Checking identities
AbuseHelper
AbuseHelper is toolkit for CERT and Abuse teams. It is a modular, (hopefully) scalable and robust framework to help you in your abuse handling. With Abuse Helper you can retrieve Internet Abuse Handling related information via several sources, you can then aggregate that information based on different keys, such as AS numbers or country codes and send out reports in different formats, via different transports and using different timings.
APNIC - Asia Pacific Network Information Centre
The Asia Pacific Network Information Centre issues IP addresses and Autonomous System (AS) Numbers in that geographic region. Its web site provides a searchable Whois database which can be queried to trace the ownership of IP address ranges. The whois server can also be queried directly using the whois protocol to whois.apnic.net.
ARIN - American Registry for Internet Numbers
The American Registry for Internet Numbers issues IP addresses and Autonomous System (AS) Numbers in North and South America, the Caribbean and sub-Saharan Africa. Its web site provides a searchable Whois database which can be queried to trace the ownership of IP address ranges. The whois server can also be queried directly using the whois protocol to whois.arin.net.
BGP Ranking
BGP ranking is a free software and free services to calculate the security ranking of Internet Service Provider (ASN).
Dig - DNS query tool
The dig command can be used to query DNS address data, as an alternative to nslookup.
Host - information about Internet hosts
The host command can be used to collect address and naming information from various Internet sources.
InterNIC
InterNIC provides a searchable Whois database which can be queried to trace the ownership of IP address ranges. The database has access to information about most of the generic top level domains, such as .com, .edu etc.
nslookup
Nslookup is a command that can be used to request information from the Domain Name Service. This can be used to look up names and IP addresses, but can also help in diagnosing problems with the DNS or attempts to corrupt information within name server caches.
Open Resolver Report
Regular reports of open resolvers within your BGP ASN or CIDR netblock, provided as service by Team Cymru.
RIPE - Reseaux IP Europeens
The RIPE NCC issues IP addresses and Autonomous System (AS) Numbers in Europe, the Middle East, North Africa and parts of Asia. Its web site provides a searchable Whois database which can be queried to trace the ownership of IP address ranges. The whois server can also be queried directly using the whois protocol to whois.ripe.net.
