table of contents
| ASN(1) | User Commands | ASN(1) |
NAME¶
asn - ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / ASPath / Organization / IP reputation lookup tool
SYNOPSIS¶
asn [OPTIONS] [TARGET]
asn [-v] -l [SERVER OPTIONS]
DESCRIPTION¶
ASN is a tool for performing various lookup operations related to ASN (Autonomous System Number), RPKI validity, BGP statistics, IPv4/v6 addresses, prefixes, ASPaths, organizations, and IP reputations.
OPTIONS¶
- -t
- (enable trace)
Enable AS path trace to the TARGET (this is the default behavior) - -n
- (no trace|no additional INETNUM lookups)
Disable tracing the AS path to the TARGET (for IP targets) or
Disable additional (unannounced / announced by other AS) INETNUM lookups for the TARGET (for AS targets) - -d
- (detailed) Output detailed hop info during the AS path trace to the
TARGET
This option also enables RPKI validation/BGP hijacking detection for every hop - -a
- (ASN Suggest)
Lookup AS names and numbers matching TARGET - -u
- (Transit/Upstream lookup)
Inspect BGP updates and ASPATHs for the TARGET address/prefix and identify possible transit/upstream autonomous systems - -c
- (Country CIDR)
Lookup all IPv4/v6 CIDR blocks allocated to the TARGET country - -g
- (Bulk Geolocate)
Geolocate all IPv4/v6 addresses passed as TARGET
This mode supports multiple targets, stdin input and IP extraction from input, e.g.
asn -g < /var/log/apache2/error.log or echo 1.1.1.1 2.2.2.2 | asn -g - -s
- (Shodan scan)
Query Shodan's InternetDB for CVE/CPE/Tags/Ports/Hostnames data about TARGET
This mode supports multiple targets and stdin input, e.g.
asn -s < iplist or echo 1.1.1.0/24 google.com | asn -s - -o
- (organization search)
Force TARGET to be treated as an Organization Name - -m
- (monochrome output)
Disable colored output - -v
- (verbose)
Enable debug messages (URLs being queried and variable names being assigned) - -j
- (compact JSON output)
Set output to compact JSON mode (ideal for machine parsing) - -J
- (pretty-printed JSON output)
Set output to pretty-printed JSON mode - -h
- (help)
Show this help screen - -l
- (lookup server)
Launch the script in server mode. See SERVER OPTIONS below
TARGET¶
- <AS Number>
- Lookup matching ASN and BGP announcements/neighbours data.
- <IPv4/IPv6>
- Lookup matching route(4/6), IP reputation, and ASN data.
- <Prefix>
- Lookup matching ASN data.
- <host.name.tld>
- Lookup matching IP, route, and ASN data. Supports multiple IPs - e.g. DNS RR.
- <URL>
- Extract hostname/IP from the URL and lookup relative data. Supports any protocol prefix, non-standard ports, and prepended credentials.
- <Organization Name>
- Search by company name and lookup network ranges exported by (or related to) the company.
SERVER OPTIONS¶
- BIND_ADDRESS
- IP address (v4/v6) to bind the listening server to (e.g., 'asn -l
0.0.0.0').
Default value: 127.0.0.1 (IPv4) or ::1 (IPv6). - BIND_PORT
- TCP Port to bind the listening server to (e.g., 'asn -l 12345').
Default value: 49200. - BIND_ADDRESS BIND_PORT
- IP address and port to bind the listening server to (e.g., 'asn -l ::1 12345').
- -v
- (verbose)
Enable verbose output and debug messages in server mode. - --allow host[,host,...]
- Allow only given hosts to connect to the server.
- --allowfile file
- A file of hosts allowed to connect to the server.
- --deny host[,host,...]
- Deny given hosts from connecting to the server.
- --denyfile file
- A file of hosts denied from connecting to the server.
- -m, --max-conns <n>
- The maximum number of simultaneous connections accepted by the server. 100 is the default.
NOTES¶
Every option in server mode (after -l) is passed directly to the ncat listener. Refer to man ncat for more details on the available commands. Unless specified, the default IP:PORT values of 127.0.0.1:49200 (for IPv4) or [::1]:49200 (for IPv6) will be used (e.g., 'asn -l').
EXAMPLES¶
Example server usage:
asn -l (starts server on default IP(v4/v6):PORT)
asn -l 0.0.0.0 --allow 192.168.0.0/24,192.168.1.0/24,192.168.2.245 (binds to all available IPv4 interfaces on the default port, allowing only connections from the three specified subnets)
asn -l :: 2222 --allow 2001:DB8::/32 (binds to all available IPv6 interfaces on port 2222, allowing only connections from the specified prefix)
asn -v -l 0.0.0.0 --allowfile ~/goodips.txt -m 5 (verbose mode, bind to all IPv4 interfaces, use an allowfile with allowed addresses, accept a maximum of 5 concurrent connections)
SEE ALSO¶
Project homepage: https://github.com/nitefood/asn
AUTHOR¶
Marcos Rodrigues de Carvalho (aka oday) <marcosrcarvalho42@gmail.com>
| February 2024 | 0.76.1 |