My firewall box has recently been blocking outbound traffic on ports 8020, 8087, and 8500; mostly to a small number of IPs leased by Digital Ocean, Netscape/AOL, and RIPE NCC. Reverse DNS lookups fail on all of these IPs. Even more ominously, these unidentifiable communications originate exclusively from two Windows machines on my network. (One Windows 7 x86, the other x64.) Is this stuff identifiable to anyone? Edit: whoops, that's Digital Ocean, not Cloudfront. Edit 2: okay - the one on port 8500 is to ing2.shouted.fm This appears to located in Germany. Any takers? Edit 3: whoops, cross 8500 off the list. shouted.fm is a music station, this was just Amarok trying something dumb behind my back... yay. The 8020 and 8087 ones are still unidentified though, and have no DNS records I can find. Edit 4: the port 8020 address belongs to Sonos radio, that's clean. Edit 5: hmm my bad, the 8087 traffic is not from a Windows machine. The source machine has a MAC address that does not look familiar (and no, I don't have wireless on my network). What the heck?
Port 8087 looks to be something Apple-related: http://www.t1shopper.com/tools/port-number/8087/ http://www.linuxjournal.com/content/introducing-simplify-media