teamcymru 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: f81d63bbaa1697e14e0f5a3d38b11de442bafc35
+  data.tar.gz: daa6ff74ea7d82f3afbe2be651e1a7f45700746e
+SHA512:
+  metadata.gz: e540639d106916688115a2f72da46acac7b5bb2279551d2590906f38e43becd640e756a8116958c791c8f9d374190074ce21e79ac275734cf1ba95beaeba5272
+  data.tar.gz: c8ccbe8d09d0500a60e631e543bba0c3ba3495a0f36cb7e6d8f33acbf45198b84ad316bcef839e22f02baf564ba43428dee458bf2c0f74565a211cfc041f5ba6

data.tar.gz.sig

@@ -0,0 +1,2 @@
+�H�ܷ\�R0)<�進:�zo��C����h���C��}�e��L���j����(�~)�Vu���qo����֟wLWV�����ny��D-�
+�l��6l�������	+(P�w�`�}������(]���.�Z�1eL2��I������os�}K�

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in teamcymru.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2013 chrislee35
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,43 @@
+# Teamcymru
+
+The team-cymru gem connects to several of Team Cymru's public services: bogon lists, IP to ASN mappings, and malware hash checking.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'teamcymru'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install teamcymru
+
+## Usage
+
+	c = TeamCymru::ASNClient.new
+	res = c.lookup("130.207.244.251").to_s => "2637    | 130.207.244.251  | 130.207.0.0/16      | US | arin     | 1988-10-10 |  | GEORGIA-TECH - Georgia Institute of Technology"
+
+	c = TeamCymru::Bogon.new
+	c.bogon?("127.0.4.1") => true
+
+	c = TeamCymru::Malware.new
+	c.lookup("cbed16069043a0bf3c92fff9a99cccdc") => MalwareResult instance, .hash will be the hash, .timestamp will be the result time, and .percent_detect will be the percent of AV that detects the sample
+
+	c = TeamCymru::TwitterFeed.new
+	c.messages.each do |date, tweet|
+		puts date
+		puts tweet
+		puts
+	end
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1,12 @@
+#!/usr/bin/env rake
+require "bundler/gem_tasks"
+
+require 'rake/testtask'
+
+Rake::TestTask.new do |t|
+	t.libs << 'lib'
+	t.test_files = FileList['test/test_*.rb']
+	t.verbose = true
+end
+
+task :default => :test

data/bin/cymru_asn

@@ -0,0 +1,13 @@
+#!/usr/bin/env ruby
+require 'teamcymru'
+
+c = TeamCymru::ASNClient.new
+if ARGV.length > 0
+	ARGV.each do |ipdata|
+		puts c.lookup(ipdata)
+	end
+else
+	$stdin.each_line do |ipdata|
+		puts c.lookup(ipdata.chomp)
+	end
+end

data/bin/cymru_bogon

@@ -0,0 +1,13 @@
+#!/usr/bin/env ruby
+require 'teamcymru'
+
+c = TeamCymru::Bogon.new
+if ARGV.length > 0
+	ARGV.each do |ipdata|
+		puts ipdata+" "+c.bogon?(ipdata).to_s
+	end
+else
+	$stdin.each_line do |ipdata|
+		puts ipdata.chomp+" "+c.bogon?(ipdata.chomp).to_s
+	end
+end

data/bin/cymru_malware

@@ -0,0 +1,13 @@
+#!/usr/bin/env ruby
+require 'teamcymru'
+
+c = TeamCymru::Malware.new
+if ARGV.length > 0
+	ARGV.each do |hash|
+		puts c.lookup(hash)
+	end
+else
+	$stdin.each_line do |hash|
+		puts c.lookup(hash.chomp)
+	end
+end

