The Python package "scapy" is a wonderful teaching and research tool. It provides a simple interactive environment you can use to build network packets in, and you can use it in scripts as well to make simple scanners, attack tools, Intrusion Detection Systems, etc.
It's really good for students to craft packets directly, so they understand how IP, ICMP, TCP, and UDP really work at a low level.
For example, here is "yesman"--a script that answers every SYN with a SYN/ACK.
When an attacker runs a port scan on a network protected by yesman, every port on every machine appears to be open, making the scan slow and useless.
I have assigned my students a series of projects learning scapy, and here they are so you can use them too:
Intro to scapy
TCP Handshake with scapy
IPv6 with scapy
Router Advertisements with scapy
Slow Loris Attack with scapy
yesman--Scanner Honeypot with scapy
As always, everyone is free to use these materials for teaching, research, or any other legal purpose. If you break the law, you may get into trouble, and I won't be able to save you.
So where do I go to take classes or teach classes about scapy?! That's awesome :)
ReplyDeleteJust in case, there is a netcat using scapy:
ReplyDeletehttp://code.google.com/p/scapync/
awesome thx!
ReplyDelete