A

Project Report on
DEVELOPMENT AND APPLICATION OF A NETWORK PACKET
SNIFFER
Submitted for partial fulfilment of the requirements for the award of the degree of
BACHELOR OF TECHNOLOGY IN
COMPUTER SCIENCE AND ENGINEERING
By
K. Akshaya -22K81A0598

Under the Guidance of

Mrs. K. Kalpana

Assistant Professor

DEPARTMENT OF
COMPUTER SCIENCE AND ENGINEERING
St. MARTIN'S ENGINEERING COLLEGE
UGC Autonomous
Affiliated to JNTUH, Approved by AICTE

Dhulapally, Secunderabad-500 100

www.smec.ac.in

DECEMBER - 2024
 St. MARTIN'S ENGINEERING COLLEGE
UGC Autonomous
Accredited by NBA & NAAC A+
Dhulapally, Secunderabad-500 100
www.smec.ac.in

CERTIFICATE
This is to certify that the project entitled “Development and Application of a Network
Packet Sniffer” is being submitted by K. Akshaya (22K81A0598) in fulfilment of the
requirement for the award of degree of BACHELOR OF TECHNOLOGY IN
COMPUTER SCIENCE AND ENGINEERING is recorded of bonafide work
carried out by them. The result embodied in this report have been verified and
found satisfactory.

Project Internal Examiner Signature of HOD

Mrs. K. Kalpana Dr. R. Santhosh kumar
Assistant Professor Professor and Head of Department
Department of CSE Department of CSE

Place:

Date:
 St. MARTIN'S ENGINEERING COLLEGE
UGC Autonomous
Accredited by NBA & NAAC A+
Dhulapally, Secunderabad-500100
www.smec.ac.in
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

DECLARATION

We, the students of “Bachelor of Technology in Department of Computer Science

and Engineering”, session: 2022 - 2026, St. Martin’s Engineering College,
Dhulapally, Kompally, Secunderabad, hereby declare that the work presented in this
project work entitled DEVELOPMENT AND APPLICATION OF A NETWORK
PACKET SNIFFER is the outcome of our own bonafide work and is correct to the
best of our knowledge and this work has been undertaken taking care of Engineering
Ethics. This result embodied in this project report has not been submitted in any
university for award of any degree.

K. Akshaya -22K81A0598
 ACKNOWLEDGMENT

The satisfaction and euphoria that accompanies the successful completion of any task would
be incomplete without the mention of the people who made it possible and whose
encouragement and guidance have crowded our efforts with success.
First and foremost, we would like to express our deep sense of gratitude and indebtedness to
our College Management for their kind support and permission to use the facilities available
in the Institute.
We especially would like to express our deep sense of gratitude and indebtedness to
Dr. P. SANTOSH KUMAR PATRA, Group Director, St. Martin’s Engineering College
Dhulapally, for permitting us to undertake this project.
We wish to record our profound gratitude to Dr. M. SREENIVAS RAO, Principal, St.
Martin’s Engineering College, for his motivation and encouragement.
We are also thankful to Dr. R. SANTHOSH KUMAR, Head of the Department,
C o m p u t e r s c i e n c e a n d e n g i n e e r i n g , St. Martin’s Engineering College,
Dhulapally, Secunderabad, for his support and guidance throughout our project.
We would like to express our sincere gratitude and indebtedness to our projectsupervisor
Mrs. K. Kalpana Assistant Professor, Department of Computer Science and Engineering,
St. Martins Engineering College, Dhulapally, for his/her support and guidance throughout
our project.
Finally, we express thanks to all those who have helped us successfully completing this
project. Furthermore, we would like to thank our family and friends for their moral support
and encouragement. We express thanks to all those who have helped us in successfully
completing the project.

K. Akshaya -22K81A0598
 CONTENTS

ABSTRACT i

CHAPTER 1- INTRODUCTION 1

CHAPTER 2-LITERATURE SURVEY 2

CHAPTER 3-SYSTEM ANALYSIS 3

3.1 Existing System 3

3.2 Proposed System 3

CHAPTER 4- SYSTEM IMPLEMENTATION 4

CHAPTER 5-OUTPUT SCREENS 10

CHAPTER 6-SYSTEM REQUIREMENT 11

6.1 Hardware Requirement 11

6.2 Software Requirement 11

CHAPTER 7-CONCLUSION 12

CHAPTER 8-FUTURE ENHANCEMENT 13

CHAPTER 9-REFERENCES 14
 ABSTRACT
The Packet Sniffer project involves the development of a network monitoring tool designed to capture
and analyze data packets transmitted over a network. This tool intercepts network traffic to inspect data
packets in real-time, providing insights into the structure, protocol, and source/destination of each
packet. By monitoring and logging packet-level data, the sniffer can identify network vulnerabilities,
track unusual activity, and diagnose performance issues. It serves as a crucial resource for understanding
network traffic, improving system security, and optimizing network performance.

