How to use Maxmind GeoLite2 to obtain GeoIP data from the command line

Today let’s talk about how to use Maxmind’s Geolite2 to get geoip data from the command line in Linux. This post is an update to the original “using GeoIP data from the command line” post from September. Maxmind GeoLite legacy databases were discontinued on January 2, 2019 and have moved to the new GeoLite2 format and makes the original article obsolete. The new format requires new tools and scripts so I will treat it as a new article from a technical perspective, however the practical use is still the same from a security analyst’s perspective. So let’s dive right in and get the new format setup and ready to use.

Continue reading “How to use Maxmind GeoLite2 to obtain GeoIP data from the command line”

Using GeoIP data from the command line

Today’s topic is using GeoIP data from the command line. Security analysts often find they need to ascertain an IP addresses geographic location in order to make decisions. The most obvious use would be around geofencing, i.e. blocking IP’s from certain countries or regions. GeoIP information is simple to acquire from the Linux command line with the tool geoiplookup and the Maxmind dat files. Here is an updated post and video on how to use Maxmind’s GeoLite2 database. How to use GeoLite2 on the command line.

Continue reading “Using GeoIP data from the command line”

Setting up a Non-Attributable system on a Linode VPS

Security analyst need a system to perform research on that is non-attributable, i.e. one that cannot be traced back to them or there company. The non-attributable system’s purpose is to keep adversaries from knowing when you are on to them. This article outlines how to setup a Linux VPS on Linode.com and demonstrates how fast and easy it is to rebuild it with another operating system if needed. 

Check out the video on YouTube and subscribe to see more cyber security videos. 
Continue reading “Setting up a Non-Attributable system on a Linode VPS”