data/bin/cymru_twitter

@@ -0,0 +1,17 @@
+#!/usr/bin/env ruby
+require 'teamcymru'
+require 'configparser'
+
+config = ConfigParser.new("#{ENV['HOME']}/.teamcymru")
+config = {
+	:consumer_key => config['teamcymru']['consumer_key'],
+	:consumer_secret => config['teamcymru']['consumer_secret'],
+	:oauth_token => config['teamcymru']['oauth_token'],
+	:oauth_token_secret => config['teamcymru']['oauth_token_secret']
+}
+c = TeamCymru::TwitterFeed.new(config)
+c.messages.each do |msg|
+	puts msg[0]
+	puts msg[1]
+	puts
+end

data/lib/teamcymru.rb

@@ -0,0 +1,5 @@
+require "teamcymru/version"
+require "teamcymru/asnclient"
+require 'teamcymru/bogon'
+require 'teamcymru/malware'
+require 'teamcymru/twitterfeed'

data/lib/teamcymru/asnclient.rb

@@ -0,0 +1,77 @@
+require 'ipaddr'
+require 'cache' # gem's name is ruby-cache
+require 'structformatter'
+
+module TeamCymru
+	class ASNRecord < Struct.new(:asn, :ip, :cidr, :cc, :nic, :alloc, :data, :org)
+		def to_s
+			"#{self.asn.ljust(8)}| #{self.ip.ljust(17)}| #{self.cidr.ljust(20)}| #{self.cc.ljust(3)}| #{self.nic.ljust(9)}| #{self.alloc.ljust(11)}| #{self.data} | #{self.org}"
+		end
+		def ASNRecord::from_s(str)
+			args = str.chomp.split(/\|/).map{|x| x.strip}
+			if args.length == 7
+				args.insert(6,'')
+			elsif args.length == 5 # used for AS lookups
+				args.insert(2,'')
+				args.insert(2,'')
+				args.insert(6,'')
+			end
+			ASNRecord.new(*args)
+		end
+		def cached=(cached)
+			@cached = cached
+		end
+		def from_cache?
+			@cached || false
+		end
+	end
+
+	class ASNClient
+		def initialize(server='whois.cymru.com', port=43)
+			@server = server
+			@port = port
+			@cache = Cache.new(nil,nil,10000,24*60*60)
+		end
+
+		def lookup(iplines)
+			t = TCPSocket.new(@server,@port)
+			t.puts("begin")
+			t.puts("verbose")
+			t.readline
+			oneshot = false
+			if iplines.class == String
+				iplines = [iplines]
+				oneshot = true
+			end
+			recs = []
+			iplines.each do |ipdata|
+				ip,data = ipdata.split(/ /,2)
+				rec = nil
+				@cache.each_key do |cidr|
+					if cidr.include?(ip)
+						rec = @cache[cidr]
+						rec.ip = ip
+						rec.data = data
+						rec.cached = true
+						break
+					end
+				end
+				unless rec
+					t.puts(ipdata)
+					t.flush
+					l = t.readline
+					rec = ASNRecord.from_s(l)
+					cidr = IPAddr.new(rec.cidr) if rec.cidr != ''
+					if cidr
+						@cache[cidr] = rec
+					end
+				end
+				recs << rec
+			end
+			t.puts("end")
+			t.close
+			return recs[0] if oneshot
+			recs
+		end
+	end
+end

