Skip to content

Instantly share code, notes, and snippets.

View sdstrowes's full-sized avatar

Stephen Strowes sdstrowes

23 followers · 2 following
View GitHub Profile
@sdstrowes
sdstrowes / atlas-dns-stream.py
Last active May 17, 2019 17:31
from ripe.atlas.cousteau import AtlasStream
import dns.message
import base64
import json
import sys
def decode_qbuf_abuf(result):
if "qbuf" in result:
try:
dnsmsg = dns.message.from_wire(base64.b64decode(result["qbuf"]))
@sdstrowes
sdstrowes / streaming.py
Created December 10, 2018 15:24
from ripe.atlas.cousteau import AtlasStream
import json
import sys
def on_result_response(*args):
print json.dumps(args[0], indent=2)
def main():
atlas_stream = AtlasStream()
atlas_stream.connect()
@sdstrowes
sdstrowes / australia
Last active December 7, 2018 11:26
sds@vultr:~$ curl 'http://mirror.optus.net/ubuntu-releases/18.10/ubuntu-18.10-live-server-amd64.iso' > /dev/null
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 881M 100 881M 0 0 73.5M 0 0:00:11 0:00:11 --:--:-- 80.1M
sds@vultr:~$ for i in {1..5}; do curl 'https://cdn.ripe.net/static/rnd-ui/openipmap/cdn-test/data/world-geo15_ne50m.topo.json' > /dev/null ; done
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
@sdstrowes
sdstrowes / ipmap-current.json
Created December 5, 2018 09:47
[
{
"params": {
"shouldReportCorbBlocking": false,
"timestamp": 1765.326678,
"encodedDataLength": 0,
"requestId": "5010B9A86302DD7DA82149AC3FB1EBB6"
},
"method": "Network.loadingFinished"
},
@sdstrowes
sdstrowes / ipmap-cdn.json
Created December 5, 2018 09:47
[
{
"params": {
"shouldReportCorbBlocking": false,
"timestamp": 1809.824973,
"encodedDataLength": 0,
"requestId": "3E115D8C68EECB451FDB8E539FFFCEA6"
},
"method": "Network.loadingFinished"
},
@sdstrowes
sdstrowes / http-cdn.ripe.net_static_rnd-ui_openipmap_cdn-test
Created December 4, 2018 15:29
[id:144045A30BB24160217EC2E82596B6CB] http://cdn.ripe.net/static/rnd-ui/openipmap/cdn-test/
start: 0.0
dns: +1.371000
connect: +0.805000
(no SSL)
request:+0.038000
end: req:0.000547000000097, dat:0.635695
[id:1000008521.2] https://cdn.ripe.net/static/common/fonts/open-sans.css
start: 0.0
@sdstrowes
sdstrowes / stream_probe.py
Created October 16, 2018 11:54
from ripe.atlas.cousteau import AtlasStream
import json
def on_result_response(*args):
print json.dumps(args[0], indent=2)
atlas_stream = AtlasStream()
atlas_stream.connect()
channel = "atlas_result"
@sdstrowes
sdstrowes / foo.md
Created August 28, 2018 20:38

tl;dr:

  • mostly, hosts ignore the mss sent
  • most of the interesting behaviour comes from the extremes: mss=1 and mss=1440
  • setting mss=(an atypical value, say 1275 or 1411) ought to spot hosts that simply reflect MSS values
  • setting mss=1024 apparently will spot a bunch of (Microsoft?) hosts returning MSS=956
  • passively, mss=1220, 1360, 1410 may help identify CDN/non-CDN nodes inside yahoo/edgecast, google, facebook respectively

Longer version: captured SYN+ACK+MSS values:

Variation is less than I initially thought; just enough for me to notice

@sdstrowes
sdstrowes / gist:0f78cbcbb5737761f8391401caf0b868
Created July 26, 2018 08:41
$ curl -s 'https://atlas.ripe.net/api/v2/measurements/15393453/results/?format=json' | jq '.'
[
{
"from": "2a02:a210:20c3:91f1:6666:b3ff:feb0:f004",
"fw": 4940,
"group_id": 15393453,
"lts": 21,
"msm_id": 15393453,
"msm_name": "HTTPGet",
"prb_id": 14277,
@sdstrowes
sdstrowes / test.py
Created June 8, 2018 11:38
import json
import requests
import sys
base_req = "https://atlas.ripe.net/api/v2/measurements/?is_public=true&fields=id&page_size=20000&format=json&type=ping"
outfile = open("output.json", "w")
next_url = base_req
while next_url is not None: