BGP ranking is a free software to calculate the security ranking of Internet Service Provider (ASN).
Python Shell Perl
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
archive Update exporter Sep 2, 2016
bin
db_migrate use pipeline to migrate faster Apr 30, 2013
doc Add User-Agent while fetching lists, cleanup. Jun 10, 2013
etc Update sources Apr 14, 2016
lib Update sources Apr 14, 2016
logs Big update of the DB populating modules. Oct 10, 2012
scripts Allow to have two different redis server for storage Apr 13, 2016
thirdparty move thirdparty components to their new home Apr 29, 2013
var Add required dirs Apr 14, 2016
.gitignore move thirdparty components to their new home Apr 29, 2013
AUTHORS
CHANGELOG Fix typos Feb 10, 2016
FAQ Fix typos Feb 10, 2016
INSTALL Update install Aug 5, 2016
LICENSE update license Dec 9, 2014
README.md Add documentation on data in redis Apr 15, 2016
TODO Fix typos Feb 10, 2016
TODO_v2 Big update of the DB populating modules. Oct 10, 2012

README.md

BGP AS / ISP Security Ranking

For an Internet Service Provider, AS numbers are a logical representation of the other ISP peering or communicating with his autonomous system. ISP customers are using the capacity of the Internet Service Provider to reach Internet services over other AS. Some of those communications can be malicious (e.g. due to malware activities on an end-user equipments) and hosted at specific AS location.

In order to provide an improved security view on those AS numbers, a trust ranking scheme will be implemented based on existing dataset of compromised systems, malware C&C IP and existing datasets of the ISPs.

The official website of the project is: https://github.com/CIRCL/bgp-ranking/

There is a public BGP Ranking at http://bgpranking.circl.lu/

BGP Ranking is free software licensed under the GNU Affero General Public License

BGP Ranking is a software to rank AS numbers based on malicious activities.

Data access

Database 5 (contains all raw data):

    <YYYY-MM-DD>|sources -> set(sources)
    <YYYY-MM-DD>|<source>|asns -> set(asns)
    <YYYY-MM-DD>|<source>|asn_details -> set(<asn>|<ipblock>)
    <asn>|<ipblock>|<YYYY-MM-DD>|<source> -> set(<ip>|<datetime_isoformat>)

    <asn> -> set(ipblock) # The bloc can be ipv4 or ipv6
                          # WARNING: some of the entries are timestamp, this is
                          # a bug in old data and should be discarded
    <asn>|<ipblock> -> hash(<datetime_isoformat>: <verbose_description_from_riswhois>)

Database 6 (contains rankings):

    <YYYY-MM-DD>|amount_asns -> value(nb_asns_day) # from all the ASNs known by RIPE for a day
    <asn>|<YYYY-MM-DD>|<source>|rankv4 -> value(rank)
    <asn>|<YYYY-MM-DD>|<source>|rankv4|details -> zset((<ipblock>, <computed rank>) )
                            # WARNING: some of the entries are timestamp, this is
                            # a bug in old data and should be discarded
    <asn>|<YYYY-MM-DD>|<source>|rankv6 -> value(rank) # Not used
    <asn>|<YYYY-MM-DD>|<source>|rankv6|details -> zset((<ipblock>, <computed rank>) ) # Not used
                            # WARNING: some of the entries are timestamp, this is
                            # a bug in old data and should be discarded

    <asn>|<YYYY-MM-DD>|clean_set