Everything you need to know about Legit - Lookup Explanation for Geniune enuine IP Threats. It’s free for to use over the web. - Happy days right there

...

Figure 1, “Legit Features”

Simple to Use

In the search bar, type in your IP address of interest and hit enter or search. This will return information on the IP Address if has been found or no data is found for the IP Address in question , or an error. Errors are if you enter invalid addresses such as non-routable addresses such as 10.0.0.1, multicast addresses, or localhost.

Beside the search bar is a copy button , that you can to copy this URL and send this information to your colleague to see what you are seeing see about this IP Address.

Features

...

It will have whether the current address is blocked or not, which attacks has it had seen, how many feeds have it as blocked, how many feeds were found, when it was first seen and when it was last seen, as well as information on how many records are in this list.

...

Timeline

This shows when the IP Address in question address has been added and removed from the different feeds over time.

How to use Legit in an incident

In incidents, there are a lot of many times where you have a list of IP addresses, and you are determining if any of them are points of interest. With Legit, you can match these IP Addresses and see if there were similar types of attacks at that same time period from that IP Address, or conversely, it’s not in the list, and help you decide the other way.

This is another nugget of information to the SOC Analysts' arsenal. The key for to Legit is the ability to look back a long time instead of only the current status. Most APT can be are found in logs over 267 or more depending on the document you readdays ago, so having an up to sixeight-year history could really help you out.