• Home
  • History
  • Annotate
Name Date Size #Lines LOC

..03-May-2022-

examples/H01-Jul-2018-9869

lib/Net/Abuse/H03-May-2022-2,3652,049

t/H01-Jul-2018-10580

ChangesH A D01-Jul-20184.5 KiB132102

LICENSEH A D01-Jul-201817.9 KiB380292

MANIFESTH A D01-Jul-2018320 1918

META.jsonH A D01-Jul-20181.8 KiB7371

META.ymlH A D01-Jul-20181.1 KiB4342

Makefile.PLH A D01-Jul-20181.1 KiB5039

READMEH A D01-Jul-20184.9 KiB189112

cpanfileH A D01-Jul-2018131 65

dist.iniH A D01-Jul-2018225 1410

README

1NAME
2
3    Net::Abuse::Utils - Routines useful for processing network abuse
4
5VERSION
6
7    version 0.27
8
9SYNOPSIS
10
11        use Net::Abuse::Utils qw( :all );
12        print "IP Whois Contacts: ", join( ' ', get_ipwi_contacts($ip) ), "\n";
13        print "Abuse.net Contacts: ", get_abusenet_contact($domain), "\n";
14
15DESCRIPTION
16
17    Net::Abuse::Utils provides serveral functions useful for determining
18    information about an IP address including contact/reporting addresses,
19    ASN/network info, reverse dns, and DNSBL listing status. Functions
20    which take an IP accept either IPv6 or IPv4 IPs unless indicated
21    otherwise.
22
23CONFIGURATION
24
25    There is a @RESOLVERS package variable you can use to specify name
26    servers different than the systems nameservers for queries from this
27    module. If you intend to use Google's nameservers here, please see This
28    issue on GitHub for a note of caution
29    <https://github.com/mikegrb/Net-Abuse-Utils/issues/9#issuecomment-24387435>.
30
31FUNCTIONS
32
33    The following functions are exportable from this module. You may import
34    all of them into your namespace with the :all tag.
35
36 get_asn_info ( IP )
37
38    Returns a list containing (ASN, Network/Mask, CC code, RIR, modified
39    date) for the network announcing IP.
40
41 get_all_asn_info ( IP )
42
43    Returns a reference to a list of listrefs containting ASN(s),
44    Network,Mask, CC code, RIR, and modified date fall all networks
45    announcing IP.
46
47 get_peer_info ( IP )
48
49    IPv4 Only. Returns an array of hash references containing (ASN,
50    Network/Mask, CC code, RIR, modified date) for the peers of the network
51    announcing IP.
52
53 get_as_description ( ASN )
54
55    Returns the AS description for ASN.
56
57 get_as_company ( ASN )
58
59    Similiar to "get_as_description" but attempts to clean it up some
60    before returning it.
61
62 get_soa_contact( IP )
63
64    Returns the SOA contact email address for the reverse DNS /24 zone
65    containing IP.
66
67 get_ipwi_contacts( IP )
68
69    Returns a list of all email addresses found in whois information for IP
70    with duplicates removed.
71
72 get_rdns( IP )
73
74    Returns the reverse PTR for IP.
75
76 get_dnsbl_listing( IP, DNSBL zone )
77
78    IPv4 Only. Returns the listing text for IP for the designated DNSBL.
79    DNSBL zone should be the zone used for looking up addresses in the
80    blocking list.
81
82 get_ip_country( IP )
83
84    Returns the 2 letter country code for IP.
85
86 get_asn_country( ASN )
87
88    Returns the 2 letter country code for ASN.
89
90 get_abusenet_contact ( domain )
91
92    Returns the abuse.net listed contact email addresses for domain.
93
94 is_ip ( IP )
95
96    Returns true if IP looks like an IP, false otherwise.
97
98 get_domain ( IP )
99
100    Takes a hostname and attempts to return the domain name.
101
102 get_malware ( md5 )
103
104    Takes a malware md5 hash and tests it against
105    http://www.team-cymru.org/Services/MHR. Returns a HASHREF of last_seen
106    and detection_rate.
107
108DIAGNOSTICS
109
110    Each subroutine will return undef if unsuccessful. In the future,
111    debugging output will be available.
112
113CONFIGURATION AND ENVIRONMENT
114
115    There are two commented out lines that can be uncommented to enable
116    Memoize support. I haven't yet decided whether to include this option
117    by default. It may be made available in the future via an import flag
118    to use.
119
120DEPENDENCIES
121
122    This module makes use of the following modules:
123
124    Net::IP, Net::DNS, Net::Whois::IP, and Email::Address::XS
125
126BUGS AND LIMITATIONS
127
128    There are no known bugs in this module. Please report problems to
129    Michael Greb (mgreb@linode.com)
130
131    Patches are welcome.
132
133ACKNOWLEDGEMENTS
134
135    This module was inspired by Karsten M. Self's SpamTools shell scripts,
136    available at http://linuxmafia.com/~karsten/.
137
138    Thanks as well to my employer, Linode.com, for allowing me the time to
139    work on this module.
140
141    Rik Rose, Jon Honeycutt, Brandon Hale, TJ Fontaine, A. Pagaltzis, and
142    Heidi Greb all provided invaluable input during the development of this
143    module.
144
145SEE ALSO
146
147    For a detailed usage example, please see examples/ip-info.pl included
148    in this module's distribution.
149
150AUTHORS
151
152      * mikegrb <michael@thegrebs.com>
153
154      * Wes Young <github@barely3am.com>
155
156COPYRIGHT AND LICENSE
157
158    This software is copyright (c) 2013 by Mike Greb.
159
160    This is free software; you can redistribute it and/or modify it under
161    the same terms as the Perl 5 programming language system itself.
162
163AUTHORS
164
165      * mikegrb <michael@thegrebs.com>
166
167      * Wes Young <github@barely3am.com>
168
169COPYRIGHT AND LICENSE
170
171    This software is copyright (c) 2013-2018 by Michael Greb
172
173    This is free software; you can redistribute it and/or modify it under
174    the same terms as the Perl 5 programming language system itself.
175
176AUTHORS
177
178      * mikegrb <michael@thegrebs.com>
179
180      * Wes Young <github@barely3am.com>
181
182COPYRIGHT AND LICENSE
183
184    This software is copyright (c) 2013 by =over 4.
185
186    This is free software; you can redistribute it and/or modify it under
187    the same terms as the Perl 5 programming language system itself.
188
189