ASN/IPv4/IPv6/Prefix/ASPath/Organization lookup tool
Forked from nitefood/asn and modified for Asuswrt-Merlin firmware
The script will perform an AS path trace (using mtr in raw mode and retrieving AS data from the results) for single IPs or DNS results, optionally reporting detailed data for each hop, such as organization/network name, geographic location, etc.
It is also possible to search by organization name in order to retrieve a list of IPv4/6 network ranges related to a given company. A multiple choice menu will be presented if more than one organization matches the search query.
Screenshots for every lookup option are below.
The script uses the Team Cymru and the Prefix WhoIs Project services for data.
- Asuswrt-Merlin firmware
- USB with entware installed. Entware can be installed using amtm
- The entware packages bash, bind-host, mtr and whois will be installed.
- IPv4 lookup
- IPv6 lookup
- Autonomous system number lookup
- Hostname lookup
- ASPath trace to github.com
- Detailed ASPath trace to www.github.com
- Organization search for "github"
Copy and paste the command below into an SSH session:
sh -c "$(curl -sL https://raw.githubusercontent.com/Xentrk/asn/master/Install_asn.sh)"
You can then run the script by typing asn.
Copy and paste the command below into an SSH session:
rm /opt/bin/asn
asn <ASnumber>
-- lookup matching ASN data. Supports "as123" and "123" formats (case insensitive)asn [-n|-d] <IPv4/IPv6>
-- lookup matching route(4/6) and ASN dataasn [-n|-d] <host.name.tld>
-- lookup matching IP(v4/v6), route and ASN data (supports multiple IPs - e.g. DNS RR)asn <Prefix>
-- lookup matching ASN data for the given prefix in CIDR format e.g. 8.20.0.0/23asn <Organization Name>
-- search by company name and lookup network ranges exported by (or related to) the company
Detailed hop info reporting can be turned on by passing the [-d|--detailed]
command line switch. This will enable querying the public pWhois server for every hop in the mtr trace, and its output will be displayed as a "tree" below the hop data, in addition to Team Cymru's server output (which only reports the AS name that the organization originating the prefix gave to its autonomous system number). This can be useful to figure out more details regarding the organization's name, the prefix' intended designation, and even (to a certain extent) its geographical scope.
The script will attempt a generic whois
lookup during traces when Team Cymru and pWhois have no info about the IP address or prefix. This usually happens for IXP and PNI prefixes, and will give better insight into the path taken by packets.
Geolocation and organization data is taken from pWhois.
AS path tracing is enabled by default for all lookups. In case of multiple IP results, the script will trace the first IP. Tracing can be disabled by passing the [-n|--notrace]
command line switch.
The original ASN Lookup Tool was featured in the Security Trails blog post "ASN Lookup Tools, Strategies and Techniques". Thank you Esteban!
Any feedback or pull request to improve the code is welcome. Feel free to contribute!