Add a whois check to the cyhy-import and cyhy-add docker images.
Motivation and context
IPs for the vulnerability scanning service should be checked against the restricted countries using both geolocation data (utilizing maxmind) and whois. This is due to the increase in onboarding of international stakeholders.
cyhy-import and cyhy-add currently only check using geolocation (utilizing the maxmind tool).
Implementation notes
Please update the following
cyhy-import script for checking international IPs against restricted countries already being checked against using the maxmind portion of the function.
CyHy-add script for checking international IPs against restricted countries already being checked against using the maxmind portion of the function.
Acceptance criteria
How do we know when this work is done?
[ ] Updated cyhy-import within docker image that checks for IPs in restricted countries that we are not permitted to scan.
[ ] Updated cyhy-add within docker image that checks for IPs in restricted countries that we are not permitted to scan.
[ ] Returns message with any IP located within one of these countries, the IP itself, the country name.
The current manual check (script that the VS team runs that utilizes the check against WhoIs information) will be provided to the VM Dev team via GWE email. It is NOT an expectation that the VM Dev team utilizes the script provided by the VS team, however, wanted to provide what we are already using in case it can be used as a building block for the script that is written as an addition to the current international asset check. If any additional information is needed, please let us know!
💡 Summary
Add a whois check to the cyhy-import and cyhy-add docker images.
Motivation and context
IPs for the vulnerability scanning service should be checked against the restricted countries using both geolocation data (utilizing maxmind) and whois. This is due to the increase in onboarding of international stakeholders.
cyhy-import and cyhy-add currently only check using geolocation (utilizing the maxmind tool).
Implementation notes
Please update the following
Acceptance criteria
How do we know when this work is done?
The current manual check (script that the VS team runs that utilizes the check against WhoIs information) will be provided to the VM Dev team via GWE email. It is NOT an expectation that the VM Dev team utilizes the script provided by the VS team, however, wanted to provide what we are already using in case it can be used as a building block for the script that is written as an addition to the current international asset check. If any additional information is needed, please let us know!