def orgGroups(self, sender, mID): try: newmID = mID afterAT = mID if "@" in sender: afterAT = sender[sender.index("@") + 1:] else: self.domain2domainPairing[(newmID, afterAT)] = False return False # if I have seen this pairing before, do not flag as FP if (newmID, afterAT) in self.domain2domainPairing: return True # check domain org match if I can find both domains in my pairings if newmID in Lookup.seen_domain_org and afterAT in Lookup.seen_domain_org: if Lookup.seen_domain_org[newmID] == Lookup.seen_domain_org[ afterAT]: self.domain2domainPairing[(newmID, afterAT)] = True return True else: self.domain2domainPairing[(newmID, afterAT)] = False return False # if the domains are not in the file, then use CIDR blocks if newmID in self.domainCompanyPairing: res11 = self.domainCompanyPairing[newmID] elif newmID in Lookup.seen_domain_ip: ip1 = Lookup.seen_domain_ip[newmID] res11 = Lookup.getCIDR(ip1) self.domainCompanyPairing[newmID] = res11 else: self.domain2domainPairing[(newmID, afterAT)] = False return False if afterAT in self.domainCompanyPairing: res22 = self.domainCompanyPairing[afterAT] elif afterAT in Lookup.seen_domain_ip: ip2 = Lookup.seen_domain_ip[afterAT] res22 = Lookup.getCIDR(ip2) self.domainCompanyPairing[afterAT] = res22 else: self.domain2domainPairing[(newmID, afterAT)] = False return False if res11 == res22: self.domain2domainPairing[(newmID, afterAT)] = True return True self.domain2domainPairing[(newmID, afterAT)] = False return False except ValueError: self.domain2domainPairing[(newmID, afterAT)] = False return False
def orgGroups(self, sender, mID): try: newmID = mID afterAT = mID afterAT = sender[sender.index("@")+1:] # if I have seen this pairing before, do not flag as FP if (newmID, afterAT) in self.domain2domainPairing: return True # check domain org match if I can find both domains in my pairings if newmID in Lookup.seen_domain_org and afterAT in Lookup.seen_domain_org: if Lookup.seen_domain_org[newmID] == Lookup.seen_domain_org[afterAT]: self.domain2domainPairing[(newmID, afterAT)] = True return True else: self.domain2domainPairing[(newmID, afterAT)] = False return False # if the domains are not in the file, then use CIDR blocks if newmID in self.domainCompanyPairing: res11 = self.domainCompanyPairing[newmID] else: # createDomain2OrgPair(newmID) ip1 = Lookup.seen_domain_ip[newmID] res11 = getBinaryRep(ip1, Lookup.getCIDR(ip1)) self.domainCompanyPairing[newmID] = res11 if afterAT in self.domainCompanyPairing: res22 = self.domainCompanyPairing[afterAT] else: # createDomain2OrgPair[afterAT] ip2 = Lookup.seen_domain_ip[afterAT] res22 = getBinaryRep(ip2, Lookup.getCIDR(ip2)) self.domainCompanyPairing[afterAT] = res22 if res11 == res22: self.domain2domainPairing[(newmID, afterAT)] = True return True self.domain2domainPairing[(newmID, afterAT)] = False return False except: self.domain2domainPairing[(newmID, afterAT)] = False return False
def lookup_cidr_from_hop(hop): ip = Lookup.public_domain(hop) if not ip: ip = Lookup.public_IP(hop) return Lookup.getCIDR(ip) if ip else None