{"id":13005,"date":"2021-03-30T06:57:45","date_gmt":"2021-03-30T11:57:45","guid":{"rendered":"https:\/\/rud.is\/b\/?p=13005"},"modified":"2021-03-30T06:57:45","modified_gmt":"2021-03-30T11:57:45","slug":"help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch","status":"publish","type":"post","link":"https:\/\/rud.is\/b\/2021\/03\/30\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\/","title":{"rendered":"Help Your Mac Stand Between The Darkness And The Light with GreyWatch"},"content":{"rendered":"

Greynoise<\/a> helps security teams focus on potential threats by reducing the noise from logs, alerts, and SIEMs. They constantly watch for badly behaving internet hosts, keep track of the benign ones, and use this research to classify IP addresses. Teams can use these classifications to only focus on things that (potentially) matter.<\/p>\n

They also have a generous (10K calls\/day), free community API<\/a> which does not require credentialed access and returns a subset of information that the full API does. This is handy for folks who can’t afford the service or who only need to occasionally poke at IP addresses.<\/p>\n

Andrew, GN’s CEO, tweeted out a super-hacky shell one-liner, the other day, that grabs the external IPs of all the ESTABLISHED<\/code> IPv4 TCP connections and runs them through the community API via curl<\/code>. Even though I made it a bit less-hacky:<\/p>\n

sudo netstat -anp TCP \\\n  | rg ESTAB \\\n  | rg \"(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\" -o \\\n  | rg -v \"(^127\\.)|(^10\\.)|(^172\\.1[6-9]\\.)|(^172\\.2[0-9]\\.)|(^172\\.3[0-1]\\.)|(^192\\.168\\.)\" \\\n  | rg -v \"$(dig +short viz.greynoise.io @9.9.9.9 | rg '^\\d' | tr '\\n' '|' | sed -e 's\/.$\/\/g')\" \\\n  | sort -u \\\n  | while read IP; do echo $(curl --silent https:\/\/api.greynoise.io\/v3\/community\/$IP); done |\n  Rscript -e 'tibble::as_tibble(jsonlite::stream_in(file(\"stdin\"), verbose=FALSE))'\n<\/code><\/pre>\n
its still a “run-on-demand” process that you could<\/em> put in a script and launchd<\/code>, but then you’d still have to keep a terminal up or remember to watch some file. Plus, it relies on full executables.<\/p>\n
I decided to make things a bit easier for folks on macOS Big Sur by cranking out a small SwiftUI app I’ve dubbed GreyWatch<\/a>:<\/p>\n
\"\"<\/a><\/p>\n
Each list entry show an IP address your Mac previously connected to (since app launch) or currently has established TCP connections to. The three indicator dots show (in order) whether Greynoise has detected scanning behavior from the IP address within the last 30 days, whether it has a “Rule It OuT” (RIOT) classification, and what \u2014 if any \u2014 classification the IP address has. The app only shows an IP address once even it you continue to connect to it and it puts new connections on top.<\/p>\n
If an IP address has a classification, double-clicking it will open your default browser to the Greynoise visualizer<\/a>, otherwise said double-click will take you to the IPInfo<\/a> entry for the IP address.<\/p>\n
Needless to say, if your Mac is talking to a host Greynoise has classified as horribad, your other 99 problems no longer take precedence. I’ll likely add a notification action if that condition occurrs.<\/p>\n
There’s an “Export\u2026” item in the file menu that lets you save a copy of the current IP list (with metadata) to an ndlines<\/a> formatted JSON file.<\/p>\n
The app does not shell out to dig<\/code> or netstat<\/code> and has a light memory and energy footprint.<\/p>\n
There are pre-built, notarized binaries in the releases section<\/a>, and I’ll gradually be adding features (submit yours via new issues<\/a>!). You can also submit bug reports or other questions via GH issues as well.<\/p>\n
Many thanks to Andrew and team for their generous free tier, which enables semi-useful community hacks like this one!<\/p>\n","protected":false},"excerpt":{"rendered":"
