Add description for Ex2 and report

2021-04-22 15:42:10 +02:00 · 2021-04-22 15:42:10 +02:00 · 60d80ab654
commit 60d80ab654
2 changed files with 59 additions and 0 deletions
--- a/ex2/README.md
+++ b/ex2/README.md
@ -0,0 +1,53 @@
+# Exercise 2
+
+## From pcap to packets
+
+Login via `ssh` to the Lab Environment and `cd working_directory`.
+
+### rep-10
+
+Run the following command inside `working_directory`:
+
+`tcpdump -tt -c 10 -nr Ex2_team13.pcap`
+
+* `-tt` for timestamps
+* `-c 10` for showing the first 10 packets
+* `-n` for not converting addresses to names
+* `-r` for reading from pcap
+
+Last line (10th packet) says:
+
+`1546318980.014549 IP 203.74.52.109 > 200.130.97.12: ICMP echo request, id 16190, seq 4544, length 12`
+
+### rep-11
+
+After running the command
+
+`go-flows run features pcap2pkts.json export csv Ex2_team13.csv source libpcap Ex2_team13.pcap`
+
+we get the file `Ex2_team13.csv`.
+
+The following python script quickly extracts the `protocolIdentifier` and their occurrences:
+
+```python
+import numpy as np
+import pandas as pd
+
+df = pd.read_csv(r'./Ex2_team13.csv')
+
+print(df['protocolIdentifier'].value_counts(sort=True))
+```
+
+Output:
+
+```
+6      889752
+1      761985
+17     124772
+47     107355
+58       1308
+50         66
+103        15
+41          2
+Name: protocolIdentifier, dtype: int64
+```
--- a/ex2/countingIdentifiers.py
+++ b/ex2/countingIdentifiers.py
@ -0,0 +1,6 @@
+import numpy as np
+import pandas as pd
+
+df = pd.read_csv(r'./Ex2_team13.csv')
+
+print(df['protocolIdentifier'].value_counts(sort=True))