diff --git a/Part_2/wsl_scapy_port_scanner_setup_guide.md b/Part_2/wsl_scapy_port_scanner_setup_guide.md new file mode 100644 index 0000000..68c841c --- /dev/null +++ b/Part_2/wsl_scapy_port_scanner_setup_guide.md @@ -0,0 +1,216 @@ +# WSL + Scapy Port Scanner Setup Guide (Beginner-Proof) + +This document records the **exact setup, pitfalls, and final working configuration** for running a real TCP SYN port scanner using **Scapy on Linux (Ubuntu via WSL)** from a Windows machine. + +It is written as a **contribution guide** for beginners who hit Windows networking limitations and need a clear, correct path forward. + +*'Following the same problem structure I first encountered upon exploring on Windows Device with Ubuntu(Linux) for the first time.'* + +--- + +## Important Beginner Rule (Burn This In) + +> **Linux hides password input.** +> **Silence ≠ not typing.** +> Everyone thinks it’s broken the first time. + +When you type a password for `sudo`, **nothing will appear on screen**. This is normal. + +--- + +## Why Linux / Ubuntu Was Required + +Windows **blocks raw TCP packet crafting** at the kernel level. This prevents: +- TCP SYN scans +- Proper Scapy behavior + +Ubuntu (Linux) **allows raw sockets**, which is why cybersecurity tools, labs, and textbooks assume Linux. + +We used **WSL (Windows Subsystem for Linux)** so Linux runs *inside* Windows safely, without reinstalling the OS. + +--- + +## Environment Overview + +- Host OS: Windows +- Linux environment: Ubuntu via WSL +- Files accessed through Windows mount: `/mnt/c/...` +- Python isolation: `venv` (virtual environment) +- Privileges: `sudo` (required for raw sockets) + +--- + +## Initial System Setup (Ubuntu) + +### 1. Update package lists + +```bash +sudo apt update +``` + +**What it does:** +Downloads the latest list of available software from Ubuntu’s repositories. + +**Why it matters:** +Ubuntu won’t install or update packages correctly without an up-to-date list. + +**Analogy:** +Refreshing the App Store catalog before downloading apps. + +--- + +### 2. Install required system tools + +```bash +sudo apt install python3-pip tcpdump -y +``` + +This installs **two critical programs**. + +#### `python3-pip` +- Python’s package manager for Linux +- Required to install Python libraries like Scapy + +#### `tcpdump` +- Low-level packet capture tool +- Used internally by Scapy +- Confirms packets are actually being sent +- Core cybersecurity utility + +#### `-y` +- Automatically answers “yes” to install prompts + +--- + +## Python Environment (PEP 668 Safe Setup) + +Modern Ubuntu **blocks system-wide pip installs** to protect the OS. This is intentional. + +### Create a virtual environment + +Navigate to the project directory (Windows-mounted): + +```bash +cd /mnt/c/Users/alejm/PycharmProjects/PythonforCybersecurityLAP/python-for-cybersecurity/Part_2/2.1\ Network\ Scanning +``` + +Create the venv: + +```bash +python3 -m venv venv +``` + +Activate it: + +```bash +source venv/bin/activate +``` + +You should now see `(venv)` in the prompt. + +--- + +### Install Scapy (inside venv) + +```bash +pip install scapy +``` + +**What this does:** +- Installs Scapy into the virtual environment +- Avoids breaking system Python + +**What Scapy provides:** +- Packet crafting (TCP SYN, ICMP, DNS, etc.) +- Packet sending and sniffing +- Direct access to network layers + +This is **exactly what Windows was blocking**. + +--- + +## Verification (Before Running the Scanner) + +```bash +python3 -c "from scapy.all import IP, TCP; print('Scapy OK')" +``` + +Expected output: +``` +Scapy OK +``` + +This confirms: +- venv is active +- Scapy is installed correctly + +--- + +## Critical sudo + venv Rule + +Running: +```bash +sudo python3 PortScan.py +``` +❌ **will fail** — `sudo` ignores the venv. + +### Correct command (System Python ≠ venv Python) + +```bash +sudo venv/bin/python3 PortScan.py +``` + +This ensures: +- `sudo` privileges (raw sockets) +- venv Python interpreter +- Access to Scapy + +--- + +## Final Execution +(Working Result) + +Command used: + +```bash +sudo venv/bin/python3 PortScan.py +``` + +Output: +``` +Open ports at 8.8.8.8: +80 +DNS Server at 8.8.8.8 +``` + +--- + +## What This Confirms! + +- Linux raw socket access is working +- Scapy is crafting and sending TCP SYN packets +- Port scan logic is correct +- DNS check logic executed successfully +- End-to-end network capability verified + +This is a **real port scanner**, not a simulation. + +--- + +## Key Lessons + +- Windows blocks raw TCP — Linux is required +- WSL is the safest way to use Linux on Windows +- Ubuntu enforces best practices via PEP 668 +- `sudo` and `venv` must be combined correctly +- Terminal silence ≠ failure + +--- + +## Final One-Line Command to Remember + +```bash +sudo venv/bin/python3 PortScan.py +``` + +This guide documents a **complete, correct, and professional setup** suitable for cybersecurity coursework and real-world learning. 'Following the same problem structure I first encountered upon exploring on Windows Device with Ubuntu(Linux) for the first time.' +