I
 LIST OF FIGURES

5.1 Packet Sniffer initializaiton 10

5.2 Packet Sniffer 10

ii
 1. INTRODUCTION

A packet sniffer is a tool that captures and analyzes data packets transmitted over a network. It provides
valuable insights into network traffic by displaying details such as IP addresses, protocols, and port numbers,
helping identify network issues, performance bottlenecks, and security vulnerabilities. This tool is widely
used by network administrators, cybersecurity professionals, and developers to monitor, troubleshoot, and
optimize network performance. By intercepting and decoding network packets, a packet sniffer can also
detect unauthorized access or malicious activities, making it a critical component in ensuring network
security and efficiency.

1
 2. LITERATURE SURVEY

The development of packet sniffers and network monitoring tools has gained significant importance in the
field of network security, data analysis, and performance optimization. A packet sniffer is a software or
hardware tool designed to capture, monitor, and analyze the data packets traversing a network. Over the
years, the evolution of networking technologies and internet infrastructure has led to an increasing demand
for tools that can help administrators and security professionals keep track of network traffic and monitor
data flow in real time.

In the realm of network security, packet sniffers have been instrumental in detecting vulnerabilities and
potential attacks. Many network-based threats, such as Man-in-the-Middle (MITM) attacks, packet
injection, and eavesdropping, can be uncovered through packet inspection. The data captured by sniffers
can reveal unauthorized access, help analyze malware behavior, or track the communication between
malicious entities.

Beyond security, packet sniffers are also vital for network performance optimization. By analyzing the
traffic flow and identifying bottlenecks, packet sniffers can assist in troubleshooting slow connections,
diagnosing network congestion, and ensuring the efficient utilization of available bandwidth. Network
administrators use packet sniffers to assess the health of a network by examining various metrics such as
latency, packet loss, and throughput.

While packet sniffers have various legitimate and beneficial applications, their potential for misuse also
raises significant ethical and legal concerns. Unauthorized sniffing, often referred to as sniffing attacks, can
lead to data theft, privacy breaches, and legal violations. Therefore, ethical considerations and strict
regulations govern the use of such tools.

2
 3. SYSTEM ANALYSIS

3.1 EXISTING SYSTEM:

Existing packet sniffer tools, such as Wireshark, tcpdump, and Nmap, are widely used for network
analysis and troubleshooting. Wireshark offers a comprehensive graphical interface with deep packet
inspection capabilities, while tcpdump is a lightweight, command-line tool suitable for quick captures.
Nmap, primarily used for network scanning, also includes packet sniffing features. While these tools are
effective, they can be complex for beginners and may offer more functionality than needed for simple
monitoring tasks. A custom packet sniffer could address these limitations by providing a more
streamlined, user-friendly solution for specific network analysis needs.

3.2 PROPOSED SYSTEM:

The proposed system is a simplified, user-friendly packet sniffer designed to capture and analyze
network traffic with ease. Unlike complex tools like Wireshark, this tool will focus on essential features,
such as real-time packet capture, protocol analysis, and display of key details like IP addresses and port
numbers. It will feature an intuitive graphical interface, making it accessible for users with minimal
technical expertise. The system will be lightweight, ensuring efficient performance on various devices,
and will be ideal for network administrators and security professionals seeking a straightforward tool for
monitoring network traffic and identifying issues.

3
 4. SOURCE CODE
import argparse
import os

from core import PacketSniffer

from output import OutputToScreen

parser = argparse.ArgumentParser(description="Network packet sniffer")

parser.add_argument(
"-i", "--interface",
type=str,
default=None,
help="Interface from which Ethernet frames will be captured (monitors "
"all available interfaces by default)."
)
parser.add_argument(
"-d", "--data",
action="store_true",
help="Output packet data during capture."
)
_args = parser.parse_args()

if os.getuid() != 0:
raise SystemExit("Error: Permission denied. This application requires "
"administrator privileges to run.")

OutputToScreen(
subject=(sniffer := PacketSniffer()),
display_data=_args.data
)

4
try:
for _ in sniffer.listen(_args.interface):
'''Iterate through the frames yielded by the listener in an
infinite cycle while feeding them to all registered observers
for further processing/output'''
pass
except KeyboardInterrupt:
raise SystemExit("[!] Aborting packet capture...")

#!/usr/bin/env python3
# https://github.com/EONRaider/Packet-Sniffer

author = "EONRaider @ keybase.io/eonraider"

import time
from abc import ABC, abstractmethod

class Output(ABC):
"""Interface for the implementation of all classes responsible for
further processing/output of the information gathered by the
PacketSniffer class."""

def init (self, subject):

subject.register(self)

@abstractmethod
def update(self, *args, **kwargs):
pass

5
i = " " * 4 # Basic indentation level

class OutputToScreen(Output):
def init (self, subject, *, display_data: bool):
"""Output data from a decoded frame to screen.

:param subject: Instance of PacketSniffer to be observed.

:param display_data: Boolean specifying the output of captured
data.
"""
super(). init (subject)
self._frame = None
self._display_data = display_data
self._initialize()

@staticmethod
def _initialize() -> None:
print("\n[>>>] Packet Sniffer initialized. Waiting for incoming "
"data. Press Ctrl-C to abort...\n")

def update(self, frame) -> None:

self._frame = frame
self._display_output_header()
self._display_protocol_info()
self._display_packet_contents()

def _display_output_header(self) -> None:

local_time = time.strftime("%H:%M:%S", time.localtime())
print(f"[>] Frame #{self._frame.packet_num} at {local_time}:")

6
def _display_protocol_info(self) -> None:
"""Iterate through a protocol queue and call the appropriate
display protocol method."""
for proto in self._frame.protocol_queue:
try:
getattr(self, f"_display_{proto.lower()}_data")()
except AttributeError:
print(f"{'':>4}[+] Unknown Protocol")

def _display_ethernet_data(self) -> None:

ethernet = self._frame.ethernet
interface = "all" if self._frame.interface is None \
else self._frame.interface
frame_length: int = self._frame.frame_length
epoch_time: float = self._frame.epoch_time
print(f"{i}[+] Ethernet {ethernet.src:.>23} -> {ethernet.dst}")
print(f"{2 * i} Interface: {interface}")
print(f"{2 * i} Frame Length: {frame_length}")
print(f"{2 * i} Epoch Time: {epoch_time}")

def _display_ipv4_data(self) -> None:

ipv4 = self._frame.ipv4
print(f"{i}[+] IPv4 {ipv4.src:.>27} -> {ipv4.dst: <15}")
print(f"{2 * i} DSCP: {ipv4.dscp}")
print(f"{2 * i} Total Length: {ipv4.len}")
print(f"{2 * i} ID: {ipv4.id}")
print(f"{2 * i} Flags: {ipv4.flags_str}")
print(f"{2 * i} TTL: {ipv4.ttl}")
print(f"{2 * i} Protocol: {ipv4.encapsulated_proto}")
print(f"{2 * i} Header Checksum: {ipv4.chksum_hex_str}")

7
def _display_ipv6_data(self) -> None:
ipv6 = self._frame.ipv6
print(f"{i}[+] IPv6 {ipv6.src:.>27} -> {ipv6.dst: <15}")
print(f"{2 * i} Traffic Class: {ipv6.tclass_hex_str}")
print(f"{2 * i} Flow Label: {ipv6.flabel_txt_str}")
print(f"{2 * i} Payload Length: {ipv6.payload_len}")
print(f"{2 * i} Next Header: {ipv6.encapsulated_proto}")
print(f"{2 * i} Hop Limit: {ipv6.hop_limit}")

def _display_arp_data(self) -> None:

arp = self._frame.arp
if arp.oper == 1: # ARP Request
print(f"{i}[+] ARP Who has {arp.tpa:.>18} ? -> Tell {arp.spa}")
else: # ARP Reply
print(f"{i}[+] ARP {arp.spa:.>28} -> Is at {arp.sha}")
print(f"{2 * i} Hardware Type: {arp.htype}")
print(f"{2 * i} Protocol Type: {arp.ptype_str} "
f"({arp.ptype_hex_str})")
print(f"{2 * i} Hardware Length: {arp.hlen}")
print(f"{2 * i} Protocol Length: {arp.plen}")
print(f"{2 * i} Operation: {arp.oper} ({arp.oper_str})")
print(f"{2 * i} Sender Hardware Address: {arp.sha}")
print(f"{2 * i} Sender Protocol Address: {arp.spa}")
print(f"{2 * i} Target Hardware Address: {arp.tha}")
print(f"{2 * i} Target Protocol Address: {arp.tpa}")

def _display_tcp_data(self) -> None:

tcp = self._frame.tcp
print(f"{i}[+] TCP {tcp.sport:.>28} -> {tcp.dport: <15}")
print(f"{2 * i} Sequence Number: {tcp.seq}")
print(f"{2 * i} ACK Number: {tcp.ack}")
print(f"{2 * i} Flags: {tcp.flags_hex_str} > {tcp.flags_str}")

