Check if an IP address is used by hackers?

Features, capabilities, and performance of the SecData service.
User avatar
CRM User
Posts: 104
Joined: Sun Nov 27, 2016 3:41 pm

Check if an IP address is used by hackers?

Postby CRM User » Sun Nov 27, 2016 8:02 pm

I would like to check if a particular address 17.X.X.X [obfuscated by admin] is used by hackers. How can I do that?
Account for questions transferred from CRM system
User avatar
Telium Support
Posts: 133
Joined: Sun Nov 27, 2016 3:27 pm

Re: Check if an IP address is used by hackers?

Postby Telium Support » Sun Nov 27, 2016 10:40 pm

If you are using the Commercial Unlimited edition of SecAst, then you can check how an IP address scores on the SecData service using the telnet interface to SecAst. Connect to your local SecAst server by telnet and issue the 'hackerdb check' command. For example:

[root@pbx1:~] $ telnet 172.1.1.1 3000
Trying 172.1.1.1...
Connected to 172.1.1.1.
Escape character is '^]'.
SecAst telnet interface on 'PBX1 on Waterloo data center wall'
SecAst>hackerdb check 1.2.3.4
Action: checking Telium hacker database
Database match: exact IP
IP address: 1.2.3.4
Score: 25
SecAst>


Alternatively, if you subscribe to the SecData service directly then you can check how an IP address scores from a browser by entering the query into the address bar; for example:
https://XXX.telium.ca/check-ipaddress?key=YYY&ip=1.2.3.4&format=p
(you will need to substitute the hostname and key with those assigned to your account.)

Please note that manual queries of the SecData service through SecAst are throttled, so if you issue too many queries too quickly you will receive a warning to try again later.