There's a tool out there called "tracesroute" (note the "s") that will also provide the AS number of every ip it lists.
-----Original Message----- From: Suresh Ramasubramanian [mailto:suresh@outblaze.com] Sent: Thursday, October 09, 2003 12:46 PM To: Avleen Vig Cc: nanog@merit.edu Subject: Re: Finding ASN from IP address
Avleen Vig writes on 10/9/2003 10:19 PM:
I want to create a mapping of IP addresses to ASN, for a specific like of IP addresses. Eg: 1.2.3.4 12.34.56.78
etc, gathered from my system logs.
What is the best way of doing this?
Rob Thomas (cymru.com) has something like this - see below.
-- srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9 manager, outblaze.com security and antispam operations
* To: apops@apops.net * Subject: [apops] New Team Cymru IP2ASN whois server * From: Rob Thomas <robt@cymru.com> * Date: Fri, 26 Sep 2003 01:56:11 -0500 (CDT) * List-archive: <http://www.apnic.net/mailing-lists/apops/> * List-help: <mailto:apops-request@apops.net?subject=help> * List-id: Asia Pacific Operators Forum <apops.apops.net> * List-post: <mailto:apops@apops.net> * List-subscribe:
<http://mailman.apnic.net/mailman/listinfo/apops>,<mailto:apop s-request@apops.net?subject=subscribe>
* List-unsubscribe:
<http://mailman.apnic.net/mailman/listinfo/apops>,<mailto:apop s-request@apops.net?subject=unsubscribe>
* Sender: apops-admin@apops.net
Fellow networkers,
Team Cymru is happy to announce the availability of a public whois server dedicated to mapping IP numbers to ASNs, located at whois.cymru.com. You can find the link to this tool at:
http://www.cymru.com/BGP/whois.html
This link has been added to our main BGP data page available at:
http://www.cymru.com/BGP/index.html
We have also extended the functionality of this daemon to
IP submissions for those who wish to further optimize their queries with netcat.
Following is a quick overview of how to use it:
$ whois -h whois.cymru.com <IP>
Where <IP> is replaced by the IP you'd like to map, like so:
$ whois -h whois.cymru.com 4.2.2.1 ASN | IP | Name 3356 | 4.2.2.1 | LEVEL3 Level 3 Communications
You can also include port information, and/or timestamps in your queries. Be sure to include quotes around your queries, or
support BULK the daemon
will interpret your request as multiple lines:
$ whois -h whois.cymru.com "4.2.2.1 -0600 GMT" ASN | IP | Info | Name 3356 | 4.2.2.1 | -0600 GMT | LEVEL3 Level 3 Communications
For instructions on how to submit BULK queries via netcat, simply issue the following command:
$ whois -h whois.cymru.com help
We hope you find this tool useful. Stay tuned for more features!
If you have any comments or suggestions as to how we might improve this service, feel free to let us know!
Thanks, Rob, for Team Cymru. -- Rob Thomas http://www.cymru.com ASSERT(coffee != empty);