Hi, and welcome to the fourth network application of this course. I really hope you enjoyed this training up to this point, and I'm going to make sure you also enjoy the rest of it. So in this section we are going to change things a bit, mainly the operating system used to run and test the application. We are going to use Ubuntu Linux instead of Windows 10 to build our basic packet sniffer. Why? Well, that's because windows may behave in unexpected ways when using one of the network interfaces to sniff and analyze traffic in the network.
Configuring various network interface card settings in Windows will most probably give you headaches when counting when manufacturers drivers driver versions as opposed to Linux, where you have way more control over the way network interfaces are handled. In the next lecture we are going to download and install a boon to Linux version 18 dot 04 LTS in VirtualBox. So we're going to create A new virtual machine that will be connected to the same subnet as our windows loopback adapter and the Arista switches. But more on that, as I said in the following video. For now, let's focus on the functionality of our network application and the steps we need to take in order to end up with a working Python application. So, first of all, as always, we will start writing our application code by importing the necessary modules.
Apart from a couple of Python built in modules, we will also use this Cappy module which is entirely dedicated to capturing handling and analyzing network traffic. So SCAP II will be the centerpiece of our application, the engine that makes everything run according to our plan and goals. Next, we are going to ask the user to input the interface on which we want the network traffic to be sniffed and captured the number of packets to sniff the time interval in which to run the sniffer. For instance, you may want to capture the traffic in the next 30 seconds. And finally, the protocol that the sniffer should consider for sniffing. Maybe you want only boothby or ICMP packets to be captured and filtered.
Last but not least, we want our application to log the information about the packets it captures to a text file. Therefore, we should also ask the user to enter the name of the file of that file, so the application will know where to write and save the data. Next, we will define a function that takes care of filtering the packets based on the protocol that the user chose, and then proceeds to writing the data to the log file. This data actually contains the timestamp, the protocol, the source, MAC address, and destination MAC address of each packet as basic pieces of data about the packet. Of course, additional parameters can be added to each log record, but we will stick with a couple of basic values in order to test the application and keep the log file size decent. Finally, the last thing to do is start the actual sniffing process by also passing the values that the user entered at the prompt as arguments to the sniff function from within Skippy.
Having that said, I will see you in the next lecture, where we are going to configure our network environment for this section. See you there.