Tuesday, February 13, 2007

I am SO NOT a developer

I came up in IT as a sysadmin, and though I have a few semesters of formal education in C and C++, what I know best are scripting languages - MS-DOS batch, UNIX shell, and Perl.

There is an undeniable trend toward the widespread use of Python in the infosec industry. I was finally convinced of this when I recently got a sneak peek of a commercial app that is going to offer a Python stepping interface to its scanning engine. Very cool. And we bought it... so, I better learn how to use it.

To prepare myself, I wrote my first Python program. It replaces a shell script hack that I wrote a year or two ago that basically does bulk DNS reverse-lookups on large IP ranges. To be cool, and to prepare for working with a scanning engine, I decided to use threading.

I've been working on it in small bursts over the past two weeks, and as of this morning I have something that works very well. I also have to say, it wasn't much harder than working with Perl. It took a little Googling to find the dnspython libraries, which I used instead of writing my own DNS query code. Once I had that working, the rest was pretty straightforward. Using threading was painless, and well worth the effort. Compared to the shell script it replaces, the Python program is smoking fast, as you would expect.

Mostly this post is me patting myself on the back, but what I wanted to impart to the other non-coders that might read this is that if I can muddle out 20 lines of working Python code, you can too.

No comments: