Build Status Project Status: Active - The project has reached a stable, usable state and is being actively developed. CRAN_Status_Badge downloads

img

img

Query ‘Team Cymru’ ‘IP’ Address, Autonomous System Number (‘ASN’), Border Gateway Protocol (‘BGP’), Bogon and ‘Malware’ Hash Data Services

Description

cymruservices is an R package that provides interfaces to various Team Cymru Services including:

The following functions are implemented:

  • bulk_origin: Retrieves BGP Origin ASN info for a list of IPv4 addresses
  • bulk_origin_asn: Retrieves BGP Origin ASN info for a list of ASN ids
  • bulk_peer: Retrieves BGP Peer ASN info for a list of IPv4 addresses
  • ipv4_bogons: Retrieve list of IPv4 “full bogons” from Team Cymru webservice
  • ipv6_bogons: Retrieve list of IPv6 “full bogons” from Team Cymru webservice
  • malware_hash: Retrieves malware hash metadata from the Malware Hash Registry
  • flush: flush one or more API caches

Installation

devtools::install_github("hrbrmstr/cymruservices")
# OR
install.packages("cymruservices")

Usage

library(cymruservices)
#> 
#> Attaching package: 'cymruservices'
#> The following object is masked from 'package:base':
#> 
#>     flush

# current verison
packageVersion("cymruservices")
#> [1] '0.5.0'

Test Results

library(cymruservices)
library(testthat)

date()
#> [1] "Mon Feb 25 09:04:23 2019"

# only using `force=TRUE` to ensure output for the example
# see the help for each function to see why this is a bad
# idea to run force all the time
head(ipv4_bogons(force=TRUE))
#> [1] "0.0.0.0/8"     "2.56.0.0/14"   "5.180.0.0/14"  "10.0.0.0/8"    "31.22.12.0/22" "41.62.0.0/16"

head(ipv6_bogons(force=TRUE))
#> [1] "::/8"     "100::/8"  "200::/7"  "400::/6"  "800::/5"  "1000::/4"

bulk_origin(c("68.22.187.5", "207.229.165.18", "198.6.1.65"))
#>      as             ip       bgp_prefix cc registry  allocated
#> 1 23028    68.22.187.5   68.22.187.0/24 US     arin 2002-03-15
#> 2  6079 207.229.165.18 207.229.128.0/18 US     arin 1996-11-01
#> 3   701     198.6.1.65     198.6.0.0/16 US     arin 1992-11-10
#>                                                                as_name
#> 1                                     TEAM-CYMRU - Team Cymru Inc., US
#> 2                                                     RCN-AS - RCN, US
#> 3 UUNET - MCI Communications Services, Inc. d/b/a Verizon Business, US

bulk_peer(c("68.22.187.5", "207.229.165.18", "198.6.1.65"))
#>    peer_as             ip       bgp_prefix cc registry  allocated                                        peer_as_name
#> 1    23352    68.22.187.5   68.22.187.0/24 US     arin 2002-03-15          SERVERCENTRAL - Server Central Network, US
#> 2     1299 207.229.165.18 207.229.128.0/18 US     arin 1996-11-01                          TELIANET Telia Carrier, SE
#> 3     2381 207.229.165.18 207.229.128.0/18 US     arin 1996-11-01                           WISCNET1-AS - WiscNet, US
#> 4     2603 207.229.165.18 207.229.128.0/18 US     arin 1996-11-01                                        NORDUNET, NO
#> 5     3257 207.229.165.18 207.229.128.0/18 US     arin 1996-11-01                                GTT-BACKBONE GTT, DE
#> 6     3356 207.229.165.18 207.229.128.0/18 US     arin 1996-11-01                    LEVEL3 - Level 3 Parent, LLC, US
#> 7    33891 207.229.165.18 207.229.128.0/18 US     arin 1996-11-01 CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE
#> 8      174     198.6.1.65     198.6.0.0/16 US     arin 1992-11-10              COGENT-174 - Cogent Communications, US
#> 9     1239     198.6.1.65     198.6.0.0/16 US     arin 1992-11-10                             SPRINTLINK - Sprint, US
#> 10    1273     198.6.1.65     198.6.0.0/16 US     arin 1992-11-10                           CW Vodafone Group PLC, GB
#> 11    1299     198.6.1.65     198.6.0.0/16 US     arin 1992-11-10                          TELIANET Telia Carrier, SE
#> 12    2914     198.6.1.65     198.6.0.0/16 US     arin 1992-11-10     NTT-COMMUNICATIONS-2914 - NTT America, Inc., US
#> 13    3257     198.6.1.65     198.6.0.0/16 US     arin 1992-11-10                                GTT-BACKBONE GTT, DE
#> 14    3356     198.6.1.65     198.6.0.0/16 US     arin 1992-11-10                    LEVEL3 - Level 3 Parent, LLC, US

