NAME

asn - ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / ASPath / Organization / IP reputation lookup tool

SYNOPSIS

asn [OPTIONS] [TARGET]
asn [-v] -l [SERVER OPTIONS]

DESCRIPTION

ASN is a tool for performing various lookup operations related to ASN (Autonomous System Number), RPKI validity, BGP statistics, IPv4/v6 addresses, prefixes, ASPaths, organizations, and IP reputations.

OPTIONS

-t

(enable trace)
Enable AS path trace to the TARGET (this is the default behavior)

-n

(no trace|no additional INETNUM lookups)
Disable tracing the AS path to the TARGET (for IP targets) or
Disable additional (unannounced / announced by other AS) INETNUM lookups for the TARGET (for AS targets)

-d

(detailed) Output detailed hop info during the AS path trace to the TARGET
This option also enables RPKI validation/BGP hijacking detection for every hop

-a

(ASN Suggest)
Lookup AS names and numbers matching TARGET

-u

(Transit/Upstream lookup)
Inspect BGP updates and ASPATHs for the TARGET address/prefix and identify possible transit/upstream autonomous systems

-c

(Country CIDR)
Lookup all IPv4/v6 CIDR blocks allocated to the TARGET country

-g

(Bulk Geolocate)
Geolocate all IPv4/v6 addresses passed as TARGET
This mode supports multiple targets, stdin input and IP extraction from input, e.g.
asn -g < /var/log/apache2/error.log or echo 1.1.1.1 2.2.2.2 | asn -g

-s

(Shodan scan)
Query Shodan's InternetDB for CVE/CPE/Tags/Ports/Hostnames data about TARGET
This mode supports multiple targets and stdin input, e.g.
asn -s < iplist or echo 1.1.1.0/24 google.com | asn -s

-o

(organization search)
Force TARGET to be treated as an Organization Name

-m

(monochrome output)
Disable colored output

-v

(verbose)
Enable (and log to $HOME/asndebug.log) debug messages (URLs being queried and variable names being assigned)
API call response data (i.e. the JSON output) is logged to the logfile.

-j

(compact JSON output)
Set output to compact JSON mode (ideal for machine parsing)

-J

(pretty-printed JSON output)
Set output to pretty-printed JSON mode

-h

(help)
Show this help screen

-l

(lookup server)
Launch the script in server mode. See SERVER OPTIONS below

TARGET

<AS Number>

Lookup matching ASN and BGP announcements/neighbours data.

<IPv4/IPv6>

Lookup matching route(4/6), IP reputation, and ASN data.

<Prefix>

Lookup matching ASN data.

<host.name.tld>

Lookup matching IP, route, and ASN data. Supports multiple IPs - e.g. DNS RR.

<URL>

Extract hostname/IP from the URL and lookup relative data. Supports any protocol prefix, non-standard ports, and prepended credentials.

<Organization Name>

Search by company name and lookup network ranges exported by (or related to) the company.

SERVER OPTIONS

BIND_ADDRESS

IP address (v4/v6) to bind the listening server to (e.g., 'asn -l 0.0.0.0').
Default value: 127.0.0.1 (IPv4) or ::1 (IPv6).

BIND_PORT

TCP Port to bind the listening server to (e.g., 'asn -l 12345').
Default value: 49200.

BIND_ADDRESS BIND_PORT

IP address and port to bind the listening server to (e.g., 'asn -l ::1 12345').

-v

(verbose)
Enable verbose output and debug messages in server mode.

--allow host[,host,...]

Allow only given hosts to connect to the server.

--allowfile file

A file of hosts allowed to connect to the server.

--deny host[,host,...]

Deny given hosts from connecting to the server.

--denyfile file

A file of hosts denied from connecting to the server.

-m, --max-conns <n>

The maximum number of simultaneous connections accepted by the server. 100 is the default.

NOTES

Every option in server mode (after -l) is passed directly to the ncat listener. Refer to man ncat for more details on the available commands. Unless specified, the default IP:PORT values of 127.0.0.1:49200 (for IPv4) or [::1]:49200 (for IPv6) will be used (e.g., 'asn -l').

EXAMPLES

Example server usage:

asn -l (starts server on default IP(v4/v6):PORT)

asn -l 0.0.0.0 --allow 192.168.0.0/24,192.168.1.0/24,192.168.2.245 (binds to all available IPv4 interfaces on the default port, allowing only connections from the three specified subnets)

asn -l :: 2222 --allow 2001:DB8::/32 (binds to all available IPv6 interfaces on port 2222, allowing only connections from the specified prefix)

asn -v -l 0.0.0.0 --allowfile ~/goodips.txt -m 5 (verbose mode, bind to all IPv4 interfaces, use an allowfile with allowed addresses, accept a maximum of 5 concurrent connections)

SEE ALSO

To file a bug report or feature request, please open an issue on the project homepage: https://github.com/nitefood/asn

AUTHOR

Project author: nitefood <nitefood0@gmail.com>

This manpage was created by Marcos Rodrigues de Carvalho (aka oday) <marcosrcarvalho42@gmail.com>