Feature request: Using IPinfo IP to ASN database

[abdullahdevrel]

/kind enhancement

What would you like to be added?

For feature request please pick a kind label by removing <!-- --> that wrap the example lines below

/kind enhancement Feature is available but this extends or adds extra functionality

I am requesting to add support for IPinfo's IP to ASN database to the project. The database has the following features:

• It is updated daily, with zero compromise to accuracy. There is no range clustering, and the database provides full accuracy.
• The data granularity reaches individual IP level.
• The database comes in MMDB database format.
• It is licensed under CC-BY-SA 4.0, permitting commercial usage.
• Available file formats include: CSV, MMDB, JSON
• The data is tabular and unnested, making it very easy to use. The dataset includes both IPv4 and IPv6 in a single file.

Database schema

Field Name	Example	Data Type	Description
start_ip	1.0.16.0	TEXT	Starting IP address of an IP address range
end_ip	1.0.31.255	TEXT	Ending IP address of an IP address range
asn	AS2519	TEXT	Autonomous System Number
as_name	ARTERIA Networks Corporation	TEXT	Name of the AS (Autonomous System) organization
as_domain	arteria-net.com	TEXT	Official domain or website of the AS organization

Documentation: https://ipinfo.io/developers/ip-to-asn-database

The database can be downloaded simply by accessing the storage URI with an access token.

curl -L https://ipinfo.io/data/free/asn.mmdb?token=<YOUR_TOKEN> -o asn.mmdb

Let me know what you think. Thanks!

Why is this needed?

• The project currently uses the Geolite2-ASN database, which is not as precise or updated daily.
• The IPinfo IP to ASN database combines BGP (peering data) and WHOIS records to produce the most accurate ASN database out there.
• Because of the Storage URI-based download mechanism, downloading the database is super easy.
• This free database is licensed under CC-BY-SA 4.0 with an EULA (End User License Agreement) that enables distribution and packaging of the database by just providing an attribution to the repo README.
• The IP to Country ASN (free) database combines country-level location and ASN information into a single database.

[github-actions[bot]]

@abdullahdevrel: Thanks for opening an issue, it is currently awaiting triage.

In the meantime, you can:

1. Check Crowdsec Documentation to see if your issue can be self resolved.
2. You can also join our Discord.
3. Check Releases to make sure your agent is on the latest version.

Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.

[github-actions[bot]]

@abdullahdevrel: There are no 'kind' label on this issue. You need a 'kind' label to start the triage process.

• /kind feature
• /kind enhancement
• /kind refactoring
• /kind bug
• /kind packaging

Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.

[LaurenceJJones]

Hey 👋🏻

Thank you for opening a feature request, as it currently stands the Geolite2 stuff is pretty much hardcoded into the CrowdSec binary so does not leave room for us to have this flexibility to swap out to another provider. We will keep this in mind if we revisit this part of the CrowdSec.

If anyone is reading this and would like to see this investigate by the team leave a 👍🏻 above.

[abdullahdevrel]

Hey @LaurenceJJones I hope you are doing well. It makes total sense. If anyone from Crowdsec is interested in using our data, they will surely be blown away by the accuracy and developer friendliness of our entire product and team. If you need any help with the integration, please ping us.