshark

Objectives

  • Gain hands-on experience with Scapy for crafting and sending packets.
  • Use Wireshark to capture and analyze network traffic generated by Scapy.
  • Understand the structure and function of various network protocols, focusing on sniffing and spoofing techniques.

Tools Required

  • Scapy: Ensure Scapy is installed on your system. Install using pipx install scapy if not already installed.
  • Wireshark: Must be installed on your machine. Run using sudo -E wireshark.

Instructions

  1. Setup Wireshark for Packet Capture:
    • Open Wireshark with administrator privileges by executing sudo -E wireshark in the terminal.
    • Select ‘Capture’ then ‘Options’, and choose to capture on ‘any’ interface to monitor all network traffic.
    • Start the capture before you begin the exercises with Scapy.
  2. Scapy Interactive Tutorial:
    • Follow the Scapy interactive tutorial available at Scapy Tutorial.
    • Focus on sections involving sending and receiving packets, crafting ARP requests, manipulating TCP sessions, and specifically, packet sniffing and spoofing.
  3. Key Commands and Activities:
    • Execute at least 5 different commands from the tutorial involving packet sniffing and spoofing.
    • For each command:
      • Provide a detailed description and purpose of the command.
      • Include the command output from Scapy and the corresponding packet capture in Wireshark.
      • Analyze the packet details as displayed in Wireshark, focusing on how the packets are constructed and transmitted.
  4. Assignment Tasks:
    • Document the process and findings for each command executed.
    • Capture the pcap files for each session where you have crafted and sniffed packets.
    • Analyze and discuss any notable packet details or anomalies observed during the exercises.
  5. Documentation and Submission:
    • Prepare a comprehensive report including descriptions, screenshots from Scapy and Wireshark, and your analysis.
    • Include the pcap files as part of your submission to demonstrate the packet flows captured during your exercises.
    • Submit your report and pcap files in a zip archive through the course’s online portal.

Evaluation Criteria

  • Accuracy and depth of command execution and packet analysis.
  • Clarity, organization, and completeness of the final report and pcap files.
  • Ability to identify and explain packet characteristics and potential security implications.

Make sure to utilize your session in Wireshark to validate and observe the effects of your Scapy scripts, enhancing your understanding of network protocols and cybersecurity practices.