Hosts scanning with python thread

[secondmouse]

Hi all,
I am currently working on a project that'll scan a local wireless network with around 1000 hosts whose ips are fixed. They are all running https service. The goal is to determine which hosts are up so the server can go into the hosts to grab data and the scanning time has to be reasonably fast (10 seconds or so). By learning this python thread example and using the check_tcp command from nagios, I came up with this script:

Code:

#!/usr/bin/env python
import os
import re
import time
import sys
from threading import Thread

class testit(Thread):
   def __init__ (self,ip):
      Thread.__init__(self)
      self.ip = ip
      self.status = 0
   def run(self):
      result = os.popen("./check_tcp -t 1 -H "+self.ip+" -p 443","r")
      line = result.readline()
      igot = re.findall(testit.lifeline,line)
      if igot:
         self.status = 1

testit.lifeline=re.compile(r"TCP OK")
report = ("No response","Alive")

while 1:
   hostlist = []
   for net in range(6,10):
      import time
      for host in range(1,254):
         ip = "192.168."+str(net)+"."+str(host)
         current = testit(ip)
         hostlist.append(current)
         current.start()
   os.system('clear')
   for h in hostlist:
      h.join()
      if h.status==1:
         print time.ctime(),"Status from ",h.ip,"is",report[h.status]
         #to do: grab the data from the host

A bit explanation about the check_tcp command: it's copied from the nagios libexec/ directory to where the python script is located. Option -t is to specify the timeout value in seconds. If the detected host is up, a string starting with "TCP OK" will be returned. By using 1 as the timeout value I was able to scan one C-subnet within 1-2 seconds or 4 C-subnets ( 192.168.[6-10].[1-254] ) within 5-6 seconds in a wired ethernet network with reliable results. ( tested on a SuSE 10.3 with 4G RAM, Xeon 2.4GHZ server) This script has not been tested in the wireless network yet because it's not there yet. My question is can I use this timeout value in a wireless network at such a scale? I also tried to use 10 secs - the default timeout value of check_tcp and it creates a problem in linux since the maximum number of process is limited to 1024 (even for root) therefore once that limit is reached, no more new threads can be created. I can get around with this by inserting a pause of, say, 8 seconds after 500 threads has been created and running. And the scanning time is 24 seconds. So my second question is: are there other alternative ways to do a quick scanning for a network like this.