RE: IP Range

From: Dario N. Ciccarone (dciccaroat_private)
Date: Sat Aug 31 2002 - 00:37:07 PDT

Next message: Susan Olson: "Web Cash Manager Pen-test"

Previous message: Matthew Leeds: "Re: IP Range"
In reply to: Jason: "Re: IP Range"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

would work if the organization is using BGP and advertising those blocks to
the global Internet. IF the SP is lending them addresses from their own
address space, that is not going to work (SPs advertise the whole block and
then usually use a couple of static routes on the CPE they have installed on
the customer premise). but each and every SP has to declare on an rwhois
server what range it has assigned to each of its customers. so, find the
name of their SP(s) and query their rwhois server.



> -----Original Message-----
> From: Jason [mailto:securityat_private]
> Sent: Friday, August 30, 2002 11:41 AM
> To: John Madden; pen-testat_private
> Subject: Re: IP Range
>
>
> One way is you could get the ASN then use some human cycles.
>
> use any of the many public route servers available.
>
> on a cisco you could try
>
> sho ip bgp [dest netblock] <== the last ASN is the target below
> sho ip bgp regexp [ASN] <== should show all routes services by that ASN.
>
> and use contact correlation in arin/ripe/apnic whois for netblocks...
>
>
> John Madden wrote:
> > Hello,
> >
> > Where just about to begin a pentest engagement and the
> > client wants us to know if we can find out how many IP
> > blocks they have. Is there a way to find out all the
> > IP blocks of a company ? You've got the usual e-mail
> > domain name to find at least one but what if they have
> > 2,3 + IP blocks ?
> >
> > Any ideas ?
> >
> > thanks
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Yahoo! Finance - Get real-time stock quotes
> > http://finance.yahoo.com
> >
> >
> ------------------------------------------------------------------
> ----------
> > This list is provided by the SecurityFocus Security
> Intelligence Alert (SIA)
> > Service. For more information on SecurityFocus' SIA service which
> > automatically alerts you to the latest security vulnerabilities
> please see:
> > https://alerts.securityfocus.com/
> >
>
>
>
> ------------------------------------------------------------------
> ----------
> This list is provided by the SecurityFocus Security Intelligence
> Alert (SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities
> please see:
> https://alerts.securityfocus.com/
>
>


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Next message: Susan Olson: "Web Cash Manager Pen-test"
Previous message: Matthew Leeds: "Re: IP Range"
In reply to: Jason: "Re: IP Range"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Sep 02 2002 - 08:43:10 PDT