本次是使用的python自动化里面的pyclam库,这个库是在linux环境里面专门用来做安全扫描,此文只是将模块的基本用法进行描述。
import time
import pyclamd
from threading import thread
class Scan(thread): #采用多进程类的方式进行书写
def __init__(self,IP,scan_type,file):
Thread.__init__(self) #调用父类的初始化方法
self.IP = IP
self.scan_type = scan_type
self.file = file
self.constr = ""
self.scanresult = ""
def run(self):
try:
cd = pyclamd.ClamdNetworkSocket(self.IP,3310)
if cd.ping(): #检查IP的连通性
self.connstr = self.IP + "connection [OK]"
cd.reload() #重载病毒特征库
if self.scan_type == "contsan_file": #对三种扫描模式进行定义
self.scanresult = "{0}\n".format(cd.contsan_file(self.file))
elif self.scan_type == "multiscan_file":
self.scanresult = "{0}\n".format(cd.multiscan_file(self.file))
elif self.scan_type == "scan_file":
self.scanresult = "{0}\n".format(cd.scan_file(self.file))
else:
self.connstr = self.IP+"ping error,exit"
return
except Exception as e:
self.connstr = self.IP + " "+str(e)
IPs = ['192.168.1.21','192.168.1.22']
scantype="multiscan_file"
scanfile ="/data/www"
i=1
threadnum = 2
scanlist = []
for ip in IPs:
currp = Scan(ip,scantype,scanfile)
scanlist.append(currp)
if i%threadnum == 0 or i == len(IPs): #设定只有当达到指定数量的线程数才会开始运行
for task in scanlist:
task.start()
for task in scanlist:
task.join()
print task.connstr
print task.scanresult
scanlist = []
i+=1