RE: Port 2848

ECTED]] Sent: Thursday, December 19, 2002 5:09 PM To: [EMAIL PROTECTED]; 'Security Focus (E-mail)' Subject: RE: Port 2848 Hi all, I don't want to jump the gun and make this something its not, but this posting bears very similar resemblance to an issue I was working on with a clien

RE: Port 2848

Hi all, I don't want to jump the gun and make this something its not, but this posting bears very similar resemblance to an issue I was working on with a client. At approximately 13 minute intervals my client was seeing repeat traffic through his network to very similar addresses from a handful o

RE: Port 2848

Hi nathan: I think your right. 2847 tcp/udp aimpp-port-req AIMPP Port Req 2848 tcp/udp amt-blc-port AMT-BLC-PORT 2849 tcp/udp fxp FXP Hope this helps DS- -Original Message- From: Nathan [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 18, 2002 11:30 AM To: Secu

RE: Port 2848

Forgot to "Reply to All"... Nathan, Using VisualRoute on my PC I checked those 3 IP's. They are all Gateway's at Symantec. It looks like what you are seeing is possibly Norton Antivirus' LiveUpdate going out to try and check for update... that's just a guess on my part. mike heitz ** sr it manag

re: Port 2848

Nathan, An ARIN search on the IP addresses you mentioned reveals: 206.204.212.226 is owned by ConXioN Corporation, according to ARIN. Nslookup reveals that the name of the host is "gw02entry01.gw02.dis.symantec.com". 206.204.52.98 is also "owned by" ConXion, but it's name is "gw01entry01.gw01.d