SURVOL FREQUENTLY ASKED
QUESTIONS
SO
IT WORKS LIKE A HTTP SERVER. CAN I REUSE APACHE™ OR IIS™ ?
For classical
desktop or server applications, Survol can
use Apache and IIS (Internet Information
Services). As a set of Python scripts, it is compatible with CGI and
WSGI.
Survol comes with
its own HTTP server, a concise Python script, so it can run on
very small machines and
is very appropriate for Internet
Of Things applications. This also has the benefit to run on
any user account, which gives access to much more information.
WHY AN ADHOC CGI SERVER ?
To
access specific information, a "root" or "administrator"
account is needed; Apache or IIS do not run under such a privileged
account.
Also, the adhoc CGI server is very lightweight, uses standard Python
classes,
does not require any installation and can execute on any machine
running Python.
WHY USING PYTHON ?
Using a compiled
language might
raise security issues when running on a production environment. On the
contrary, a scripting language such as Python with its concept of "pure
Python"
packages, is much safer. NodeJS has the extra advantage to run mostly
the same code on server and client. But it may be less mature, less
validated in production environments, with less libraries,
and the JIT compiler is a bit CPU hungry.
Perl would be a good choice, but does not have the flexibility to
install
modules
just by copying a set of files. Survol is heavily based on Python, and
benefits from all its specific features: Concision, large set of
libraries, object-orientation, modules, memory management,
self-documentation etc...
To run Survol, no
genuine installation is needed,
just a files tree, for example on a USB memory stick (or floppy
disk...), is enough.
The only needed thing is a Python interpreter. And even not: if your
browser can run ActiveX™ object on a Windows™ platform,
you can still perform some simplified analysis.
ON WHICH PLATFORM ? WHICH
PYTHON VERSION ? WHICH REQUIREMENTS ?
Survol
is a
pure-Python software which runs on Windows™ and Linux™ operating
systems. It is easy to port Survol on other platforms: Its modular
architecture is such that, when a module cannot run for any reason, it
is simply disabled.
Survol
can run on Python 2
or Python 3, in 32 or 64 bits. It does not need special Python
libraries, nor the latest Python version. Its performance requirements
are very low and it can run on an Internet of Things
network. Some of the most important
Python modules it uses are:
- socket, sys, os, re: Standard modules which are available
everywhere.
- psutil:
a cross-platform library for
retrieving information on running processes and system utilization.
It is not mandatory but very convenient.
- pywbem
if a WBEM server is available.
- pywin32:
The fantastic win32 module is nice to have when running on a Windows
machine.
CAN I ADD SCRIPTS IN ANOTHER
PROGRAMMING LANGUAGE ?
Yes,
this is possible, but they will be poorly integrated in Survol. It is
much more advisable to create your own Python module in your
programming language. This
is easy (C++, Java, Perl, Fortran...)
OTHER REQUIREMENTS ?
Survol
uses Graphviz
, an open source graph visualization software, to represent
its structural information as an SVG diagram.
It is not absolutely required because Survol has other rendering
methods, but stable SVG representations are convenient to generate
print reports or slides.
SCANNING PROCESS MEMORY, WHAT
DOES IT MEAN ?
In
the memory of a running process (Its heap, or the stack), variables are
created at execution time, and can contain a lot of useful
information which helps understand the process behaviour: File names,
HTTP URLs, SQL queries etc... and other resources created on-the-fly,
provide invaluable hints about what a process is doing. Survol comes
with several scripts able to extract this information and display the
associated objects. This is not an entirely reliable process, of
course, because these data might be corrupted, or just being created,
or might simply be unused. Still, the implied information is extremely
useful when investigating an application.
NMAP ?
Nmap
is a free and open source utility for
network discovery and security auditing. It is able to detect various
resources on a network: Computer, databases, shared disks and other
classes defined in WBEM. Nmap is therefore a convenient investigation
tool in the Survol toolbox. Several Nmap programs are wrapped into
Survol scripts, it is very
easy to add more.
WHERE ARE THE SOURCES ?
Survol is an
one-source project and as such, its source code is available on Sourceforge and Github:
I WANT TO SEE DOCUMENTATION !
HOW CAN I INSTALL SURVOL ON MY
MACHINE ?
Complete explanation are provided with the installation notes. Survol can of
course be installed from the sources, but also as a pure-Python module,
which is available on Pypi:
Return to Survol, see use cases, architecture, installation notes.