From the course: Cisco Network Security: Content and Endpoint Security
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Solution: Examine suspect IP addresses
From the course: Cisco Network Security: Content and Endpoint Security
Solution: Examine suspect IP addresses
- [Instructor] Okay, how did you do? Let's do this challenge together. I'm at Talos Intelligence and we're going to go to the reputation lookup. I put them on a notepad so I can reference them easier, but I'll put the first IP address in. Now we'll scroll down. As you can see, the geolocation is the Netherlands. Now geolocation is nice to know because some of your filters will filter out specific countries or geolocation IP addresses. You can see the owner details and the host name. Down below let's take a look at the reputation. Both email and web show as poor. Now we'll go down below and we'll see the blacklist. Now understand there are other blacklists. We see SpamCop and Spamhaus, but on Talos it is listed. So even though it's not listed on the others, it is listed on Talos. Okay, let's check another one. All right, this one we see is in Jackonsville and we see the host name and the reputation showing up as poor for both email and web. And then down below, again the same thing. We…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.