Technical Tip: How to search ISDB using IP address

ntaneja · ‎09-11-2019

Description

This article describes how to check the Internet Service Database for specific IP addresses.

Scope

FortiGate.

Solution

Below is the command that can be used to search ISDB for specific IP addresses:

diagnose internet-service match <vdname> <ip> <netmask>

Example:

diagnose internet-service match root 35.197.114.216 255.255.255.255
Internet Service: 5242881(Act-on-Web), matched num: 1

From v7.2.0, users may now look up IP address information from the Internet Service Database and GeoIP Database by clicking the IP Address Lookup button on the GUI (navigate to Policy & Objects -> Internet Service Database).

Returned IP address information includes location, reputation, and other internet service information in addition to the reverse IP address/domain lookup.

Adding to the notes: To find the IP of any specific ISDB can be done via the following command:

diagnose internet-service id | grep Zoom
ID: 6422646 name: "Zoom.us-Zoom.Meeting"

diagnose internet-service id 6422646

Internet Service: 6422646(Zoom.us-Zoom.Meeting)
Version: 00007.03363
Timestamp: 202309061552
Number of IP ranges: 2774
3.7.35.0-3.7.35.127 country(356) region(1111) city(15989) blocklist(0x0) reputation(5), popularity(4) domain(2028) botnet(0) proto(6) port(80 390 443 1024-65535) .......

Related documents:
Look up IP address information from the Internet Service Database page
Technical Tip: Verifying which Internet Service database type and version installed on FortiOS-based...

Technical Tip: How to search ISDB using IP address

You are leaving our website