Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 356
  • Last Modified:

php cidr

Hi i need to get 2500 CIDR of websites. How i can do it with php ?
0
umaxim
Asked:
umaxim
  • 4
  • 3
1 Solution
 
Ray PaseurCommented:
Are you talking about the RFC?
http://rfc-ref.org/RFC-TEXTS/1518/longList.html

If so, please tell us why you need this information and show us what you have tried to use to get it, thanks.
0
 
umaximAuthor Commented:
yes
0
 
umaximAuthor Commented:
I try to use who.is to get this information because one of my client want to block all online proxy so he ask me ban it by ip i desiced to ban it by cidr.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
skullnobrainsCommented:
whois is definitely not the proper tool for various reasons
- the information it provides is never up to date
- it is very likely that thousands of sites will correspond the the same whois entry

if you have a list of websites, you probably can simply perform a DNS lookup and insert each ip of each site as a /32 in the list
if you are using a firewall, it is very likely that the firewall can accept fqdn names and perform the lookup by itself

what is your original list ?
what tool are you using to block traffic ?
0
 
umaximAuthor Commented:
i use iptables to block the original list is list of websites and their ip
0
 
skullnobrainsCommented:
then you do not need to do anything more. what are you really trying to achieve

use something like "-d www.abc.com --dport 80" to block whatever sites you need to block or if you want to use ips, in php you can use gethostbynamel(), -- the ending L is not a typo error -- to retrieve all matching ips

something like this will turn an array of sites to a list of ips

$sites=array('google.com','yahoo.fr');
$fqdns=array();
foreach($sites as $site){
  if(!$ips=gethostbynamel($site))
    die("site has no associated DNS record");
  foreach($ips as $ip)
    $fqdns[]=$ip;
}

you may add '/32' at the end of each ip if you need them in cidr notation

you cannot automagically determine what ip pool the site may use. this should be done manually, is difficult and needs to be maintained frequently

you can use the pear package net/dns for a better implementation that will notice the difference between an inexistent dns record and a dead dns server

but endly, i do not believe this is useful compared to just stick the sites in the firewall config

---

if really you want to block such sites, maybe a proxy doing a little heuristic detection can do reasonably good

some free proxies are bundled with good heuristics and sometimes up to date list of such sites
0
 
umaximAuthor Commented:
so i can block by websites too for example -d www.abc.com --dport 80 and it will block it
0
 
skullnobrainsCommented:
yes : this is the simple straightforward solution providing you have the list of sites you need to block.

the firewall should be intelligent enough not to perform dns queries too often, and intelligent enough too reperform them periodically in case the ips change.
actually i cannot confirm netfilter performs the queries when needed, but most firewalls do.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now