Nmap Development mailing list archives
autonomous system numbers NSE script
From: "Michael Pattrick" <mpattrick () rhinovirus org>
Date: Tue, 17 Jun 2008 20:40:42 -0400
Hey everyone, I wrote this script to find autonomous system numbers using the method described here [1]. But there are two problems: - A query will return the same ASN if its in the same BGP netblock. My script also discovers the BGP netblock, is there any way to cache results in this case - ie check if the IP fits into a netblock that we've already scanned? - The website states that the the best way is the DNS method, and hosts making too many whois queries will be blocked, is there a way to forge DNS query packets in NSE or would there need to be some kind of DNS API? I tried making the raw packet in a lua script and ssending it out but wireshark claimed that the packet was malformed :( I sent a copy to some of the NSE devs to see if they could figure out a better way, so now im sending it to the list. Here is an example of the output: $ ./nmap --script ASQuery.nse -p80 rhinovirus.org Starting Nmap 4.65 ( http://nmap.org ) at 2008-06-17 20:39 EDT Interesting ports on ip-68-178-252-14.ip.secureserver.net (68.178.252.14): PORT STATE SERVICE 80/tcp open http Host script results: |_ Autonomous Numbers: BGP Prefix: 68.178.252.0/22 AS number: 26496 Country Code: US Cheers, Michael [1] http://www.team-cymru.org/Services/ip-to-asn.html
Attachment:
ASQuery.nse
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- autonomous system numbers NSE script Michael Pattrick (Jun 17)
- Re: autonomous system numbers NSE script Kris Katterjohn (Jun 17)
- Re: autonomous system numbers NSE script jah (Jun 18)
- Re: autonomous system numbers NSE script Fyodor (Jun 28)
- Re: How is whois.nse coming along? jah (Jun 29)
- Re: How is whois.nse coming along? Kris Katterjohn (Jun 29)
- Re: How is whois.nse coming along? jah (Jun 29)
- Re: How is whois.nse coming along? Patrick Donnelly (Jun 29)
- Re: autonomous system numbers NSE script Fyodor (Jun 28)