Greynoise helps security teams focus on potential threats by reducing the noise from logs, alerts, and SIEMs. They constantly watch for badly behaving internet hosts, keep track of the benign ones, and use this research to classify IP addresses. Teams can use these classifications to only focus on things that (potentially) matter. They also have […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"activitypub_content_warning":"","activitypub_content_visibility":"","activitypub_max_image_attachments":3,"activitypub_interaction_policy_quote":"anyone","activitypub_status":"","footnotes":""},"categories":[681,780,64,830],"tags":[],"class_list":["post-13005","post","type-post","status-publish","format-standard","hentry","category-cybersecurity","category-macos","category-objective-c","category-swift"],"yoast_head":"\nHelp Your Mac Stand Between The Darkness And The Light with GreyWatch - rud.is<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/rud.is\/b\/2021\/03\/30\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Help Your Mac Stand Between The Darkness And The Light with GreyWatch - rud.is\" \/>\n<meta property=\"og:description\" content=\"Greynoise helps security teams focus on potential threats by reducing the noise from logs, alerts, and SIEMs. They constantly watch for badly behaving internet hosts, keep track of the benign ones, and use this research to classify IP addresses. Teams can use these classifications to only focus on things that (potentially) matter. They also have […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/rud.is\/b\/2021\/03\/30\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\/\" \/>\n<meta property=\"og:site_name\" content=\"rud.is\" \/>\n<meta property=\"article:published_time\" content=\"2021-03-30T11:57:45+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/rud.is\/b\/wp-content\/uploads\/2021\/03\/greywatch-screen-01.png\" \/>\n<meta name=\"author\" content=\"hrbrmstr\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"hrbrmstr\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/2021\\\/03\\\/30\\\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/2021\\\/03\\\/30\\\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\\\/\"},\"author\":{\"name\":\"hrbrmstr\",\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/#\\\/schema\\\/person\\\/d7cb7487ab0527447f7fda5c423ff886\"},\"headline\":\"Help Your Mac Stand Between The Darkness And The Light with GreyWatch\",\"datePublished\":\"2021-03-30T11:57:45+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/2021\\\/03\\\/30\\\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\\\/\"},\"wordCount\":462,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/#\\\/schema\\\/person\\\/d7cb7487ab0527447f7fda5c423ff886\"},\"image\":{\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/2021\\\/03\\\/30\\\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/rud.is\\\/b\\\/wp-content\\\/uploads\\\/2021\\\/03\\\/greywatch-screen-01.png\",\"articleSection\":[\"Cybersecurity\",\"macOS\",\"Objective-C\",\"Swift\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/rud.is\\\/b\\\/2021\\\/03\\\/30\\\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/2021\\\/03\\\/30\\\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\\\/\",\"url\":\"https:\\\/\\\/rud.is\\\/b\\\/2021\\\/03\\\/30\\\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\\\/\",\"name\":\"Help Your Mac Stand Between The Darkness And The Light with GreyWatch - rud.is\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/2021\\\/03\\\/30\\\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/2021\\\/03\\\/30\\\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/rud.is\\\/b\\\/wp-content\\\/uploads\\\/2021\\\/03\\\/greywatch-screen-01.png\",\"datePublished\":\"2021-03-30T11:57:45+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/2021\\\/03\\\/30\\\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/rud.is\\\/b\\\/2021\\\/03\\\/30\\\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/2021\\\/03\\\/30\\\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\\\/#primaryimage\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/rud.is\\\/b\\\/wp-content\\\/uploads\\\/2021\\\/03\\\/greywatch-screen-01.png?fit=512%2C799&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/rud.is\\\/b\\\/wp-content\\\/uploads\\\/2021\\\/03\\\/greywatch-screen-01.png?fit=512%2C799&ssl=1\",\"width\":512,\"height\":799},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/2021\\\/03\\\/30\\\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/rud.is\\\/b\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Help