BGPv4 Interrogation

BGPv4 is the glue that holds the modern Internet together. Want to know which networks belong to a given organization or even a country? How about finding which countries and organizations are interconnected, and what kinds of routing policies govern these connections? Need to know where the routes you advertise spread on the Internet and who filters them, or find out through which organizations and locations the traffic flows? Ask BGP.

• http://pwhois.org/lft/
• http://www.radb.net/mirrorlist.html
• http://www.traceroute.org/#source%20code
• http://www.ris.ripe.net/cgi-bin/lg/index.cgi
• http://www.caida.org/tools/utilities/
• http://www.netconfigs.com/tools/whois.htm
• http://www.fixedorbit.com/search.htm
• http://www.cymru.com/gillsr/tools.html
• http://www.bgp4.as/looking-glasses/

Of course, you don't have to use the web interface to query these servers a traditional command line whois can be used just as well, while having an advantage of a scriptable output. For example, to query a RIPE whois from the command line, use this command:

whois -h riswhois.ripe.net "IPv4 or IPv6 IP or IP range with a /prefix"

Or you can use similar commands. Team Cymru provides a public whois server at http://www.cymru.com/BGP/whois.html, with the specific aim of mapping IPs to AS numbers, bulk mappings included.

This server's database is based on information collected from 17 BGP peers and is updated every 30 minutes. The instructions on using the Team Cymru whois server are show here:

~# whois -h whois.cymru.com help


[*] Hacking Exposed Cisco


biOos