bulk_origin_asn(c(22822, 1273, 2381, 2603, 2914, 3257, 3356, 11164,
                  174, 286, 1299, 2914, 3257, 3356, 3549, 22822))
#>       as cc registry  allocated                                         as_name
#> 1  22822 US     arin 2001-11-28             LLNW - Limelight Networks, Inc., US
#> 2   1273 EU  ripencc 1993-09-01                       CW Vodafone Group PLC, GB
#> 3   2381 US     arin 1993-02-03                       WISCNET1-AS - WiscNet, US
#> 4   2603 NO  ripencc 1993-09-30                                    NORDUNET, NO
#> 5   2914 US     arin 1998-12-07 NTT-COMMUNICATIONS-2914 - NTT America, Inc., US
#> 6   3257 DE  ripencc 1994-09-30                            GTT-BACKBONE GTT, DE
#> 7   3356 US     arin 2000-03-10                LEVEL3 - Level 3 Parent, LLC, US
#> 8  11164 US     arin 2014-07-11       INTERNET2-TRANSITRAIL-CPS - Internet2, US
#> 9    174 US     arin 1996-05-16          COGENT-174 - Cogent Communications, US
#> 10   286 NL  ripencc 1993-09-01                                         KPN, NL
#> 11  1299 EU  ripencc 1993-09-01                      TELIANET Telia Carrier, SE
#> 12  2914 US     arin 1998-12-07 NTT-COMMUNICATIONS-2914 - NTT America, Inc., US
#> 13  3257 DE  ripencc 1994-09-30                            GTT-BACKBONE GTT, DE
#> 14  3356 US     arin 2000-03-10                LEVEL3 - Level 3 Parent, LLC, US
#> 15  3549 US     arin 2000-03-21             LVLT-3549 - Level 3 Parent, LLC, US
#> 16 22822 US     arin 2001-11-28             LLNW - Limelight Networks, Inc., US

malware_hash(c("1250ac278944a0737707cf40a0fbecd4b5a17c9d",
              "7697561ccbbdd1661c25c86762117613",
              "cbed16069043a0bf3c92fff9a99cccdc",
              "e6dc4f4d5061299bc5e76f5cd8d16610",
              "e1112134b6dcc8bed54e0e34d8ac272795e73d74"))
#>                                   sha1_md5 last_known_timestamp detection_pct
#> 1 1250ac278944a0737707cf40a0fbecd4b5a17c9d  2019-02-25 14:04:24            NA
#> 2         7697561ccbbdd1661c25c86762117613  2019-02-25 14:04:24            NA
#> 3         cbed16069043a0bf3c92fff9a99cccdc  2018-11-26 05:45:33          0.64
#> 4         e6dc4f4d5061299bc5e76f5cd8d16610  2019-02-25 14:04:24            NA
#> 5 e1112134b6dcc8bed54e0e34d8ac272795e73d74  2019-02-25 14:04:24            NA

test_dir("tests/")
#> ✔ | OK F W S | Context
#> ══ testthat results  ═══════════════════════════════════════════════════════════════════════════════════════════════════
#> OK: 6 SKIPPED: 0 FAILED: 0
#> 
#> ══ Results ═════════════════════════════════════════════════════════════════════════════════════════════════════════════
#> Duration: 0.4 s
#> 
#> OK:       0
#> Failed:   0
#> Warnings: 0
#> Skipped:  0

Code of Conduct

Please note that this project is released with a Contributor Code of Conduct. By participating in this project you agree to abide by its terms.