Your Mac Stand Between The Darkness And The Light with GreyWatch\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/#website\",\"url\":\"https:\\\/\\\/rud.is\\\/b\\\/\",\"name\":\"rud.is\",\"description\":\""In God we trust. All others must bring data"\",\"publisher\":{\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/#\\\/schema\\\/person\\\/d7cb7487ab0527447f7fda5c423ff886\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/rud.is\\\/b\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/rud.is\\\/b\\\/#\\\/schema\\\/person\\\/d7cb7487ab0527447f7fda5c423ff886\",\"name\":\"hrbrmstr\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/i0.wp.com\\\/rud.is\\\/b\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/ukr-shield.png?fit=460%2C460&ssl=1\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/rud.is\\\/b\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/ukr-shield.png?fit=460%2C460&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/rud.is\\\/b\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/ukr-shield.png?fit=460%2C460&ssl=1\",\"width\":460,\"height\":460,\"caption\":\"hrbrmstr\"},\"logo\":{\"@id\":\"https:\\\/\\\/i0.wp.com\\\/rud.is\\\/b\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/ukr-shield.png?fit=460%2C460&ssl=1\"},\"description\":\"Don't look at me\u2026I do what he does \u2014 just slower. #rstats avuncular \u2022 ?Resistance Fighter \u2022 Cook \u2022 Christian \u2022 [Master] Chef des Donn\u00e9es de S\u00e9curit\u00e9 @ @rapid7\",\"sameAs\":[\"http:\\\/\\\/rud.is\"],\"url\":\"https:\\\/\\\/rud.is\\\/b\\\/author\\\/hrbrmstr\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Help Your Mac Stand Between The Darkness And The Light with GreyWatch - rud.is","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/rud.is\/b\/2021\/03\/30\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\/","og_locale":"en_US","og_type":"article","og_title":"Help Your Mac Stand Between The Darkness And The Light with GreyWatch - rud.is","og_description":"Greynoise helps security teams focus on potential threats by reducing the noise from logs, alerts, and SIEMs. They constantly watch for badly behaving internet hosts, keep track of the benign ones, and use this research to classify IP addresses. Teams can use these classifications to only focus on things that (potentially) matter. They also have […]","og_url":"https:\/\/rud.is\/b\/2021\/03\/30\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\/","og_site_name":"rud.is","article_published_time":"2021-03-30T11:57:45+00:00","og_image":[{"url":"https:\/\/rud.is\/b\/wp-content\/uploads\/2021\/03\/greywatch-screen-01.png","type":"","width":"","height":""}],"author":"hrbrmstr","twitter_card":"summary_large_image","twitter_misc":{"Written by":"hrbrmstr","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/rud.is\/b\/2021\/03\/30\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\/#article","isPartOf":{"@id":"https:\/\/rud.is\/b\/2021\/03\/30\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\/"},"author":{"name":"hrbrmstr","@id":"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886"},"headline":"Help Your Mac Stand Between The Darkness And The Light with GreyWatch","datePublished":"2021-03-30T11:57:45+00:00","mainEntityOfPage":{"@id":"https:\/\/rud.is\/b\/2021\/03\/30\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\/"},"wordCount":462,"commentCount":0,"publisher":{"@id":"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886"},"image":{"@id":"https:\/\/rud.is\/b\/2021\/03\/30\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\/#primaryimage"},"thumbnailUrl":"https:\/\/rud.is\/b\/wp-content\/uploads\/2021\/03\/greywatch-screen-01.png","articleSection":["Cybersecurity","macOS","Objective-C","Swift"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/rud.is\/b\/2021\/03\/30\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/rud.is\/b\/2021\/03\/30\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\/","url":"https:\/\/rud.is\/b\/2021\/03\/30\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\/","name":"Help