data/lib/teamcymru/bogon.rb

@@ -0,0 +1,46 @@
+# Uses Team Cymru's DNS-based bogon lookup system to determine
+# if a given IP is routed or not.
+#
+# Author::    Chris Lee (rubygems@chrislee.dhs.org)
+
+require 'resolv'
+module TeamCymru
+	# This class implements the lookup of bogon via DNS
+	class Bogon
+		@@bogon = 'bogons.cymru.com'
+		@@v4fullbogon = 'v4.fullbogons.cymru.com'
+		@@v6fullbogon = 'v6.fullbogons.cymru.com'
+		
+		# tests if the given ip is a bogon
+		# fullbogon flag selects which bogon list to use
+		# see http://www.team-cymru.org/Services/Bogons/dns.html for more details
+		def bogon?(ip,fullbogon=true)
+			# detect if this is ipv4 or ipv6 or bad
+			begin
+				ip = IPAddr.new(ip)
+				if ip.ipv6? and fullbogon
+					label = ip.to_string.gsub(/:/,'').split(//).reverse.join(".")+"."+@@v6fullbogon
+				elsif ip.ipv4? and fullbogon
+					label = ip.to_s.split(/\./).reverse.join(".")+"."+@@v4fullbogon
+				elsif ip.ipv4? and not fullbogon
+					label = ip.to_s.split(/\./).reverse.join(".")+"."+@@bogon
+				else
+					puts "Unsupported combination: ipv4=#{ip.ipv4?} and fullbogon=#{fullbogon}"
+					return false
+				end
+				addr = Resolv.getaddress(label)
+				if addr
+					return true
+				else
+					return false
+				end
+			rescue ArgumentError => e
+				puts e
+				return false
+			rescue Resolv::ResolvError
+				return false
+			end
+		end
+		alias :lookup :bogon?
+	end
+end

data/lib/teamcymru/malware.rb

@@ -0,0 +1,33 @@
+require 'socket'
+require 'structformatter'
+
+module TeamCymru
+	class MalwareResult < Struct.new(:hash, :timestamp, :percent_detect)
+		def initialize(hash, timestamp, percent_detect)
+			self.hash = hash
+			self.timestamp = Time.at(timestamp.to_i)
+			self.percent_detect = (percent_detect == "NO_DATA") ? 0 : percent_detect.to_i
+		end
+	end
+			
+	class Malware
+		def initialize(server='hash.cymru.com', port=43)
+			@server = server
+			@port = port
+		end
+
+		def lookup(hashes)
+			if hashes.class == Array
+				hashes = hashes.join("\n")
+			end
+			res = []
+			t = TCPSocket.new(@server,@port)
+			t.write("begin\nverbose\n#{hashes}\nend\n")
+			t.each_line do |l|
+				next if l =~ /^#/
+				res << MalwareResult.new(*(l.chomp.split(/\s+/,3)))
+			end
+			res
+		end
+	end
+end

data/lib/teamcymru/twitterfeed.rb

@@ -0,0 +1,23 @@
+require 'twitter'
+
+module TeamCymru
+	class TwitterFeed
+		attr_reader :messages
+		def initialize(config)
+			@twitname = "teamcymru"
+			@messages = []
+			@client = Twitter::Client.new(config)
+			@client.user_timeline(@twitname).each do |m|
+				@messages << [m.created_at,m.text]
+			end
+		end
+		
+		def refresh
+			@messages = []
+			@client.user_timeline(@twitname).each do |m|
+				@messages << [m.created_at,m.text]
+			end
+			@messages
+		end
+	end
+end

data/lib/teamcymru/version.rb

@@ -0,0 +1,3 @@
+module TeamCymru
+  VERSION = "1.0.0"
+end

data/teamcymru.gemspec

@@ -0,0 +1,31 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'teamcymru/version'
+
+Gem::Specification.new do |spec|
+	spec.name          = "teamcymru"
+	spec.version       = TeamCymru::VERSION
+	spec.authors       = ["chrislee35"]
+	spec.email         = ["rubygems@chrislee.dhs.org"]
+	spec.description   = %q{Team Cymru provides a variety of services for network and security operators.  This Rubygem tries to wrap several of these services into a Ruby API.}
+	spec.summary       = %q{Queries Team Cymru's ASN, Malware, and FullBogon services}
+	spec.homepage      = "http://github.com/chrislee35/teamcymru"
+	spec.license       = "MIT"
+
+	spec.files         = `git ls-files`.split($/)
+	spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+	spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+	spec.require_paths = ["lib"]
+
+	spec.add_runtime_dependency "structformatter", "~> 0.0.1"
+	spec.add_runtime_dependency "twitter", "~> 4.7.0"
+	spec.add_runtime_dependency "ruby-cache", ">= 0.3.0"
+	spec.add_runtime_dependency "json", ">= 1.4.3"
+	spec.add_runtime_dependency "configparser", "~> 0.1.1"
+	spec.add_development_dependency "bundler", "~> 1.3"
+	spec.add_development_dependency "rake"
+
+	spec.signing_key   = "#{File.dirname(__FILE__)}/../gem-private_key.pem"
+	spec.cert_chain    = ["#{File.dirname(__FILE__)}/../gem-public_cert.pem"]
+end

