Over the last few years, Security has become a huge concern for many companies. MxToolbox has always made email security information accessibility a primary concern – after all, blacklisting is a sign of greater security problem. However, we feel like reputation is only one (important) part of the security equation. That’s why we’re happy to highlight some of the new Security Tools we’ve created to make it easier to do your daily security related work and investigate any issues that might arise.
IP and Domain Reputation
Whether you’re researching a potential partner or an incident, understanding the online reputation of an IP address or Domain is incredibly important.
Presence on a blacklist is a clear indicator of an issue with an IP or Domain. Use MxToolbox’s Blacklist tool to research an individual IP or Domain’s reputation. The more blacklists an IP or Domain is on, the more egregious the problem and more likely there is a virus or malware infection or other problem.
Investigating a Domain
Our new Investigator tool give you every piece of information you might want on a Domain or URL:
- Related IP address with reverse DNS, ASN, Geolocation and more
- Related Domains
- DNS Nameserver
- MX record analysis
- SPF Record analysis
- Whois data
With Investigator, you get all this information in a single-pane view, allowing you to do quick analysis of potential trouble.
Checking Large IP ranges
Imagine knowing immediately when one of your hundreds, thousands or millions of IP addresses is compromised by a bad reputation. While Blacklisting is traditionally caused by sending spam or malware, it could be a result of maintaining servers with a security posture that is open to attack. Knowing your network reputation is therefore an important part of your security knowledge.
MxToolbox Service Provider allows you to keep tabs on the blacklist reputation of an entire continuous block of IP addresses. Designed to give you constant updates on your large IP networks, MxToolbox Service Provider alerts you when any changes to your reputation occur giving you instant warning of potential security issues.
When you have an incident the important thing to do is quickly analyze potential source and refining the precise issue. For that you need a quick way to analyze your log files and then dig into potential abusers.
What do you do with a big log file full of IP addresses and domains that could contain your abuser? Do you go through it by hand looking for odd IPs or strange domains?
How about a tool where you could dump the entire log file, have it parsed and then lookup all the IPs or domains in a single bulk lookup? That’s why we created our Bulk Lookup Tool. Bulk Lookup gives you:
- Reverse IP Address (for domains)
- AS Number
- AS Name
- Geo Location
- Blacklist Status
- Start of Authority (SOA)
- MX Records
- Email Provider
- DNS Provider
You can correlate sites by ASN and DNS/Email service provider, highlight sites with bad blacklist reputations and identify those in geographies known to be troublesome our outside your client area. With all this information available you can select those that need further investigation with Investigator or our Networking Tools.
MxToolbox has always provided free tools that simplify your server setup, DNS configuration checks and network evaluation, but many customers use them to pursue security investigations.
Think about the power of being able to Ping, Traceroute or investigate the DNS setup of a suspect server. Or get realtime reputation information on an IP address hitting your servers. Or get information on the email configuration of a troubling message.
Our tools give you tremendous flexibility to find the information you need on domains and IP addresses to simplify your security research.