Python Passive Network Mapping

Python Passive Network Mapping


1st Edition - June 10, 2015

Write a review

  • Author: Chet Hosmer
  • eBook ISBN: 9780128027424
  • Paperback ISBN: 9780128027219

Purchase options

Purchase options
DRM-free (EPub, Mobi, PDF)
Sales tax will be calculated at check-out

Institutional Subscription

Free Global Shipping
No minimum order


Python Passive Network Mapping: P2NMAP is the first book to reveal a revolutionary and open source method for exposing nefarious network activity. The "Heartbleed" vulnerability has revealed significant weaknesses within enterprise environments related to the lack of a definitive mapping of network assets. In Python Passive Network Mapping, Chet Hosmer shows you how to effectively and definitively passively map networks. Active or probing methods to network mapping have traditionally been used, but they have many drawbacks - they can disrupt operations, crash systems, and - most importantly - miss critical nefarious activity. You require an accurate picture of the environments you protect and operate in order to rapidly investigate, mitigate, and then recover from these new attack vectors. This book gives you a deep understanding of new innovations to passive network mapping, while delivering open source Python-based tools that can be put into practice immediately. Python Passive Network Mapping is for practitioners, forensic investigators, IT teams, and individuals who work together when performing incident response and investigating potential damage, or are examining the impacts of new malware threats. Those defending critical infrastructures will have a special interest in this book, as active or probing methods of network mapping are rarely used within these environments as any resulting impacts can be disastrous. Python Passive Network Mapping is ideally suited for use as a text in a variety of academic programs to expose and engage students in the art of passively mapping enterprise networks, with the added benefit of providing exposure to open source Python solutions.

Key Features

  • First book to show you how to use open source Python to conduct passive network mapping
  • Provides a new method for conducting incident response and investigating the extent of potential damage to your systems
  • Python code forensics toolkit for network mapping included on the companion website


IT security professionals, forensics investigators, IT professionals (network administrators, IT managers, security managers, directors of security, etc.), and IT teams working on incident response

Table of Contents

    • Dedication
    • Biography
    • Preface
    • Acknowledgments
    • Chapter 1: Introduction
      • Abstract
      • Conventions Used in This Text
      • What is Python Passive Network Mapping or P2NMAP?
      • Why Does This Method Cast a Larger Net?
      • How Can Active Network Mapping Actually Hurt You?
      • Organization of the Book
      • Review
      • Summary Questions
    • Chapter 2: What You DON’T Know About Your Network
      • Abstract
      • What’s Running on Your Network Might Surprise You
      • OS Fingerprinting
      • What Open Ports or Services Don’t You Know About?
      • Who’s Touching Your Network?
      • Review
      • Summary Questions
    • Chapter 3: Capturing Network Packets Using Python
      • Abstract
      • Setting up a Python Passive Network Mapping Environment
      • The Art of the Silent Capture
      • Python Source Code
      • Review
      • Summary Questions
    • Chapter 4: Packet Capture Analysis
      • Abstract
      • Packet Capture Analysis
      • Setting up Options for Analysis
      • Performing Analysis
      • Review
      • Summary Questions
    • Chapter 5: PCAP Extractor and OS Fingerprinting
      • Abstract
      • PCAP Extraction
      • Passive OS Fingerprinting
      • Review
      • Summary Questions
    • Chapter 6: Future Considerations and Challenge Problems
      • Abstract
      • Author Observations
      • Author Predictions
      • Challenge Problems
      • More Information
    • Subject Index

Product details

  • No. of pages: 162
  • Language: English
  • Copyright: © Syngress 2015
  • Published: June 10, 2015
  • Imprint: Syngress
  • eBook ISBN: 9780128027424
  • Paperback ISBN: 9780128027219

About the Author

Chet Hosmer

Chet Hosmer is the Founder of Python Forensics, Inc. a non-profit organization focused on the collaborative development of open-source investigative technologies using the Python programming language. Chet serves as a visiting professor at Utica College in the Cybersecurity Graduate program where his research and teaching focus on advanced steganography/data hiding methods and related defenses. He is also an Adjunct Faculty member at Champlain College in the Masters of Science in Digital Forensic Science Program where he is researching and working with graduate students to advance the application Python to solve hard problems facing digital investigators.

Chet makes numerous appearances each year to discuss emerging cyber threats including National Public Radio's Kojo Nnamdi show, ABC's Primetime Thursday, NHK Japan and ABC News Australia. He is also a frequent contributor to technical and news stories relating to cyber security and forensics and has been interviewed and quoted by IEEE, The New York Times, The Washington Post, Government Computer News,, DFI News and Wired Magazine.

He is the author of three recent Elsevier/Syngress Books: Python Passive Network Mapping: ISBN-13: 978-0128027219, Python Forensics: ISBN-13: 978-0124186767 and Data Hiding which is co/authored with Mike Raggo: ISBN-13: 978-1597497435. Chet delivers keynote and plenary talks on various cyber security related topics around the world each year.

Affiliations and Expertise

President, Python Forensics, Inc.

Ratings and Reviews

Write a review

There are currently no reviews for "Python Passive Network Mapping"