8
 print(f"{2 * i} Window Size: {tcp.window}")
print(f"{2 * i} Checksum: {tcp.chksum_hex_str}")
print(f"{2 * i} Urgent Pointer: {tcp.urg}")

def _display_udp_data(self) -> None:

udp = self._frame.udp
print(f"{i}[+] UDP {udp.sport:.>28} -> {udp.dport}")
print(f"{2 * i} Header Length: {udp.len}")
print(f"{2 * i} Header Checksum: {udp.chksum}")

def _display_icmpv4_data(self) -> None:

ipv4 = self._frame.ipv4
icmpv4 = self._frame.icmpv4
print(f"{i}[+] ICMPv4 {ipv4.src:.>27} -> {ipv4.dst: <15}")
print(f"{2 * i} ICMP Type: {icmpv4.type} ({icmpv4.type_str})")
print(f"{2 * i} Header Checksum: {icmpv4.chksum_hex_str}")

def _display_icmpv6_data(self) -> None:

ipv6 = self._frame.ipv6
icmpv6 = self._frame.icmpv6
print(f"{i}[+] ICMPv6 {ipv6.src:.>27} -> {ipv6.dst: <15}")
print(f"{2 * i} Control Message Type: {icmpv6.type} "
f"({icmpv6.type_str})")
print(f"{2 * i} Control Message Subtype: {icmpv6.code}")
print(f"{2 * i} Header Checksum: {icmpv6.chksum_hex_str}")

def _display_packet_contents(self) -> None:

if self._display_data is True:
print(f"{i}[+] DATA:")
data = (self._frame.data.decode(errors="ignore").
replace("\n", f"\n{i * 2}"))
print(f"{i}{data}")

9
 5. OUTPUT SCREENS

OUTPUT SCREEN 5.1:

Fig 5.1: Packet Sniffer initializaiton

OUTPUT SCREEN 5.2:

Fig 5.2: Packet sniffer

10
 6. SYSTEM REQUIREMENTS
6.1 Hardware Requirements
Memory (RAM)
Minimum: 4 GB of RAM.
Recommended: 8 GB of RAM or more for better performance during real-time packet
capture and analysis.
Storage
Minimum: 100 MB of free hard drive
Recommended: SSD with at least 500 MB of free space for faster data access and improved
performance.
Network Interface Card (NIC)
A network interface card capable of running in promiscuous mode to capture all network
traffic.
6.2 SOFTWARE REQUIREMENTS
Operating System: Windows, Linux, or macOS
Programming Language:Python or C++
Libraries/Tools:
Scapy (for Python): A powerful Python-based tool for packet manipulation and analysis, useful for
creating and decoding packets.
Tkinter (for Python): A GUI library for developing a simple and interactive user interface.
Development Environment/IDE: Visual Studio Code, PyCharm

11
 7. CONCLUSION

In conclusion, the packet sniffer project aims to provide a simple, efficient, and user-friendly tool for
capturing and analyzing network traffic. By focusing on essential functionalities and offering a
streamlined interface, this tool will cater to users who need a straightforward solution for network
monitoring and troubleshooting, without the complexity of advanced tools like Wireshark. The proposed
system will help network administrators, security professionals, and developers identify network issues,
optimize performance, and detect security vulnerabilities. With its lightweight design and minimal
hardware requirements, the packet sniffer will offer a practical and accessible tool for real-time network
analysis, contributing to improved network security and performance.

12
 8. FUTURE ENHANCEMENTS

Future enhancements to the packet sniffer could include support for additional protocols help identify
potential security threats like DDoS attacks or unauthorized access. Expanding the tool to work with cloud
networks and mobile devices would increase its versatility in modern infrastructures. Adding advanced data
visualization and automated traffic filtering with customizable alerts would improve user experience by
simplifying network analysis. Furthermore, incorporating enhanced security features like data encryption
and secure authentication would ensure the safety of sensitive network information. These improvements
would make the packet sniffer a more powerful and comprehensive tool for network monitoring and
security.such as HTTP/2, SSL/TLS, and DNS over HTTPS, enabling deeper analysis of encrypted traffic.
Integrating real-time anomaly detection using machine learning algorithms would

13
 9. REFERENCES
1. Comer, D. E. (2018). Internetworking with TCP/IP Volume One: Principles, Protocols, and
Architecture (6th ed.). Pearson Education.

2. Kurose, J. F., & Ross, K. W. (2017). Computer Networking: A Top-Down Approach (7th
ed.). Pearson Education.

3. Morrissey, D. (2012). Wireshark 1.8: Network Analysis Toolkit. Packt Publishing.

4. Wireshark. (2023). Wireshark User Guide. Retrieved from https://www.wireshark.org/docs/

5. Scapy Documentation. (2024). Scapy: A Python-based Interactive Packet Manipulation

Program. Retrieved from https://scapy.readthedocs.io/en/latest/

6. Van Renesse, R. (2001). TCP/IP Illustrated, Volume 1: The Protocols. Addison-Wesley.

7. Libpcap. (2023). Libpcap Documentation. Retrieved from

https://www.tcpdump.org/manpages/pcap.3pcap.html

14