標籤:python 連接埠掃描 pymysql linux
Clam AntiVirus是一個免費而且開放源碼的防毒軟體,軟體與病毒庫的更新由開源社區免費發布,目前ClamdAV主要為Linux、Uinux系統提供病毒掃描查殺pyClamad是一個python的第三方模組,可讓python直接使用ClamAV病毒掃描守護進程clamd來實現一個高效的病毒檢測功能。
一、實現集中式的病毒掃描
1、安裝clamavp clamd 服務的相關程式包
yum install clamav clamd clamav-update -y
chkconfig clamd on
更新病毒庫
/usr/bin/freshclam
更改設定檔修改監聽地址到所有網路,啟動服務
sed -i -e ‘/^TCPAddr/{ s/127.0.0.1/0.0.0.0/;}‘ /etc/clamd.conf
/etc/init.d/clamd start
2、安裝pyClamd模組
pip2.7 install pyClamd
工作原理:管理伺服器通過python發出多線程指令串連商務服務器的3310連接埠,執行病毒掃描,然後返回結果給管理伺服器。 商務服務器必須安裝clamd相關程式包,並啟動服務監聽在3310連接埠才能正常收到指令;
實現代碼:
#!/usr/bin/env python# -*- coding: utf-8 -*-import timeimport pyclamdfrom threading import Threadclass Scan(Thread): #繼承多線程Thread類 def __init__ (self,IP,scan_type,file): """構造方法""" Thread.__init__(self) self.IP = IP self.scan_type=scan_type self.file = file self.connstr="" self.scanresult="" def run(self): """多進程run方法""" try: cd = pyclamd.ClamdNetworkSocket(self.IP,3310) """探測連通性""" if cd.ping(): self.connstr=self.IP+" connection [OK]" """重載clamd病毒碼庫""" cd.reload() """判斷掃描模式""" if self.scan_type=="contscan_file": self.scanresult="{0}\n".format(cd.contscan_file(self.file)) elif self.scan_type=="multiscan_file": self.scanresult="{0}\n".format(cd.multiscan_file(self.file)) elif self.scan_type=="scan_file": self.scanresult="{0}\n".format(cd.scan_file(self.file)) time.sleep(1) else: self.connstr=self.IP+" ping error,exit" return except Exception,e: self.connstr=self.IP+" "+str(e)IPs=[‘192.168.1.21‘,‘192.168.1.22‘] #掃描主機的列表scantype="multiscan_file" #指定掃描模式scanfile="/data/www" #指定掃描路徑i=1threadnum=2 #指定啟動的線程數scanlist = [] #儲存Scan類線程對象列表for ip in IPs: """將資料值帶入類中,執行個體化對象""" currp = Scan(ip,scantype,scanfile) scanlist.append(currp) #追加對象到列表"""當達到指定的線程數或IP列表數後啟動線程""" if i%threadnum==0 or i==len(IPs): for task in scanlist: task.start() #啟動線程 for task in scanlist: task.join() #等待所有子線程退出,並輸出掃描結果 print task.connstr #列印伺服器串連資訊 print task.scanresult #列印結果資訊 scanlist = [] i+=1
二、使用python-nmap模組實現一個高效的連接埠掃描器
需要依賴nmap和python-nmap;
yum install nmap
pip2.7 install python-nmap
實現代碼:
#!/usr/bin/env python# -*- coding: utf-8 -*-import sysimport nmapscan_row=[]input_data = raw_input(‘Please input hosts and port: ‘)scan_row = input_data.split(" ")if len(scan_row)!=2: print "Input errors,example \"192.168.1.0/24 80,443,22\"" sys.exit(0)hosts=scan_row[0] #接收使用者輸入的主機port=scan_row[1] #接收使用者輸入的連接埠try: nm = nmap.PortScanner() #建立連接埠掃描對象except nmap.PortScannerError: print(‘Nmap not found‘, sys.exc_info()[0]) sys.exit(0)except: print("Unexpected error:", sys.exc_info()[0]) sys.exit(0)try: nm.scan(hosts=hosts, arguments=‘ -v -sS -p ‘+port) #調用掃描方法,參數指定掃描主機hosts,nmap掃描命令列參數argumentsexcept Exception,e: print "Scan erro:"+str(e) for host in nm.all_hosts(): #遍曆掃描主機 print(‘----------------------------------------------------‘) print(‘Host : %s (%s)‘ % (host, nm[host].hostname())) #輸出主機及主機名稱 print(‘State : %s‘ % nm[host].state()) #輸出主機狀態,如up、down for proto in nm[host].all_protocols(): #遍曆掃描協議,如tcp、udp print(‘----------‘) print(‘Protocol : %s‘ % proto) #輸入協議名 lport = nm[host][proto].keys() #擷取協議的所有掃描連接埠 lport.sort() #連接埠列表排序 for port in lport: #遍曆連接埠及輸出連接埠與狀態 print(‘port : %s\tstate : %s‘ % (port, nm[host][proto][port][‘state‘]))
三、實現一個程式完成取MySQL資料匯出txt,完成壓縮,傳FTP伺服器,自動刪除到期資料。
#!/usr/local/python27/bin/python2.7#coding:utf-8import osimport sysimport pymysqlimport ftplibimport commandsimport timeimport datetime"""從資料庫擷取資料"""def sql(user,passwd,host,db): conn = pymysql.connect(host=host,user=user,password=passwd,db=db) cur = conn.cursor() cur.execute("select count(*) from ucenter_member;") result_num = cur.fetchall() """由於返回的資料是一個元組,下面的格式轉換用於去除括弧""" total_num = int(str(result_num).lstrip(‘((‘).rstrip(‘,),)‘)) """總行數 / 每次取資料的行數 = 需要取的次數 + 1 是因為怕不能整除可以把剩下的資料都取出""" linesum = (total_num/5000+1) j = 0 while ( j < linesum ): result_num = cur.execute("SELECT id,login,reg_time,last_login_time,type from ucenter_member limit"+‘ ‘+str(int(j*5000))+‘,‘+str(5000)+‘;‘) data = cur.fetchall() """定義輸出的檔案對象""" outfile = open(‘/alidata/data_analyse/ucenter-%s‘% time.strftime(‘%Y-%m-%d‘,time.localtime(time.time()))+‘.txt‘,‘a+‘) for i in range(result_num): out = str(data[i]).strip(‘()‘)+‘\n‘ outfile.write(out) j+=1 outfile.close() outfilename = (‘ucenter-%s‘% time.strftime(‘%Y-%m-%d‘,time.localtime(time.time()))+‘.txt‘) return outfilename"""FTP檔案上傳函數""" def upload(file): os.chdir(‘/alidata/data_analyse/‘) file_path = os.path.abspath(file) f = open(file_path,‘rb‘) ftp = ftplib.FTP(‘115.236.179.166‘) ftp.login(‘liuyang‘,‘liuyang666999‘) """上傳檔案,STOR 後面的 %s 定義的是上傳後儲存的檔案名稱,f為需要上傳的檔案對象""" ftp.storbinary(‘STOR %s‘%file,f)"""檔案壓縮函數"""def gzip(filename): os.chdir(‘/alidata/data_analyse/‘) g = commands.getoutput("zip -9 %s %s" %(filename+‘.zip‘,filename)) return(filename+‘.zip‘)"""到期檔案刪除函數"""def Del_file(): """切換程式的工作目錄""" os.chdir(‘/alidata/data_analyse/‘) ThreeDaysAgo = (datetime.datetime.now() - datetime.timedelta(days=3)) rmtime = ThreeDaysAgo.strftime("%Y-%m-%d") rmfile = (‘ucenter-%s‘% rmtime+‘.txt‘) rmfile2 = (‘ucenter-%s‘% rmtime+‘.txt.zip‘) if os.path.exists(rmfile): os.remove(rmfile) if os.path.exists(rmfile2): os.remove(rmfile2) returnif __name__ == ‘__main__‘: outfilename = sql(‘root‘,‘123456‘,‘10.1.1.1‘,‘hellodb‘) gzipfile = gzip(outfilename) starttime = datetime.datetime.now() upload(gzipfile) endtime = datetime.datetime.now() uptime = (endtime - starttime).seconds with open(‘./history.log‘,‘a+‘) as f: f.write(‘time:%s,upload cost time:%s‘ % (time.strftime(‘%Y-%m-%d %H:%M:%S‘,time.localtime(time.time())),uptime)+‘\n‘) Del_file()
本文出自 “突破舒適區” 部落格,轉載請與作者聯絡!
Python 指令碼學習筆記(五)集中式病毒掃描,連接埠掃描以及分段資料庫操作
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