Your Mac Stand Between The Darkness And The Light with GreyWatch - rud.is","isPartOf":{"@id":"https:\/\/rud.is\/b\/#website"},"primaryImageOfPage":{"@id":"https:\/\/rud.is\/b\/2021\/03\/30\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\/#primaryimage"},"image":{"@id":"https:\/\/rud.is\/b\/2021\/03\/30\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\/#primaryimage"},"thumbnailUrl":"https:\/\/rud.is\/b\/wp-content\/uploads\/2021\/03\/greywatch-screen-01.png","datePublished":"2021-03-30T11:57:45+00:00","breadcrumb":{"@id":"https:\/\/rud.is\/b\/2021\/03\/30\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/rud.is\/b\/2021\/03\/30\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/rud.is\/b\/2021\/03\/30\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\/#primaryimage","url":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2021\/03\/greywatch-screen-01.png?fit=512%2C799&ssl=1","contentUrl":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2021\/03\/greywatch-screen-01.png?fit=512%2C799&ssl=1","width":512,"height":799},{"@type":"BreadcrumbList","@id":"https:\/\/rud.is\/b\/2021\/03\/30\/help-your-mac-stand-between-the-darkness-and-the-light-with-greywatch\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/rud.is\/b\/"},{"@type":"ListItem","position":2,"name":"Help Your Mac Stand Between The Darkness And The Light with GreyWatch"}]},{"@type":"WebSite","@id":"https:\/\/rud.is\/b\/#website","url":"https:\/\/rud.is\/b\/","name":"rud.is","description":""In God we trust. All others must bring data"","publisher":{"@id":"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/rud.is\/b\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886","name":"hrbrmstr","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1","url":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1","contentUrl":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1","width":460,"height":460,"caption":"hrbrmstr"},"logo":{"@id":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1"},"description":"Don't look at me\u2026I do what he does \u2014 just slower. #rstats avuncular \u2022 ?Resistance Fighter \u2022 Cook \u2022 Christian \u2022 [Master] Chef des Donn\u00e9es de S\u00e9curit\u00e9 @ @rapid7","sameAs":["http:\/\/rud.is"],"url":"https:\/\/rud.is\/b\/author\/hrbrmstr\/"}]}},"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p23idr-3nL","jetpack_likes_enabled":true,"jetpack-related-posts":[{"id":25048,"url":"https:\/\/rud.is\/b\/2025\/04\/27\/new-geolocus-cli-for-onyphes-geolocus-database\/","url_meta":{"origin":13005,"position":0},"title":"New geolocus-cli For ONYPHE’s Geolocus Database","author":"hrbrmstr","date":"2025-04-27","format":false,"excerpt":"ONYPHE has made available a free API and free MMDB download of their new Geolocus database. It provided IP address metadata in the form of: { \"abuse\": [ \"amzn-noc-contact@amazon.com\", \"aws-routing-poc@amazon.com\", \"aws-rpki-routing-poc@amazon.com\", \"trustandsafety@support.aws.com\" ], \"asn\": \"AS14618\", \"continent\": \"NA\", \"continentname\": \"North America\", \"country\": \"US\", \"countryname\": \"United States\", \"domain\": [ \"amazon.com\", \"amazonaws.com\", \"aws.com\"\u2026","rel":"","context":"In "Cybersecurity"","block_context":{"text":"Cybersecurity","link":"https:\/\/rud.is\/b\/category\/cybersecurity\/"},"img":{"alt_text":"compass on map","src":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2025\/04\/getty-images-95WsGwmiZk4-unsplash-1.jpg?fit=512%2C419&ssl=1&resize=350%2C200","width":350,"height":200},"classes":[]},{"id":2564,"url":"https:\/\/rud.is\/b\/2013\/08\/12\/reverse-ip-address-lookups-with-r-from-simple-to-bulkasynchronous\/","url_meta":{"origin":13005,"position":1},"title":"Reverse IP Address Lookups With R (From Simple To Bulk\/Asynchronous)","author":"hrbrmstr","date":"2013-08-12","format":false,"excerpt":"R lacks some of the more \"utilitarian\" features found in other scripting languages that were\/are more geared\u2014at least initially\u2014towards systems administration. One of the most frustrating missing pieces