networked day to day technical issues

23Mar/110

How to find out all of the ip addresses of an Europe based ISP

You may want to block ip traffic from a particular Internet Services Provider due to different reasons , like for example a lot of crawlers and spammers are hosted there.
For Europe based providers this can be done querying RIPE NCC database : "The RIPE Database contains registration information for networks in the the RIPE NCC service region and related contact details" . This is something which can't be avoided and the data there is genuine.

To query either use the web interface or better the whois Linux/*nix command line client. For this you need to already know the AS (Autonomous System) number for that provider and this can be easily established if you know an ip address from that particular provider

$ whois -- yyy.yyy.yyy.yyy | grep '^origin:' | awk {'print $2'}
ASxxxx
$ whois -h whois.ripe.net -- -i or ASxxxx | grep '^route:'| awk {'print $2'}
11Mar/111

Linux: realtime traffic monitoring and path determination

There are situations when one needs to give the answer to questions like:

- a) - what application/process is listening for inbound connections
- b) - what application/process is causing network traffic
- c) - what hosts are right now doing network traffic with our server
- d) - current rate of traffic going through the network interfaces
- e) - how much traffic is causing each workstation/server directly connected to the Linux server
- f) - which path is an outgoing packet going to take when you have multiple network cards and several routes (and more than one routing tables)