Simple bash script for IP-ASN mapping
Whenever I see a new unknown IP range, it gets hard to find exact source of that IP within command shell. Recently, I found a very interesting source of that information from Team Cymru.
I figured out (with a friend’s help) that using their whois server - v4.whois.cymru.com one can actually grab limited information as required.
E.g
anurag@laptop:~$ whois -h v4.whois.cymru.com " -v 8.8.8.8"
AS | IP | BGP Prefix | CC | Registry | Allocated | AS Name
15169 | 8.8.8.8 | 8.8.8.0/24 | US | arin | 1992-12-01 | GOOGLE - Google Inc.
As we can see -v gives all possible information. All I needed was AS number, AS Name, BGP Prefix, Country code - this gives enough information for an IP address. Thus command turns out to be with -c & -p.