HardCIDR will query ARIN and a pool of BGP route servers (github.com)
29 points by crystalPalace 1 hour ago | 9 comments





This might give it some more context: https://www.trustedsec.com/march-2017/classy-inter-domain-ro...

OK, but what does it do? The README is pretty sparse. Some examples would really help.

Edit: the header from the script is good, toss it into the README for great success.

Oh, this is superfly. Easy way to build your own up-to-date ASN DB, similar to the one from Maxmind. Think: embellishing Apache/Nginx logs with up-to-date information about the IP address of the client, including ASN/OrgId. Useful for identifying snowshoers spreading their footprint across a lot of discontiguous IP addresses in one ASN/Org.

Those are some cool acronyms that I've never heard of. Reading the README does not explain any more. It's quite the mystery how this got to the top-30...

I guess this is on hn because it sounds cool? It's impossible to understand what it is.

From the top of the script:

> A tool to enumerate CIDRs by querying RIRs & BGP ASN prefix lookups

> Currently queries: ARIN, RIPE NCC, APNIC, AfriNIC, LACNIC

>

> Queries are made for the Org name, network handles, org handles, customer handles,

> BGP prefixes, PoCs with target email domain, and 'notify' email address - used by

> some RIRs.

>

> Note that severl RIRs currently limit query results to 256 or less, so large

> target orgs may not return all results.

>

> LACNIC only allows query of ASN or IP address bloks & cannot search for Org names

> directly. The entire DB as been downloaded to a separate file for queries to this RIR.

> The file will be periodically updated to maintain accurate information.

>

> Output saved to two csv files - one for org & one for PoCs

> A txt file is also output with a full list of enumerated CIDRs

>

> Author: Jason Ashton (@ninewires)

> Created: 09/19/2016

This might well be Arabic. I have been in the industry for over 10 years and that explanation is meaningless

These are all Internet Protocol routing features. "CIDR" refers to classless interdomain routing, iirc.

> ARIN, RIPE NCC, APNIC, AfriNIC, LACNIC

These are the global agencies that manage the IP address allocations

Note that this script installs "ipcalc" (or really, whatever is in http://jodies.de/ipcalc-archive/ipcalc-0.41.tar.gz) without user interaction.

I'm generally pretty not okay with scripts that curl | tar things (or apt-get install things, which this does if it's run on a linux) from the interwebs without my explicit consent.

