Socket Programming - Question

[Paul Rubin]

"duncanm255 at hotmail.com" <duncanm255 at hotmail.com> writes:
> I am relatively new to Python, and wanted to see if this is even
> possible, and if so how to go about implementing it.  What I'm looking
> to do is create a client/server application that does the following:
> 
> 1)  System2 listens on port > 1023
> 2)  System1 connects to System2 and sends traffic to it - based on the
> traffic it receives (i.e. a special string), System2 executes
> command-line commands and returns the output to System1.

You're asking how to write a TCP server in general.  You might look at
the SocketServer module in the standard library, which gives a
reasonable framework for that kind of server.  However, its
documentation is not very good.  Alex Martelli's "Python Cookbook" may
have some better examples.  

If you want your server to be able to handle multiple client sessions
simultaneously, use SocketServer.ThreadingMixin (for multiple threads)
or SocketServer.ForkingMixin (multiple processes).  Beware that this
stuff is not easy for beginners, unless you've had experience writing
servers in other languages (maybe Java).

There's another issue too, especially if your app is a virus scanner:
you have to think very hard about what happens if a malicious client
connects to your server (a virus scanning app is an unusually juicy
target for such attacks).  It's extremely easy to leave security holes
open (the viruses themselves typically exploit such holes in Windows)
so you have to develop a paranoid attitude about what kinds of things
the attacker can try and how you can defend.  Using Python puts you
one step ahead of Windows, since you're mostly immune to buffer
overflow bugs, a very common vulnerability.  But it's still an area
full of hazards and not so good for beginners.

This is good bedtime reading: http://www.dwheeler.com/secure-programs/