def scan():
ThreadKeeper.incrementThreadCount()
captureInterface = str(ConfigHelper.getWirelessCaptureInterface())
captureDuration = str(ConfigHelper.getCaptureDuration())
capturePath = str(ConfigHelper.getCaptureDirectory()) + \
ThreadKeeper.getTimeStamp() + \
"-unprocessed.pcap"
try:
# making the saved pcap able to be deleted by normal users since it was created with root
call(["touch", capturePath])
call(["chmod", "777", capturePath])
except Exception, errmsg:
print "Could not change output file permissions, you might need root permissions to delete it now, sorry about that..."
print errmsg
def analyze():
global action_exit, action_notice
action_notice = BehaviorDatabaseHelper.type_notice
action_exit = BehaviorDatabaseHelper.type_exit
behaviorDBConnection = BehaviorDatabaseHelper.connect()
rollingDBConnection = RollingDatabaseHelper.connect()
# current GMT minus the backtracking time (in seconds)
startTime = int(time.time()) - int(ConfigHelper.getCaptureDuration(
)) # int(ConfigHelper.getNumBackTrackHours() * 3600)
# or if we want to analyze everything we've ever captured
if ConfigHelper.doAllAnalysisForever():
startTime = 0
uniques = BehaviorDatabaseHelper.getUniques(behaviorDBConnection,
startTime)
count = 0
total = len(uniques)
for address in uniques:
count += 1
print '{0}\r'.format(" analysis: " + str(100 * count / total) + "%"),
# array of int
timesOfAddress = RollingDatabaseHelper.getTimesOfAddress(
rollingDBConnection, address)
makeEntriesAndExitsForAddress(address, timesOfAddress,
behaviorDBConnection)
# make a new line to advance from the percentage print output
print
# commit changes to behavior db and close out both connections
behaviorDBConnection.commit()
behaviorDBConnection.close()
rollingDBConnection.close()
return