Lab: Packet Sniffing

Stealing yer stuff

You're sitting in a coffee shop on the public wifi running a packet sniffer to capture all the network traffic. Once you have a bunch of packets stored, what can you get out of them?

Your Task

• Identify the number of machines on the coffee shop network by IP address.
• For each machine, find out the identity of the user, along with their activities:
  • Names, email addresses
  • Usernames, passwords (if any)
  • Websites visited, emails sent
  • Can you figure out occupations? Hobbies? Dark secrets?

But How?

Well, you could look at all 21000 or so packets. But that's what we want computers to do for us! Write functions that help you parse this big pile of data. The packets.py file has a packet class that loads from the data file (cyber_lab.pkl) so you have an array of packets to work with. Run and study the example to get an idea of how the data is organized. Then start figuring out how to glean out information.

• packets.py
• cyber_lab.pkl

A Starting Strategy

Write a function to list out all the unique IP addresses for computers on the coffee shop network. Use that information to split up the packets based on which computer they came from. Print all the packets for one computer into a file and start looking at them. Get an idea what's in there, then see what else you can do to capture information. Manually looking for things (find in a text editor) can be reasonable at a certain point. What exactly are you looking for?

What to Turn In

1. A report with the above information about the coffee shop users. Explain how you got that information.
2. One or more Python files with the functions you used.