for security data scientists is the lack of ability to perform basic IP address manipulations, including reverse DNS resolution (even though it\u2026","rel":"","context":"In "Data Analysis"","block_context":{"text":"Data Analysis","link":"https:\/\/rud.is\/b\/category\/data-analysis-2\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":4236,"url":"https:\/\/rud.is\/b\/2016\/04\/04\/iptools-0-4-0-released-into-the-wild-i-e-is-hitting-the-cran-mirrors-today\/","url_meta":{"origin":13005,"position":2},"title":"iptools 0.4.0 released into the wild (i.e. is hitting the CRAN mirrors today)","author":"hrbrmstr","date":"2016-04-04","format":false,"excerpt":"The [`iptools` package](https:\/\/github.com\/hrbrmstr\/iptools)\u2014a toolkit for manipulating, validating and testing IP addresses and ranges, along with datasets relating to IP addresses\u2014is flying through the internets and hitting a CRAN mirror near you, soon. ### What's fixed? [Tim Smith](https:\/\/github.com\/tdsmith) fixed [a bug](https:\/\/github.com\/hrbrmstr\/iptools\/issues\/26) in `ip_in_range()` that occurred when the netmask was `\/32` (thanks,\u2026","rel":"","context":"In "Cybersecurity"","block_context":{"text":"Cybersecurity","link":"https:\/\/rud.is\/b\/category\/cybersecurity\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":4547,"url":"https:\/\/rud.is\/b\/2016\/07\/24\/mid-year-r-packages-update-summary\/","url_meta":{"origin":13005,"position":3},"title":"Mid-year R Packages Update Summary","author":"hrbrmstr","date":"2016-07-24","format":false,"excerpt":"I been updating some existing packages and github-releasing new ones (before a CRAN push). Most are \"cyber\"-related, but there are some general purpose ones. Here's a quick overview: docxtractr (CRAN, now, v0.2.0) was initially designed to make it easy to get data tables out of MS Word (docx) documents. The\u2026","rel":"","context":"In "R"","block_context":{"text":"R","link":"https:\/\/rud.is\/b\/category\/r\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":24570,"url":"https:\/\/rud.is\/b\/2025\/03\/11\/xitter-hit-by-major-cyberattack\/","url_meta":{"origin":13005,"position":4},"title":"Xitter Hit by Major Cyberattack","author":"hrbrmstr","date":"2025-03-11","format":false,"excerpt":"On March 10, 2025, Xitter experienced major service disruptions throughout the day. Users couldn't access the platform on both mobile apps and the website. Here's what happened and why it matters. What Happened? X suffered multiple waves of outages starting early Monday morning: First wave: Around 6:00 AM Eastern Time,\u2026","rel":"","context":"In "Commentary"","block_context":{"text":"Commentary","link":"https:\/\/rud.is\/b\/category\/commentary\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":4527,"url":"https:\/\/rud.is\/b\/2016\/07\/12\/slaying-cidr-orcs-with-triebeard-a-k-a-fast-trie-based-ipv4-in-cidr-lookups-in-r\/","url_meta":{"origin":13005,"position":5},"title":"Slaying CIDR Orcs with Triebeard (a.k.a. fast trie-based ‘IPv4-in-CIDR’ lookups in R)","author":"hrbrmstr","date":"2016-07-12","format":false,"excerpt":"The insanely productive elf-lord, @quominus put together a small package ([`triebeard`](https:\/\/github.com\/ironholds\/triebeard)) that exposes an API for [radix\/prefix tries](https:\/\/en.wikipedia.org\/wiki\/Trie) at both the R and Rcpp levels. I know he had some personal needs for this and we both kinda need these to augment some functions in our `iptools` package. Despite `triebeard`\u2026","rel":"","context":"In "Cybersecurity"","block_context":{"text":"Cybersecurity","link":"https:\/\/rud.is\/b\/category\/cybersecurity\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/posts\/13005","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/comments?post=13005"}],"version-history":[{"count":0,"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/posts\/13005\/revisions"}],"wp:attachment":[{"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/media?parent=13005"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/categories?post=13005"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/tags?post=13005"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}