View Full Version : Akamai
Patrice
May 20th, 2003, 03:40 AM
Hello everyone,
My firewall blocks some packets from time to time. When I inspected them a little bit more seriously, I found out the following:
a195-49-93-216.deploy.akamaitec=195.49.93.216
They are all coming from this address here:
http://www.akamai.com/
Somewhere on their site they say, that they try to make the internet faster & better. But why they ping the whole IP addresses I don't know. Anyone of you made this experience as well? Actually I don't like that at all! >:(
And last but not least, this doesn't happen, because I visited a site they host! No, just when I start up my PC this can happen as well...
Any clues?
Best regards,
Patrice
Patrice
May 20th, 2003, 03:54 AM
Mhh... I might have found the problem, check out this network sniffing:
0000:47 45 54 20 2F 6E 61 76 GET /nav
0008:6E 74 5F 39 2E 30 35 5F nt_9.05_
0010:67 65 72 6D 61 6E 5F 6C german_l
0018:69 76 65 74 72 69 2E 7A ivetri.z
0020:69 70 20 48 54 54 50 2F ip HTTP/
0028:31 2E 30 0D 0A 41 63 63 1.0..Acc
0030:65 70 74 3A 20 2A 2F 2A ept: */*
0038:0D 0A 49 66 2D 4D 6F 64 ..If-Mod
0040:69 66 69 65 64 2D 53 69 ified-Si
0048:6E 63 65 3A 20 54 68 75 nce: Thu
0050:2C 20 30 31 20 4D 61 79 , 01 May
0058:20 32 30 30 33 20 31 38 2003 18
0060:3A 32 36 3A 32 33 20 47 :26:23 G
0068:4D 54 0D 0A 43 61 63 68 MT..Cach
0070:65 2D 43 6F 6E 74 72 6F e-Contro
0078:6C 3A 20 6D 61 78 2D 61 l: max-a
0080:67 65 3D 30 0D 0A 55 73 ge=0..Us
0088:65 72 2D 41 67 65 6E 74 er-Agent
0090:3A 20 53 79 6D 61 6E 74 : Symant
0098:65 63 20 4C 69 76 65 55 ec LiveU
00A0:70 64 61 74 65 0D 0A 48 pdate..H
00A8:6F 73 74 3A 20 6C 69 76 ost: liv
00B0:65 75 70 64 61 74 65 2E eupdate.
00B8:73 79 6D 61 6E 74 65 63 symantec
00C0:6C 69 76 65 75 70 64 61 liveupda
00C8:74 65 2E 63 6F 6D 0D 0A te.com..
00D0:43 6F 6E 6E 65 63 74 69 Connecti
00D8:6F 6E 3A 20 4B 65 65 70 on: Keep
00E0:2D 41 6C 69 76 65 0D 0A -Alive..
00E8:50 72 61 67 6D 61 3A 20 Pragma:
00F0:6E 6F 2D 00 00 00 00 00 no-.....
00F8:00 00 00 00 ....
And guess what, the address destination is:
a195-49-93-216.deploy.akamaitec=195.49.93.216
So, this means, it is MY computer, which sends this signal out to them. It seems that they host the Symantec Updates.
Problem solved! ;)
Best regards,
Patrice
meneer
May 20th, 2003, 04:15 AM
They host lots more than only Symantec.
The ping is required to decide wich server is closest to you so that this nearest site can serve you, which in fact does enhance the performance a bit.
No big deal I suppose. On my Snort equipped server the Akamai pings are among the most detected events.
vBulletin® Copyright ©2000-2013, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2013, Wilders Security Forums