Skip to content

Add WSL + Scapy Windows Setup Guide #12

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
staticvoidmainmaui wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add WSL + Scapy Windows Setup Guide #12

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
216 changes: 216 additions & 0 deletions Part_2/wsl_scapy_port_scanner_setup_guide.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,216 @@
# WSL + Scapy Port Scanner Setup Guide (Beginner-Proof)

This document records the **exact setup, pitfalls, and final working configuration** for running a real TCP SYN port scanner using **Scapy on Linux (Ubuntu via WSL)** from a Windows machine.

It is written as a **contribution guide** for beginners who hit Windows networking limitations and need a clear, correct path forward.

*'Following the same problem structure I first encountered upon exploring on Windows Device with Ubuntu(Linux) for the first time.'*

---

## Important Beginner Rule (Burn This In)

> **Linux hides password input.**
> **Silence ≠ not typing.**
> Everyone thinks it’s broken the first time.

When you type a password for `sudo`, **nothing will appear on screen**. This is normal.

---

## Why Linux / Ubuntu Was Required

Windows **blocks raw TCP packet crafting** at the kernel level. This prevents:
- TCP SYN scans
- Proper Scapy behavior

Ubuntu (Linux) **allows raw sockets**, which is why cybersecurity tools, labs, and textbooks assume Linux.

We used **WSL (Windows Subsystem for Linux)** so Linux runs *inside* Windows safely, without reinstalling the OS.

---

## Environment Overview

- Host OS: Windows
- Linux environment: Ubuntu via WSL
- Files accessed through Windows mount: `/mnt/c/...`
- Python isolation: `venv` (virtual environment)
- Privileges: `sudo` (required for raw sockets)

---

## Initial System Setup (Ubuntu)

### 1. Update package lists

```bash
sudo apt update
```

**What it does:**
Downloads the latest list of available software from Ubuntu’s repositories.

**Why it matters:**
Ubuntu won’t install or update packages correctly without an up-to-date list.

**Analogy:**
Refreshing the App Store catalog before downloading apps.

---

### 2. Install required system tools

```bash
sudo apt install python3-pip tcpdump -y
```

This installs **two critical programs**.

#### `python3-pip`
- Python’s package manager for Linux
- Required to install Python libraries like Scapy

#### `tcpdump`
- Low-level packet capture tool
- Used internally by Scapy
- Confirms packets are actually being sent
- Core cybersecurity utility

#### `-y`
- Automatically answers “yes” to install prompts

---

## Python Environment (PEP 668 Safe Setup)

Modern Ubuntu **blocks system-wide pip installs** to protect the OS. This is intentional.

### Create a virtual environment

Navigate to the project directory (Windows-mounted):

```bash
cd /mnt/c/Users/alejm/PycharmProjects/PythonforCybersecurityLAP/python-for-cybersecurity/Part_2/2.1\ Network\ Scanning
```

Create the venv:

```bash
python3 -m venv venv
```

Activate it:

```bash
source venv/bin/activate
```

You should now see `(venv)` in the prompt.

---

### Install Scapy (inside venv)

```bash
pip install scapy
```

**What this does:**
- Installs Scapy into the virtual environment
- Avoids breaking system Python

**What Scapy provides:**
- Packet crafting (TCP SYN, ICMP, DNS, etc.)
- Packet sending and sniffing
- Direct access to network layers

This is **exactly what Windows was blocking**.

---

## Verification (Before Running the Scanner)

```bash
python3 -c "from scapy.all import IP, TCP; print('Scapy OK')"
```

Expected output:
```
Scapy OK
```

This confirms:
- venv is active
- Scapy is installed correctly

---

## Critical sudo + venv Rule

Running:
```bash
sudo python3 PortScan.py
```
❌ **will fail** — `sudo` ignores the venv.

### Correct command (System Python ≠ venv Python)

```bash
sudo venv/bin/python3 PortScan.py
```

This ensures:
- `sudo` privileges (raw sockets)
- venv Python interpreter
- Access to Scapy

---

## Final Execution +(Working Result)

Command used:

```bash
sudo venv/bin/python3 PortScan.py
```

Output:
```
Open ports at 8.8.8.8:
80
DNS Server at 8.8.8.8
```

---

## What This Confirms!

- Linux raw socket access is working
- Scapy is crafting and sending TCP SYN packets
- Port scan logic is correct
- DNS check logic executed successfully
- End-to-end network capability verified

This is a **real port scanner**, not a simulation.

---

## Key Lessons

- Windows blocks raw TCP — Linux is required
- WSL is the safest way to use Linux on Windows
- Ubuntu enforces best practices via PEP 668
- `sudo` and `venv` must be combined correctly
- Terminal silence ≠ failure

---

## Final One-Line Command to Remember

```bash
sudo venv/bin/python3 PortScan.py
```

This guide documents a **complete, correct, and professional setup** suitable for cybersecurity coursework and real-world learning. 'Following the same problem structure I first encountered upon exploring on Windows Device with Ubuntu(Linux) for the first time.'