Question
Please solve part C that related to part b: b) Port Scanner Detector For the second part of the homework, you will build PSDetect, a
Please solve part C that related to part b:
b) Port Scanner Detector
For the second part of the homework, you will build PSDetect, a port scanner detector using Python-pcapy and Python-impacket or Python-scapy libraries. PSDetect will use the pcapy library to listen to incoming connections, and report the presence of a scanner if a single machine attempted to connect to 15 or more consecutive ports within a 5 second window. PSDetect should therefore be able to detect when PortScan is used. PSDetect should listen on all network interfaces, and should take no arguments. It should not produce any output until a scanner is detected. When a scanner is detected, it should print out the message:
Scanner detected. The scanner originated from host A.B.C.D.
Where A.B.C.D should be replaced with either the IP address or the hostname of the machine that attempted to connect to 15 or more consecutive ports within a 5 second window. PSDetect will use impacket library to get the IP header out of Ethernet frames returned via pcapy listening function.
c) Detector Bypassing
For the third part of the homework, you should bypass the detector you built in part b.
Hint: Run your script with root privileges within virtualbox environments.
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
Advances In Databases And Information Systems 22nd European Conference Adbis 2018 Budapest Hungary September 2 5 2018 Proceedings Lncs 11019
Authors: Andras Benczur ,Bernhard Thalheim ,Tomas Horvath
1st Edition
3319983970, 978-3319983974
