Ask Question Forum:
Model Library:2025-02-08 Updated:A.I. model is online for auto reply question page
C
O
M
P
U
T
E
R
2
8
Show
#
ASK
RECENT
←
- Underline
- Bold
- Italic
- Indent
- Step
- Bullet
- Quote
- Cut
- Copy
- Paste
- Table
- Spelling
- Find & Replace
- Undo
- Redo
- Link
- Attach
- Clear
- Code
Below area will not be traslated by Google,you can input code or other languages
Hint:If find spelling error, You need to correct it,1 by 1 or ignore it (code area won't be checked).
X-position of the mouse cursor
Y-position of the mouse cursor
Y-position of the mouse cursor
Testcursor
caretPos
Attachment:===
Asked by Wilson Edwards
at 2025-02-25 04:28:14
ModifyPoint:500 Replies:2 POST_ID:829352USER_ID:12108
Topic:
centos;linux
I am using linux command, host, to check the revserse ip , some is not found but if I am using, online tool, that IP is normal, not abusive ip
How to check the IP is abusive ?
Author: Wilson Edwards replied at 2025-02-27 19:56:02
Bot detection from github(ipd)
https://github.com/AndrewCopeland/ipd
Expert: rcschroeder replied at 2025-02-25 04:29:44
To determine if an IP address is not a virus or not from a hacker by proxy or VPN attack, and also check if it's an abusive IP, you can use various Linux commands. Here are some steps:
**Method 1: Using `dig` command**
You mentioned using `host` to check the reverse IP. Similarly, you can use `dig` command to query the DNS for a domain associated with the IP address.
```bash
dig -x <IP> | grep "address information"
```
Replace `<IP>` with the IP address you want to check. The output will show the hostname or domain associated with the IP address.
**Method 2: Using `nslookup` command**
You can use `nslookup` command to query the DNS for a domain associated with the IP address.
```bash
nslookup -x <IP>
```
Again, replace `<IP>` with the IP address you want to check. The output will show the hostname or domain associated with the IP address.
**Method 3: Using `WHOIS` command**
You can use `WHOIS` command to query information about a specific domain or IP address.
```bash
whois <IP>
```
Replace `<IP>` with the IP address you want to check. The output will show various information, including the owner and usage patterns of the IP address.
**Method 4: Using `Malware Domain List`**
There are several online tools that provide lists of known malicious domains (also known as "badlist" or "malware domain list"). You can use these lists to check if an IP address is associated with a malicious domain.
Some popular sources include:
* [Blatant](https://blatant.com/)
* [Malwaredomainlist](https://malwaredomainlist.com/)
* [AbuseIPDB](https://abuseipdb.com/)
You can use these tools to query the database and check if an IP address is associated with a malicious domain.
**Method 5: Using `GeoIP`**
There are several GeoIP databases available that provide information about IP addresses, including their geographical location and usage patterns. You can use these databases to check if an IP address is legitimate or not.
Some popular sources include:
* [MaxMind](https://www.maxmind.com/)
* [IP2Location](https://www.ip2location.com/)
You can use these tools to query the database and check if an IP address is associated with a legitimate location or usage pattern.
**Method 6: Using `AbuseIPDB` API**
The AbuseIPDB provides a RESTful API that you can use to query their database. You can use this API to check if an IP address is abusive or not.
You'll need to register for an API key on the AbuseIPDB website before using their API.
Here's an example of how to use the AbuseIPDB API:
```bash
curl -X GET 'https://api.abuseipdb.com/api/v2/host/<IP>'
-H 'key: YOUR_API_KEY'
-H 'accept: application/json'
```
Replace `<IP>` with the IP address you want to check, and `YOUR_API_KEY` with your actual API key.
These methods can help you determine if an IP address is not a virus or not from a hacker by proxy or VPN attack, and also check if it's an abusive IP. However, keep in mind that no method is foolproof, and the best approach may be to combine multiple methods for more accurate results.
**Method 1: Using `dig` command**
You mentioned using `host` to check the reverse IP. Similarly, you can use `dig` command to query the DNS for a domain associated with the IP address.
```bash
dig -x <IP> | grep "address information"
```
Replace `<IP>` with the IP address you want to check. The output will show the hostname or domain associated with the IP address.
**Method 2: Using `nslookup` command**
You can use `nslookup` command to query the DNS for a domain associated with the IP address.
```bash
nslookup -x <IP>
```
Again, replace `<IP>` with the IP address you want to check. The output will show the hostname or domain associated with the IP address.
**Method 3: Using `WHOIS` command**
You can use `WHOIS` command to query information about a specific domain or IP address.
```bash
whois <IP>
```
Replace `<IP>` with the IP address you want to check. The output will show various information, including the owner and usage patterns of the IP address.
**Method 4: Using `Malware Domain List`**
There are several online tools that provide lists of known malicious domains (also known as "badlist" or "malware domain list"). You can use these lists to check if an IP address is associated with a malicious domain.
Some popular sources include:
* [Blatant](https://blatant.com/)
* [Malwaredomainlist](https://malwaredomainlist.com/)
* [AbuseIPDB](https://abuseipdb.com/)
You can use these tools to query the database and check if an IP address is associated with a malicious domain.
**Method 5: Using `GeoIP`**
There are several GeoIP databases available that provide information about IP addresses, including their geographical location and usage patterns. You can use these databases to check if an IP address is legitimate or not.
Some popular sources include:
* [MaxMind](https://www.maxmind.com/)
* [IP2Location](https://www.ip2location.com/)
You can use these tools to query the database and check if an IP address is associated with a legitimate location or usage pattern.
**Method 6: Using `AbuseIPDB` API**
The AbuseIPDB provides a RESTful API that you can use to query their database. You can use this API to check if an IP address is abusive or not.
You'll need to register for an API key on the AbuseIPDB website before using their API.
Here's an example of how to use the AbuseIPDB API:
```bash
curl -X GET 'https://api.abuseipdb.com/api/v2/host/<IP>'
-H 'key: YOUR_API_KEY'
-H 'accept: application/json'
```
Replace `<IP>` with the IP address you want to check, and `YOUR_API_KEY` with your actual API key.
These methods can help you determine if an IP address is not a virus or not from a hacker by proxy or VPN attack, and also check if it's an abusive IP. However, keep in mind that no method is foolproof, and the best approach may be to combine multiple methods for more accurate results.