data/test/helper.rb

@@ -0,0 +1,2 @@
+require 'test/unit'
+require File.expand_path('../../lib/teamcymru.rb', __FILE__)

data/test/test_team-cymru.rb

@@ -0,0 +1,59 @@
+unless Kernel.respond_to?(:require_relative)
+	module Kernel
+		def require_relative(path)
+			require File.join(File.dirname(caller[0]), path.to_str)
+		end
+	end
+end
+
+require_relative 'helper'
+require 'configparser'
+
+class TestTeamCymru < Test::Unit::TestCase
+	def test_performs_ASN_queries
+		c = TeamCymru::ASNClient.new
+		res = c.lookup("130.207.244.251")
+		assert_equal("2637    | 130.207.244.251  | 130.207.0.0/16      | US | arin     | 1988-10-10 |  | GEORGIA-TECH - Georgia Institute of Technology",res.to_s)
+		assert(! res.from_cache?)
+		# this should pull from cache
+		res = c.lookup("130.207.244.252")
+		assert_equal("2637    | 130.207.244.252  | 130.207.0.0/16      | US | arin     | 1988-10-10 |  | GEORGIA-TECH - Georgia Institute of Technology",res.to_s)
+		assert(res.from_cache?)
+	end
+	
+	def test_lookup_bogons
+		c = TeamCymru::Bogon.new
+		assert(c.bogon?("127.0.5.27"))
+		assert(c.bogon?("2001:DB8:FEEB:DEEF::242"))
+		assert(! c.bogon?("130.207.244.251"))
+		assert(! c.bogon?("2a00:1450:8003::93"))
+	end
+	
+	def test_lookup_malware_hashes
+		c = TeamCymru::Malware.new
+		hashes = ["7697561ccbbdd1661c25c86762117613","cbed16069043a0bf3c92fff9a99cccdc"]
+		res = c.lookup(hashes)
+		assert_equal("7697561ccbbdd1661c25c86762117613",res[0].hash)
+		assert_equal(0,res[0].percent_detect)
+		assert_equal("cbed16069043a0bf3c92fff9a99cccdc",res[1].hash)
+		assert(res[1].percent_detect > 50)
+	end
+	
+	def test_display_twitter_feed
+		if(File.exists?("#{ENV['HOME']}/.teamcymru"))
+			config = ConfigParser.new("#{ENV['HOME']}/.teamcymru")
+			config = {
+				:consumer_key => config['teamcymru']['consumer_key'],
+				:consumer_secret => config['teamcymru']['consumer_secret'],
+				:oauth_token => config['teamcymru']['oauth_token'],
+				:oauth_token_secret => config['teamcymru']['oauth_token_secret']
+			}
+			c = TeamCymru::TwitterFeed.new(config)
+			msg = c.messages[0]
+			assert_equal(2, msg.length)
+			assert_equal(Time, msg[0].class)
+			assert_equal(String, msg[1].class)
+			assert((Time.now - msg[0]) < (30*24*60*60))
+		end
+	end
+end

