IP Reputation Checker (Multiple IP's in One Click)

To Download the tool, Kindly Download the latest Version from the following URL.

https://w3-connections.ibm.com/files/app#/file/fd6d27ef-69d0-4cff-8564-2d0bb1464100

Instruction for Running the tool are as follow:-

Windows:
Just double click the jar File to execute the Tool.

Linux:

Open terminal in the directory of where you downloaded the application

Type

chmod +x IPReputationChecker2.11.jar

whenever you want to run type

java -jar IPReputationChecker2.11.jar

''''''

The Tool is self explaining,

Just Enter the IP's as instructed in the tool and Click Search.

There is an option to get the DNS of each IP but enabling it would slow down the search considerably.

The Generate Report Will Create an Excel (xls) in your desired directory, with both tables exported in different spreadsheets.

 

Errors:-
 

If the application is not running then you will have to update your java as My code may have been compiled on a higher version of java then you have.

To update java just go to IBM Standard Software Installer and search java for your respective windows.

I have compiled my code for the earliest version of java that was available in JIM (IBM's Java Site), if i download an earlier version it is restricted and i have to provide explanations as to why i need such an earlier version, so you have to update your java i cant go lower.

Check webpage reputation and malware presence

You can check webpage reputation regarding blacklisting on fallowing webpage: http://www.mxtoolbox.com/blacklists.aspx

You have to put suspicious IP address in the Server IP field and click on Blacklist Check
*** Please remember that each time you want to check another IP you need to click on Blacklist link ***

You can check malware presence on remote webpage by fallowing webpage: http://siteinspector.comodo.com/

You have to put suspicious URL in marked field and click on Start The Scan

Q1Labs support

http://www.ibm.com/planetwide/us/

and there:

Call Q1Labs support:
Toll: 1-919-864-3512
Toll free:1-800-426-7378

Tickets (PMRs) submit web page: http://www-01.ibm.com/support/docview.wss?uid=swg21189715

Port numbers and services:

Port numbers and services:

http://arakis.cert.pl/en/ports.html
http://ports.my-addr.com/
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
http://www.speedguide.net/port.php?port=8005
http://www.networkuptime.com/library/tcp_udp_ports.html
http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xml

Port forwarding lists: (example Yahoo) - found during one of investiations

http://portforward.com/english/applications/port_forwarding/publishers/Yahoo.htm

 

IP/Webpage checkers:

http://www.robtex.com

http://urlquery.net/

 

Ports used by Apple software:

http://support.apple.com/kb/TS1629

http://www.mymac.pl/?page_id=122

 

_______________________________________________________

SANS Trojan ports list:

http://www.sans.org/security-resources/idfaq/oddports.php

 

 

________________________________________________________

TOR Hosts  - found by checking one of OD offenses.

https://www.dan.me.uk/tornodes

 

_________________________________________________________

Zeus IP blocklist

https://zeustracker.abuse.ch/blocklist.php?download=ipblocklist

Source

_________________________________________________________