PeeringDB is a freely available database of networks and a go-to for interconnection data. It is used by network operators to publish details about their infrastructure and facilitates the interconnection of Internet Exchange Points, Data Centers and other interconnection facilities. Moreover, as of today, it can help you take your Maltego infrastructure footprints to the next level!
Introducing the New PeeringDB Data Integration in Maltego đź”—︎
We are excited to announce the integration of the PeeringDB API into Maltego to complement Maltego’s powerful infrastructure Transforms. PeeringDB can be used to easily pivot off of infrastructure discovered using Maltego’s footprints Machines and infrastructure Transforms to discover related infrastructure and connections into internet backbone systems around the world.
The PeeringDB Hub item is free to use for all Maltego users.
In this article, we will show you a short demonstration of the PeeringDB Transforms and how you can use them to explore network interconnections beyond a standard footprinting process.
Using PeeringDB Transforms in Maltego to Explore Network Interconnections đź”—︎
Starting with a Maltego Level 1 Network Footprint đź”—︎
We’ll start off our example by running Maltego’s Footprint L1 Machine on the domain of Deutsche Telekom, telekom[.]com.
This should result in a graph similar to the following:
Pivoting from an AS Number with PeeringDB Transforms đź”—︎
Our PeeringDB investigation starts where the regular L1 footprint ends. Having found an AS Number, we can now see which networks in PeeringDB are associated with it.
Running the To Networks [PeeringDB] Transform will return a PeeringDB Network Entity to our graph.
![To Networks [PeeringDB]](/images/uploads/peeringdb-003.png)
The Entity contains all the properties provided by PeeringDB and the display information is populated with key properties as well as a link to the PeeringDB website.
If you are curious to see exactly where the information comes from, clicking the “View on PeeringDB” link will take you to this network on the PeeringDB website.
Note that all the links and pivots available from their website can also be navigated using the Maltego PeeringDB Transforms.
We can quickly extract the organization name (and metadata) as well as the associated website from the Network Entity using the To Organization [PeeringDB] and To Company Website [PeeringDB] Transforms.
Finding Interconnections Between Target Network and Other Networks đź”—︎
Next, let’s see what interconnections exist between this network and other networks and facilities. Using the Transforms To Public Peering Facilities [PeeringDB] and To Private Peering Facilities [PeeringDB], we can find other interconnections with this network that are listed on PeeringDB.
As we can see, Deutsche Telekom has peers with some of the major internet exchanges around Europe; A number of data centers are listed as well among the private facilities.
Discovering Organizations behind Specific Facilities đź”—︎
It would be interesting to explore further details about peering facilities connected to the network. Taking a look at the “Telehouse London” facility, we can quickly extract the organization operating this facility and other networks connected to the facility using the To Organization [PeeringDB] and To Networks [PeeringDB] Transforms.
As expected, the organization operating the facility is Telehouse. If we did not recognize the organization immediately, we could use the website Entity to quickly jump to the operator’s website.
A number of large European internet and media companies have networks that connect to the same facility as Deutsche Telekom. For any of these resulting Network Entities, we could again pivot into the organization they are associated with, the other peering facilities they connect to, and find more information.
Finding the Location of a Facility đź”—︎
As a final bit of investigation, we can find the location of the facility using the To Location [PeeringDB] Transform.
The facility operates from London and has a large number of British companies connecting their networks to it. All location information from PeeringDB is populated on the Entity, and you can inspect the Properties table to see the street address, area code and GPS coordinates.
Pivoting from a City đź”—︎
If we have a Location Entity representing a city, we can look up the public exchanges listed for that city.
In the case of London, we can take the Location Entity and run the Transform To Internet Exchanges from City [PeeringDB] and get the following graph.
Once again, it is easy to quickly expand these internet exchanges to see which networks are connected to them.
Maltego’s Collection nodes allow you to find common groups of networks that peer with multiple exchanges based in London.
Pivoting from a Netblock đź”—︎
Now, let’s have a closer look at netblocks. If we have an Internet Exchange Entity, we are able to find netblocks belonging to that exchange using the To Netblocks [PeeringDB] Transform.
![To Netblocks [PeeringDB]](/images/uploads/peeringdb-012.png)
We can also run this sort of lookup in reverse! Taking a netblock from our original footprint, let’s see what internet exchanges are associated with this netblock by running the Transform To Peering Exchange [PeeringDB].
![To Peering Exchange [PeeringDB]](/images/uploads/peeringdb-013.png)
Profiling an Organization đź”—︎
Generally, information in PeeringDB is associated with different organizations. This also allows us to search for organizations and to navigate through all the data associated with them. Starting with a Phrase Entity, we can do a quick search for organizations whose names contain “Telkom” and then extract all the associated PeeringDB Entities.
Start Using the PeeringDB Transforms in Your Investigation! đź”—︎
We hope you enjoyed this brief walkthrough of the PeeringDB Transforms and how to use them in your investigations. We would love to hear more use cases and ideas for improvements from you.
Don’t forget to follow us on Twitter and LinkedIn or subscribe to our email newsletter to stay tuned to more updates, tutorials, and use cases.
Happy investigating!
