def scan(): ThreadKeeper.incrementThreadCount() captureInterface = str(ConfigHelper.getWirelessCaptureInterface()) captureDuration = str(ConfigHelper.getCaptureDuration()) capturePath = str(ConfigHelper.getCaptureDirectory()) + \ ThreadKeeper.getTimeStamp() + \ "-unprocessed.pcap" try: # making the saved pcap able to be deleted by normal users since it was created with root call(["touch", capturePath]) call(["chmod", "777", capturePath]) except Exception, errmsg: print "Could not change output file permissions, you might need root permissions to delete it now, sorry about that..." print errmsg
def analyze(): global action_exit, action_notice action_notice = BehaviorDatabaseHelper.type_notice action_exit = BehaviorDatabaseHelper.type_exit behaviorDBConnection = BehaviorDatabaseHelper.connect() rollingDBConnection = RollingDatabaseHelper.connect() # current GMT minus the backtracking time (in seconds) startTime = int(time.time()) - int(ConfigHelper.getCaptureDuration( )) # int(ConfigHelper.getNumBackTrackHours() * 3600) # or if we want to analyze everything we've ever captured if ConfigHelper.doAllAnalysisForever(): startTime = 0 uniques = BehaviorDatabaseHelper.getUniques(behaviorDBConnection, startTime) count = 0 total = len(uniques) for address in uniques: count += 1 print '{0}\r'.format(" analysis: " + str(100 * count / total) + "%"), # array of int timesOfAddress = RollingDatabaseHelper.getTimesOfAddress( rollingDBConnection, address) makeEntriesAndExitsForAddress(address, timesOfAddress, behaviorDBConnection) # make a new line to advance from the percentage print output print # commit changes to behavior db and close out both connections behaviorDBConnection.commit() behaviorDBConnection.close() rollingDBConnection.close() return