Security Basics mailing list archives
RE: Identifying all the AS on a particular CIDR block
From: "Burton Strauss" <Burton () FelisCatus org>
Date: Fri, 12 Aug 2005 11:46:37 -0500
You can do it - sort of. But it's VERY difficult and will not give good quality. The various registries and RADB make AS level whois queries available through the command lines ... you'll need to walk the space as you get answers back. HOWEVER, the answers you will get are only as good as their input data which is quite poor. The various regional registries (ARIN, RIPE et al) only know about major blocks announced by their customers. RADB aggregates a lot of data, but their picture is based on the core routers they're pulling bgp data from. Again aggregated. (1) From the IANA list figure out what registry to look at: http://www.iana.org/assignments/ipv4-address-space gives: 024/8 May 01 ARIN - Cable Block (Formerly IANA - Jul 95) Normally you would start querying and start walking... but 24/8 data isn't available. $ whois -h whois.radb.net 26.0.0.0/24 [Querying whois.radb.net] [whois.radb.net] route: 26.0.0.0/8 descr: DISA Operations DISA / D3 11440 Isaac Newton Sq. Reston, VA 22090-5087 origin: AS568 mnt-by: MAINT-AS568 changed: netreg () nic mil 20011009 source: DoDNIC See the 'origin:' line? That's your (possibly aggregated) ASN. But AFAIK there's very little data in 24/8, probably because it's busted up among 100s of Cable ISPs. Try it on 24.0.0.0/8 and there's nothing there. -----Burton -----Original Message----- From: Michael Painter [mailto:tvhawaii () shaka com] Sent: Thursday, August 11, 2005 1:45 AM To: Paul Ryan; 'Security-Basics' Subject: Re: Identifying all the AS on a particular CIDR block ----- Original Message ----- From: "Paul Ryan" <pryan () rogers wave ca> To: "'Security-Basics'" <security-basics () securityfocus com> Sent: Tuesday, August 09, 2005 8:31 AM Subject: Identifying all the AS on a particular CIDR block
Hi all - I am performing a risk analysis on and have the need to list all the ASN making use of various /8 - so for example 24.0.0.0/8 broken down into the ASN using this block ...any ideas ...
Sounds difficult. Have you looked here? http://www.fixedorbit.com/ --Michael
Current thread:
- Identifying all the AS on a particular CIDR block Paul Ryan (Aug 10)
- Re: Identifying all the AS on a particular CIDR block Michael Painter (Aug 12)
- RE: Identifying all the AS on a particular CIDR block Timothy Dillman (Aug 15)
- RE: Identifying all the AS on a particular CIDR block Burton Strauss (Aug 15)
- Re: Identifying all the AS on a particular CIDR block routerg (Aug 12)
- Re: Identifying all the AS on a particular CIDR block Devdas Bhagat (Aug 15)
- Re: Identifying all the AS on a particular CIDR block Michael Painter (Aug 12)