Re: Feature request: scanning an AS

[Ron <ron () skullsecurity net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 15 Mar 2011 20:52:16 +0100 John Bond <john.r.bond () gmail com> wrote:
> On 15 March 2011 00:13, John Bond <john.r.bond () gmail com> wrote:
> > On 14 March 2011 21:45, John Bond <john.r.bond () gmail com> wrote:
> > > I noticed this script on the todo list in the wiki and i wasn't
> > > really doing nse last year.  anyway i have written a very small
> > > script which does this.  It relies on the whois server oliver day
> > > mentioned.  see attached
> > >
> > > -- @usage
> > > -- nmap --script asn-to-prefix --script-args
> > > asn-to-prefix.asn=65000[asn-to-prefix.whois_server=asn.shadowserver.org,asn-to-prefix.whois_port=43]
> > > --
> > > -- @output
> > > -- 53/udp open  domain  udp-response
> > > -- | asn-to-prefix:
> > > -- |_    127.0.0.0/8
> >
> > Just an update to the description to acknowledge shadow servers as
> > they are the ones that are providing this service more info here
> > http://www.shadowserver.org/wiki/pmwiki.php/Services/IP-BGP
> another update so the script can take multiple asn numbers
>
> -- @usage nmap --script 'asn-to-prefix.asn={65000,65001}'
>  -- @output
> | asn-to-prefix:
> |   65000
> |    127.0.0.0/8
> |
> |   65001
> |     127.0.0.0/8
> |_

Here's another idea, from @ioerror, "You can use block finder to locate most of a county's ASNs and then pipe that to 
nmap."

Can that be automated? Cuz it's be fun to "nmap iraq" :)

Ron
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)

iEYEARECAAYFAk2A51UACgkQ2t2zxlt4g/T8QgCgip+kfj0LdS+BLyHyUJNHt+MT
EIoAn0hQhYNWAt8d10F+DlVYRAoLoZKe
=e+4M
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/