O'Reilly logo

Effective Incident Response Team, The by Brian Moeller, Julie Lucas

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Appendix D. Domain Name Extensions Used for Internet Addresses

One of the initial steps normally taken during the course of incident response is to determine the apparent source of the activity. This step will typically be accomplished by reviewing audit logs for an Internet Protocol (IP) address. The IP address will then be translated into its domain name by using one of the Internet registration resources to determine the source of the attack. Just because a signal comes from a specific IP address, however, it does not mean that the perpetrator is coming directly from that spot. Intruders often jump from IP address to IP address to hide their tracks. Nevertheless, the following codes can help to determine the country in which an address is ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required