metadata

@@ -0,0 +1,189 @@
+--- !ruby/object:Gem::Specification
+name: teamcymru
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- chrislee35
+autorequire: 
+bindir: bin
+cert_chain:
+- |
+  -----BEGIN CERTIFICATE-----
+  MIIDYjCCAkqgAwIBAgIBADANBgkqhkiG9w0BAQUFADBXMREwDwYDVQQDDAhydWJ5
+  Z2VtczEYMBYGCgmSJomT8ixkARkWCGNocmlzbGVlMRMwEQYKCZImiZPyLGQBGRYD
+  ZGhzMRMwEQYKCZImiZPyLGQBGRYDb3JnMB4XDTEzMDUyMjEyNTk0N1oXDTE0MDUy
+  MjEyNTk0N1owVzERMA8GA1UEAwwIcnVieWdlbXMxGDAWBgoJkiaJk/IsZAEZFghj
+  aHJpc2xlZTETMBEGCgmSJomT8ixkARkWA2RoczETMBEGCgmSJomT8ixkARkWA29y
+  ZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANcPrx8BZiWIR9xWWG8I
+  tqR538tS1t+UJ4FZFl+1vrtU9TiuWX3Vj37TwUpa2fFkziK0n5KupVThyEhcem5m
+  OGRjvgrRFbWQJSSscIKOpwqURHVKRpV9gVz/Hnzk8S+xotUR1Buo3Ugr+I1jHewD
+  Cgr+y+zgZbtjtHsJtsuujkOcPhEjjUinj68L9Fz9BdeJQt+IacjwAzULix6jWCht
+  Uc+g+0z8Esryca2G6I1GsrgX6WHw8dykyQDT9dCtS2flCOwSC1R0K5T/xHW54f+5
+  wcw8mm53KLNe+tmgVC6ZHyME+qJsBnP6uxF0aTEnGA/jDBQDhQNTF0ZP/abzyTsL
+  zjUCAwEAAaM5MDcwCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0OBBYEFO8w
+  +aeP7T6kVJblCg6eusOII9DfMA0GCSqGSIb3DQEBBQUAA4IBAQBCQyRJLXsBo2Fy
+  8W6e/W4RemQRrlAw9DK5O6U71JtedVob2oq+Ob+zmS+PifE2+L+3RiJ2H6VTlOzi
+  x+A061MUXhGraqVq4J2FC8kt4EQywAD0P0Ta5GU24CGSF08Y3GkJy1Sa4XqTC2YC
+  o51s7JP+tkCCtpVYSdzJhTllieRAWBpGV1dtaoeUKE6tYPMBkosxSRcVGczk/Sc3
+  7eQCpexYy9JlUBI9u3BqIY9E+l+MSn8ihXSPmyK0DgrhaCu+voaSFVOX6Y+B5qbo
+  jLXMQu2ZgISYwXNjNbGVHehut82U7U9oiHoWcrOGazaRUmGO9TXP+aJLH0gw2dcK
+  AfMglXPi
+  -----END CERTIFICATE-----
+date: 2013-06-06 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: structformatter
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.0.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.0.1
+- !ruby/object:Gem::Dependency
+  name: twitter
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 4.7.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 4.7.0
+- !ruby/object:Gem::Dependency
+  name: ruby-cache
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 0.3.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 0.3.0
+- !ruby/object:Gem::Dependency
+  name: json
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 1.4.3
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 1.4.3
+- !ruby/object:Gem::Dependency
+  name: configparser
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.1.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.1.1
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Team Cymru provides a variety of services for network and security operators.  This
+  Rubygem tries to wrap several of these services into a Ruby API.
+email:
+- rubygems@chrislee.dhs.org
+executables:
+- cymru_asn
+- cymru_bogon
+- cymru_malware
+- cymru_twitter
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/cymru_asn
+- bin/cymru_bogon
+- bin/cymru_malware
+- bin/cymru_twitter
+- lib/teamcymru.rb
+- lib/teamcymru/asnclient.rb
+- lib/teamcymru/bogon.rb
+- lib/teamcymru/malware.rb
+- lib/teamcymru/twitterfeed.rb
+- lib/teamcymru/version.rb
+- teamcymru.gemspec
+- test/helper.rb
+- test/test_team-cymru.rb
+homepage: http://github.com/chrislee35/teamcymru
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.0.3
+signing_key: 
+specification_version: 4
+summary: Queries Team Cymru's ASN, Malware, and FullBogon services
+test_files:
+- test/helper.rb
+- test/test_team-cymru.rb