Merge pull request #1456 from p-l-/ncsc-scanners

Active: tag scanners from UK NCSC
ivre · Nov 5, 2022 · ea5b945 · ea5b945
2 parents dd8962a + 20e8185
commit ea5b945
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 0 deletions.
diff --git a/ivre/active/data.py b/ivre/active/data.py
@@ -438,6 +438,17 @@ def _get_data() -> None:
             LOGGER.warning(
                 "Cannot find file [ssigouvfr_scanners.txt]. Try running `ivre getwebdata`"
             )
+        try:
+            with open(
+                os.path.join(DATA_PATH, "ukncsc_scanners.txt"), encoding="utf8"
+            ) as fdesc:
+                ranges.extend(
+                    (addr, addr, "UK-NCSC") for addr in (line.strip() for line in fdesc)
+                )
+        except FileNotFoundError:
+            LOGGER.warning(
+                "Cannot find file [ukncsc_scanners.txt]. Try running `ivre getwebdata`"
+            )
         try:
             with open(
                 os.path.join(DATA_PATH, "censys_scanners.txt"), encoding="utf8"

diff --git a/ivre/tools/getwebdata.py b/ivre/tools/getwebdata.py
@@ -28,6 +28,9 @@
   - Scanners operated by the French ANSSI, from
     <https://cert.ssi.gouv.fr/scans/>
 
+  - Scanners operated by the UK NCSC, from
+    <https://www.ncsc.gov.uk/information/ncsc-scanning-information>
+
   - Scanners operated by the Censys, from
     <https://support.censys.io/hc/en-us/articles/360043177092-from-faq>
 
@@ -39,6 +42,7 @@
 import json
 import os
 import re
+import socket
 from typing import BinaryIO, Callable, Generator, List, Tuple, cast
 
 from ivre import config
@@ -81,6 +85,10 @@ def censys_net_extractor(fdesc: BinaryIO) -> Generator[str, None, None]:
                 yield f"{addr}{mask}"
 
 
+def dns_get_names(name: str) -> List[str]:
+    return sorted(set(ans[4][0] for ans in socket.getaddrinfo(name, None)))
+
+
 assert config.DATA_PATH is not None
 URLS: List[Tuple[str, str, Callable[[BinaryIO, BinaryIO], None]]] = [
     (
@@ -114,3 +122,11 @@ def main() -> None:
             download_if_newer(url, fname, processor=processor)
         except Exception:
             pass
+    assert config.DATA_PATH is not None
+    with open(
+        os.path.join(config.DATA_PATH, "ukncsc_scanners.txt"), "w", encoding="utf8"
+    ) as fdesc:
+        fdesc.writelines(
+            f"{addr}\n"
+            for addr in dns_get_names("scanner.scanning.service.ncsc.gov.uk")
+        )