pcaps and scapy....

[mailinglistmatt at gmail.com (Matt Erasmus)]

Good morning all

So I've been messing around with the latest forensic challenges from

    http://forensicscontest.com/
and
    http://honeynet.org/challenges

and some of the questions / requirements need a brief summary of
packets and the like.
So I wrote (read badly hacked) together some code with scapy to get
the job done.
Please feel free to download/laugh at/tear apart said code from:

   http://www.zonbi.org/pcap_analysis_v1.tar.gz

The general idea is that it's a small set of code that you can use to
display summaries (port,packet,ip address)
for a specified pcap file....

General usage is ./script.py example.pcap

Hope some one out there finds it useful / humorous...

-- 
Matt Erasmus

/* @z0nbi / http://www.zonbi.org */