[nsp-sec] search by asn

Thu Mar 28 14:31:40 EDT 2013

I wrote a short python class that you can use to pull the csv version
and convert the timestamp to your localtime in whatever strftime format
is to your liking, etc. I'm assuming the timestamp provided is UTC. That
is also configuratble.

It returns an interable object that returns lists so you can do whatever
you want with the data afterwards (the 'print row' line). The script I
provide here includes a wrapper, you just need to add your ASNs to the
'asns' list variable and you can run this as a cronjob. Enjoy.

On 3/28/2013 9:02 AM, Gabriel Iovino wrote:
> ----------- nsp-security Confidential --------
> 
> On 3/27/2013 7:23 PM, David Freedman wrote:
>> It would be useful to be able to distinguish between "complete
>> recursion" and "just referral" in the results, when confronted with
>> a large list I can imagine I would want to prioritise and go for
>> the more urgent cases first.
> 
> +1, if we get to request features :)
> 
> Gabe
> 
> 
> 
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
> 
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security counter-measures.
> _______________________________________________
> 

-- 
Warren Raquel
Sr. IT Security Analyst
CITES Security
University of Illinois Urbana-Champaign
-------------- next part --------------
#!/usr/bin/python

import csv, urllib, datetime, pytz

class orp(object):
    def __init__(self):
        self.src_tz = pytz.utc
        self.local_tz = pytz.timezone('America/Indianapolis')
        self.strftime = "%Y%m%d%H%M%S%z"
        self.url = """http://openresolverproject.org/searchby-asn.cgi?search_asn=%s&csv=1"""

    def set(self, stz=None, ltz=None, fmt=None):
        if stz:
            self.src_tz = stz
        if ltz:
            self.local_tz = ltz
        if fmt:
            self.strftime = fmt

    def get(self, asn):
        _url = self.url % asn
        for row in csv.reader(urllib.urlopen(_url)):
            ts = row[2]
            row[2] = self.local_tz.normalize(self.src_tz.localize(datetime.datetime.fromtimestamp(float(ts)))).strftime(self.strftime)
            yield row

if __name__ == """__main__""":
    resolvers = orp()
    resolvers.set(fmt="%Y/%m/%d %H:%M:%S (%z)",ltz=pytz.timezone("America/Chicago"))
    asns = []
    for asn in asns:
        for row in resolvers.get(asn):
            print row