Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

More on LinuxToday


Linux Protects Your Servers with Scapy (part 1)

Nov 18, 2010, 18:34 (0 Talkback[s])
(Other stories by Paul Ferrill)

"The best server and network security tools come from Linux and FOSS. Paul Ferrill introduces Scapy, a powerful Python-based networking protocol analysis and testing tool.

"Guarding your private network from the perils of the Internet is no easy task. The basics are pretty much the same from a defensive standpoint no matter how you slice it. Firewalls of one type or another protect an internal network by using two separate Ethernet connections with a software proxy filtering the traffic between the two ports. Linux serves as a great platform for this role with tools like netfilter/iptables.

"On the offensive side, the techniques most often used involve either a packet monitoring tool such as Wireshark or a port scanning tool like nmap. Both of these tools have a wide following and should be familiar to any network administrator. Scapy is somewhat of a hybrid between the packet capture and analysis capabilities of Wireshark and nmap's packet generation features. Both of these were covered in a recent Linux Planet article. In this two-part article we'll look first at the basics of Scapy including how to get up and running, how to capture and display specific types of Ethernet traffic and how to create a few simple scripts using Python. In part two, we'll go more in depth to look at using Scapy to test your Web server for possible vulnerabilities, how to track down a rogue DNS server, and how to scan a wireless network for potential security holes."

Complete Story

Related Stories: