Created
March 16, 2017 05:59
-
-
Save anonymous/a6016559efa40858d74e8dc61f3f00bb to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from scapy.all import * | |
| from collections import deque | |
| def print_attack_measure(pcap_file): | |
| plist = rdpcap(pcap_file) | |
| server_ip = "127.0.0.1" | |
| n = 300 | |
| d = deque(maxlen=n) | |
| # If you want source/destination IP addresses | |
| getsrcdst = lambda x:(x.src,x.dst) | |
| # If you want MAC addresses | |
| getmacs = lambda x:(x.addr1, x.addr2, x.addr3) | |
| def filterpackets(ip): | |
| for p in plist: | |
| try: | |
| c = getsrcdst(p) | |
| if(ip in c[0]): | |
| # server IP is source IP of packet | |
| yield -1 | |
| if(ip in c[1]): | |
| # server IP is destination IP of packet | |
| yield 1 | |
| except AttributeError: | |
| pass | |
| print("This prints a measure of packets received to packets sent, using a moving average of %d packets."%(n)) | |
| print("0 indicates a perfect balance of sent-received.") | |
| print("+1 indicates all packets are sent to the server.") | |
| print("-1 indicates all packets are sent by the server.") | |
| print("A larger positive number indicates an unresponsive server.") | |
| count = 0 | |
| for pack in filterpackets(server_ip): | |
| d.append(pack) | |
| count += 1 | |
| if(count>n): | |
| print("%0.4f"%(sum(d)/(1.0*n))) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment