Survol FAQs

SURVOL FREQUENTLY ASKED QUESTIONS

SO IT WORKS LIKE A HTTP SERVER. CAN I REUSE APACHE™ OR IIS™ ?

For classical desktop or server applications, Survol can use Apache and IIS (Internet Information Services). As a set of Python scripts, it is compatible with CGI and WSGI.

Survol comes with its own HTTP server, a concise Python script, so it can run on very small machines and is very appropriate for Internet Of Things applications. This also has the benefit to run on any user account, which gives access to much more information.

WHY AN ADHOC CGI SERVER ?

To access specific information, a "root" or "administrator" account is needed; Apache or IIS do not run under such a privileged account. Also, the adhoc CGI server is very lightweight, uses standard Python classes, does not require any installation and can execute on any machine running Python.

WHY USING PYTHON ?

Using a compiled language might raise security issues when running on a production environment. On the contrary, a scripting language such as Python with its concept of "pure Python" packages, is much safer. NodeJS has the extra advantage to run mostly the same code on server and client. But it may be less mature, less validated in production environments, with less libraries, and the JIT compiler is a bit CPU hungry. Perl would be a good choice, but does not have the flexibility to install modules just by copying a set of files. Survol is heavily based on Python, and benefits from all its specific features: Concision, large set of libraries, object-orientation, modules, memory management, self-documentation etc...

To run Survol, no genuine installation is needed, just a files tree, for example on a USB memory stick (or floppy disk...), is enough. The only needed thing is a Python interpreter. And even not: if your browser can run ActiveX™ object on a Windows™ platform, you can still perform some simplified analysis.

ON WHICH PLATFORM ? WHICH PYTHON VERSION ? WHICH REQUIREMENTS ?

Survol is a pure-Python software which runs on Windows™ and Linux™ operating systems. It is easy to port Survol on other platforms: Its modular architecture is such that, when a module cannot run for any reason, it is simply disabled.

Survol can run on Python 2 or Python 3, in 32 or 64 bits. It does not need special Python libraries, nor the latest Python version. Its performance requirements are very low and it can run on an Internet of Things network. Some of the most important Python modules it uses are:

socket, sys, os, re: Standard modules which are available everywhere.
psutil: a cross-platform library for retrieving information on running processes and system utilization. It is not mandatory but very convenient.
pywbem if a WBEM server is available.
pywin32: The fantastic win32 module is nice to have when running on a Windows machine.

CAN I ADD SCRIPTS IN ANOTHER PROGRAMMING LANGUAGE ?

Yes, this is possible, but they will be poorly integrated in Survol. It is much more advisable to create your own Python module in your programming language. This is easy (C++, Java, Perl, Fortran...)

OTHER REQUIREMENTS ?

Survol uses Graphviz , an open source graph visualization software, to represent its structural information as an SVG diagram. It is not absolutely required because Survol has other rendering methods, but stable SVG representations are convenient to generate print reports or slides.

SCANNING PROCESS MEMORY, WHAT DOES IT MEAN ?

In the memory of a running process (Its heap, or the stack), variables are created at execution time, and can contain a lot of useful information which helps understand the process behaviour: File names, HTTP URLs, SQL queries etc... and other resources created on-the-fly, provide invaluable hints about what a process is doing. Survol comes with several scripts able to extract this information and display the associated objects. This is not an entirely reliable process, of course, because these data might be corrupted, or just being created, or might simply be unused. Still, the implied information is extremely useful when investigating an application.

NMAP ?

Nmap is a free and open source utility for network discovery and security auditing. It is able to detect various resources on a network: Computer, databases, shared disks and other classes defined in WBEM. Nmap is therefore a convenient investigation tool in the Survol toolbox. Several Nmap programs are wrapped into Survol scripts, it is very easy to add more.

WHERE ARE THE SOURCES ?

Survol is an one-source project and as such, its source code is available on Sourceforge and Github:

Survol on Github: This is the main GIT repository; the project name is "survol".
Survol on Sourceforge: A backup source repository.

I WANT TO SEE DOCUMENTATION !

Survol architecture is explained here.
Doxygen-generated pages are there.
Installation notes, how the setup can be customised etc...

HOW CAN I INSTALL SURVOL ON MY MACHINE ?

Complete explanation are provided with the installation notes. Survol can of course be installed from the sources, but also as a pure-Python module, which is available on Pypi:

Survol source distribution, on Pypy, complete package, can be downloaded and installed as any Python module.
Survol on Pypi (Test) , same on test site.
Test CGI script

Return to Survol, see use cases, architecture, installation notes.