Estimating the response time of a server using Python or regex

Asked

Viewed 107 times

1

I created a virtualized environment with an Apache server (running in Debian) and several attacking machines running Debian as well. Vmware Workstation was used.

Server IP: 192.168.91.5

I have dump file (PCAP) collected with tcpdump. Is there any way to estimate (or calculate) the server response time every 60 seconds? The Ips of the attackers are of form 192.168.91.X

Example of PCAP file:

PCAP

PCAP files for example:

https://ufile.io/hfqp4

I tried to use tcprstat but the record always goes to zero, which is definitely wrong:

tcprstat -r semAtaques.pcap -f '%n\n' -p 80 -t 1 -n 0
python regex

2 answers

3


You can try using ready libs for this, I found two:

pypcapfile

To install use the pip:

pip install pypcapfile

An example of use:

from pcapfile import savefile
testcap = open('1.pcap', 'rb')
capfile = savefile.load_savefile(testcap, verbose=True)
print capfile

pcap-parser

To install use the pip:

pip install pcap-parser

It works by command line (which can be used), simple example:

parse_pcap 1.pcap

The list of other commands are in https://pypi.python.org/pypi/pcap-parser

  • Thank you! This one doesn’t seem to generate statistics! I’m trying to understand why tcprstat is always giving zero!

  • I’m also testing this: http://yconalyzer.sourceforge.net/

  • yconalyzer could not install

  • I didn’t understand how to get the response time!

1

Browser other questions tagged python regex

You are not signed in. Login or sign up in order to post.