Abstract
Many of today’s cyberattacks heavily rely on screening addresses over the World Wide Web to find susceptible hardware and software. By keeping track of this scanning activity, you may assess the present situation with regard to several vulnerabilities and their exploitation. Studies examining scanning activity to this point have relied on uninvited traffic obtained from darknets and have concentrated on random screens of the address space. We suggest a method for identifying network scanning threats from both inside and outside the network. Our approach operates on the presumption that every legitimate connection between two computers must typically be accompanied by a DNS resolution; hence, any transfer that is not followed by a DNS inquiry is considered to be an inspection, unless it is permitted by the network’s security protocol. Effective port inspection and sniffing of packet technologies are a must for ensuring strong security. Wiremap, a Python-based port monitoring and packet sniffing programme that makes use of the Scapy library, is introduced in this study. Network administrators, security experts, and penetration testers may evaluate the security posture of their networks using Wiremap’s complete solution. Wiremap’s main goal is to give users a simple, effective tool that lets them scan a target IP address to look for accessible ports and record network data for study. The application takes advantage of the Scapy library’s robust sniffing and packet-dissection capabilities, giving users insights into transmission patterns and possible weaknesses in their networks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Kumar V, Sangwan OP (2012) Signature based intrusion detection system using Snort. Int J Comput Appl Inf Technol I(III):35–41
Implementing an intrusion detection and prevention system using software-defined networking: defending against port-scanning and denial-of-service attacks
Beale J (2007) Snort: IDS and IPS Toolkit. Available from: http://ebookee.org/Snort-IDS-and-IPS-ToolkitJay-Beale-s-Open-Source-Security-Repost-_412527.html
Spitzner L. Honeytokens: The Other Honeypot. www.trackinghackers.com
Sasi G, Thanapal P, Balaji V, Babu GV, Elamaran V (2020) A handy approach for teaching and learning computer networks using Wireshark. In: 2020 fourth international conference on inventive systems and control (ICISC). IEEE, pp 456–461. https://doi.org/10.1109/icisc47916.2020.9171197
Tanner NH (2019) Wireshark 24. Wahid A, Firdaus ME, Parenreng JM (2021) The implementation of Wireshark and IPtables firewall collaboration to improve traffic security on network systems. Internet Things Artif Intell J 1(4):249–264
https://www.atlantis-press.com/proceedings/iciitb-22/125984173
Anderson JP (1980) Computer security threat monitoring and surveillance. Technical Report, James P. Anderson Company, Fort Washington, Pennsylvania
Martin Roesch (2009) Snort User Manual 2.8.5
Tcpreplay Pcap editing & replay tools for *NIX (2010). Available from: http://tcpreplay.synfin.net/wiki/manual#a3.xOnlineManual
Kumar V, Pathak V, Sangwan OP (2012) Evaluation of buffer overflow and NIDPS. Int J Comput Sci Emerg Trends (IJCSET)
Kreutz D, Ramos FMV, Veríssimo PE, Rothenberg CE, Azodolmolky S, Uhlig S (2015) Software-defined networking: a comprehensive survey. Proc IEEE 103(1):14–76. https://doi.org/10.1109/JPROC.6852014.2371999
NMAP. The network mapper—a free and open-source utility for network discovery. https://nmap.org/. Accessed 20 Feb 2019
Hammer. Denial of Service Python Script. https://github.com/cyweb/hammer. Accessed 20 Feb 2019
LOIC. Low orbit ion cannon—denial of service script. https://github.com/NewEraCracker/LOIC/releases. Accessed 20 Feb 2019
AppNeta, Tcpreplay. https://github.com/appneta/tcpreplay. Accessed 20 Feb 2019. 695; Smiler S et al (2015) OpenFlow cookbook, Packt Publ; Tcpreplay. http://tcpreplay.appneta.com/wiki/captures.html. Accessed 20 Feb 2019
Siswanto A, Syukur A, Kadir EA et al (2019) Network traffic monitoring and analysis using packet sniffer. In: 2019 international conference on advanced communication technologies and networking (CommNet). IEEE, pp 1–4. https://doi.org/10.1109/commnet.2019.8742369. Gibson S. Gibson Research Corporation. https://www.grc.com/port_139.htm
https://engineering.purdue.edu/kak/compsec/NewLectures/Lecture23.pdf
https://www.academia.edu/4752254/A_review_of_port_scanning_techniques
https://github.com/AmishaSharma12002/Wiremap; https://github.com/haritimaatri/wiremap
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Atri, H., Sharma, A., Mehrotra, T., Saxena, S. (2024). Optimization of Network Mapping for Screening and Intrusion Sensing Devices. In: Chaturvedi, A., Hasan, S.U., Roy, B.K., Tsaban, B. (eds) Cryptology and Network Security with Machine Learning. ICCNSML 2023. Lecture Notes in Networks and Systems, vol 918. Springer, Singapore. https://doi.org/10.1007/978-981-97-0641-9_1
Download citation
DOI: https://doi.org/10.1007/978-981-97-0641-9_1
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-97-0640-2
Online ISBN: 978-981-97-0641-9
eBook Packages: EngineeringEngineering (R0)