Christopher Morrow wrote on 6/29/2015 9:25 AM:
On Mon, Jun 29, 2015 at 10:21 AM, Jared Mauch <ja...@puck.nether.net> wrote:
This being said, there is not a single solution to everything. Chris mentioned
using DNS, which is a nice method assuming you see all the queries within your
traffic cone.
sorry, I meant that you could just look at the reverse dns for some of
the higher traffic sources/destinations... you can ALSO look at your
recursive dns servers to see what folk are looking up 'often'... which
is a third tool to use. (presuming you see all/most/representative-set
of your customers, yes)
For hosts with no (or meaningless) reverse DNS, I've found that browsing
to the IP in question via HTTPs will often provide an SSL certificate
with lots of useful information.
--Blake
