Hello everyone, My firewall blocks some packets from time to time. When I inspected them a little bit more seriously, I found out the following: a195-49-93-216.deploy.akamaitec=195.49.93.216 They are all coming from this address here: http://www.akamai.com/ Somewhere on their site they say, that they try to make the internet faster & better. But why they ping the whole IP addresses I don't know. Anyone of you made this experience as well? Actually I don't like that at all! And last but not least, this doesn't happen, because I visited a site they host! No, just when I start up my PC this can happen as well... Any clues? Best regards, Patrice
Mhh... I might have found the problem, check out this network sniffing: 0000:47 45 54 20 2F 6E 61 76 GET /nav 0008:6E 74 5F 39 2E 30 35 5F nt_9.05_ 0010:67 65 72 6D 61 6E 5F 6C german_l 0018:69 76 65 74 72 69 2E 7A ivetri.z 0020:69 70 20 48 54 54 50 2F ip HTTP/ 0028:31 2E 30 0D 0A 41 63 63 1.0..Acc 0030:65 70 74 3A 20 2A 2F 2A ept: */* 0038:0D 0A 49 66 2D 4D 6F 64 ..If-Mod 0040:69 66 69 65 64 2D 53 69 ified-Si 0048:6E 63 65 3A 20 54 68 75 nce: Thu 0050:2C 20 30 31 20 4D 61 79 , 01 May 0058:20 32 30 30 33 20 31 38 2003 18 0060:3A 32 36 3A 32 33 20 47 :26:23 G 0068:4D 54 0D 0A 43 61 63 68 MT..Cach 0070:65 2D 43 6F 6E 74 72 6F e-Contro 0078:6C 3A 20 6D 61 78 2D 61 l: max-a 0080:67 65 3D 30 0D 0A 55 73 ge=0..Us 0088:65 72 2D 41 67 65 6E 74 er-Agent 0090:3A 20 53 79 6D 61 6E 74 : Symant 0098:65 63 20 4C 69 76 65 55 ec LiveU 00A0:70 64 61 74 65 0D 0A 48 pdate..H 00A8:6F 73 74 3A 20 6C 69 76 ost: liv 00B0:65 75 70 64 61 74 65 2E eupdate. 00B8:73 79 6D 61 6E 74 65 63 symantec 00C0:6C 69 76 65 75 70 64 61 liveupda 00C8:74 65 2E 63 6F 6D 0D 0A te.com.. 00D0:43 6F 6E 6E 65 63 74 69 Connecti 00D8:6F 6E 3A 20 4B 65 65 70 on: Keep 00E0:2D 41 6C 69 76 65 0D 0A -Alive.. 00E8:50 72 61 67 6D 61 3A 20 Pragma: 00F0:6E 6F 2D 00 00 00 00 00 no-..... 00F8:00 00 00 00 .... And guess what, the address destination is: a195-49-93-216.deploy.akamaitec=195.49.93.216 So, this means, it is MY computer, which sends this signal out to them. It seems that they host the Symantec Updates. Problem solved! Best regards, Patrice
They host lots more than only Symantec. The ping is required to decide wich server is closest to you so that this nearest site can serve you, which in fact does enhance the performance a bit. No big deal I suppose. On my Snort equipped server the Akamai pings are among the most detected events.