A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Presenting P@cketR@quet: An Auditory IDS - Killian Ditch BSides Indy 2018 (Hacking Illustrated Series InfoSec Tutorial Videos)

Presenting P@cketR@quet: An Auditory IDS
Killian Ditch
@KILLIANDITCH
BSides Indy 2018

TLDR: Nifty Python tool to play music corresponding to network traffic that contains the potential for an accessibility function for the visually-impaired. Originally conceived of as a cool idea to examine network traffic generated by penetration testing in lieu of reviewing tcpdump or Wireshark output, p@quetr@quet turned into a technically valid means for creating music from network traffic patterns. Also, by creating a sound-based representation of network traffic, the utility provides insight into normal traffic patterns as opposed to oddities such as ICMP ping or UDP/TCP port scans. Anyone, whether an analyst or tester, interested in keeping track of the network can listen to the sounds of the packets instead of scrolling through Wireshark or tcpdump output. As an example, if a port scan was observed by the monitoring interface, those packets would correspond to different sounds, thereby yielding an aural experience matching that traffic pattern. Visually-impaired individuals could be trained as to the notes and corresponding packets and be empowered to conduct hitherto inaccessible network analysis. The project is at a very basic level, albeit with a functioning proof of concept script to demonstrate both live traffic examples and previously recorded packet captures.

Killian has been involved in the tech industry for about 10 years, and after dabbling in security throughout, he ventured into the realm of offensive techniques about halfway through. He works as a penetration tester for Coalfire out of Denver, CO , where he attempts to relate the technical aspects presented by vulnerabilities in networks, applications, and people to actionable business risks that companies can address.

Back to BSides Indy 2018 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast