Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Feature request: scanning an AS
From: Ron <ron () skullsecurity net>
Date: Wed, 16 Mar 2011 11:37:33 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 15 Mar 2011 20:52:16 +0100 John Bond <john.r.bond () gmail com> wrote:
On 15 March 2011 00:13, John Bond <john.r.bond () gmail com> wrote:
On 14 March 2011 21:45, John Bond <john.r.bond () gmail com> wrote:
I noticed this script on the todo list in the wiki and i wasn't
really doing nse last year.  anyway i have written a very small
script which does this.  It relies on the whois server oliver day
mentioned.  see attached

-- @usage
-- nmap --script asn-to-prefix --script-args
asn-to-prefix.asn=65000[asn-to-prefix.whois_server=asn.shadowserver.org,asn-to-prefix.whois_port=43]
--
-- @output
-- 53/udp open  domain  udp-response
-- | asn-to-prefix:
-- |_    127.0.0.0/8


Just an update to the description to acknowledge shadow servers as
they are the ones that are providing this service more info here
http://www.shadowserver.org/wiki/pmwiki.php/Services/IP-BGP

another update so the script can take multiple asn numbers

-- @usage nmap --script 'asn-to-prefix.asn={65000,65001}'
 -- @output
| asn-to-prefix:
|   65000
|    127.0.0.0/8
|
|   65001
|     127.0.0.0/8
|_

Here's another idea, from @ioerror, "You can use block finder to locate most of a county's ASNs and then pipe that to 
nmap."

Can that be automated? Cuz it's be fun to "nmap iraq" :)

Ron
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)

iEYEARECAAYFAk2A51UACgkQ2t2zxlt4g/T8QgCgip+kfj0LdS+BLyHyUJNHt+MT
EIoAn0hQhYNWAt8d10F+DlVYRAoLoZKe
=e+4M
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]