Theodore Baschak

Routing Guru. BOFH. IPv6 Advocate. Founder/Operator of Hextet Systems (AS395089) and Network Architect for Daemon Defense Systems (AS55101).

RabbitMQ - PSaaS

Sun, 03 Dec 2017 23:40:58 -0600 » Nerd Projects, Network Monitoring, CLI, Programming, SaltStack, System Administration, Security

I wrote a small web application which I’m calling “PSaas” – Port Scan as a Service. This webapp was an opportunity for me to do some coding and interaction with RabbitMQ. RabbitMQ has come up a few times for me lately. First, RabbitMQ was mentioned by Woulter Milterburg in a RIPE Labs article describing the next generation of Remote Route Collectors, then Robert Keizer spoke on how he used RabbitMQ to buffer generated addresses from masscan to scan 0.0.0.0/0 for PTR records at BSidesWpg 2017.

App Architecture

The frontend web application accepts input from end users, validates it, and queues it up. The backend is notified through RabbitMQ and executes the job immediately. 1 or more backend runners can take jobs and run them simultaneously. Results are stored in SQL so they can be reviewed later on.

Frontend

  • nginx
  • PHP-FPM w/ php-amqplib

Backend

  • CLI PHP w/ php-amqplib
  • RabbitMQ
  • nmap

As an added benefit the scans are now started immediately, and if they aren’t marked completed RabbitMQ will hand them out again (think: hitting CTRL-C on the backend runner). The events being added to the queue kicks off the scanning, instead of an endless loop with a sleep(30) in between to keep things reasonable.

Code

The code is available on Github.

© Theodore Baschak - https://github.com/tbaschak - Powered by Jekyll.
Powered by Les.net.
CiscoDude.net is a personal website. Opinions expressed are not necessarily those of his employer.