It didnt seens that is spoofed. Non-authoritative answer: liveupdate.symantec.com canonical name =3D liveupdate.symantec.d4p.net. liveupdate.symantec.d4p.net canonical name =3D a188.g.akamai.net. Name: a188.g.akamai.net Address: 216.52.56.38 Name: a188.g.akamai.net Address: 216.52.56.39 Name: a188.g.akamai.net Address: 216.52.56.50
Non-authoritative answer: Name: a240.g.akamai.net Address: 216.52.56.37 Name: a240.g.akamai.net Address: 216.52.56.50 -----Mensagem original----- De: George [mailto:[EMAIL PROTECTED]] Enviada em: s=E1bado, 3 de novembro de 2001 23:37 Para: [EMAIL PROTECTED] Assunto: Spoofed Norton Update URL? Hi, can someone tell me if NAV update was spoofed here?=20 8/20/01, 16:00:32 PM GMT -> Progress Update: HOST_SELECTED: HostName: "liveupdate.symantec.com" URL: "http://liveupdate.symantec.com"; HostNumber: 0=20 8/20/01, 16:00:32 PM GMT -> Progress Update: UNZIP_FILE_START: Zip File: "C:\WINDOWS\All Users\Application Data\Symantec\LiveUpdate\Downloads\livetri.zip", Dest Folder: "C:\WINDOWS\All Users\Application Data\Symantec\LiveUpdate\Downloads"=20 8/20/01, 16:00:32 PM GMT -> Progress Update: UNZIP_FILE_FINISH: Zip File: "C:\WINDOWS\All Users\Application Data\Symantec\LiveUpdate\Downloads\livetri.zip", Dest Folder: "C:\WINDOWS\All Users\Application Data\Symantec\LiveUpdate\Downloads", HR: 0x0=20 8/20/01, 16:01:02 PM GMT -> GetUpdates: Avenge 1.5 MicroDefs, MicroDefsB.Full, English =3D=3D> ennfullb.x86=20 8/20/01, 16:01:02 PM GMT -> GetUpdates: NAV95, 6.10.20, ENGLISH =3D=3D> enna0530.x00=20 8/20/01, 16:01:02 PM GMT -> Progress Update: DOWNLOAD_BATCH_START: Files to download: 2, Estimated total size: 2970837=20 8/20/01, 16:01:02 PM GMT -> Progress Update: DOWNLOAD_FILE_START: URL: "http://a240.g.akamai.net/3/240/1271/0e8c31e2178a11/liveupdate.symantec. com/ennfullb.x86", Estimated Size: 2722962, Destination Folder: "C:\WINDOWS\All Users\Application Data\Symantec\LiveUpdate\Downloads"=20 8/20/01, 16:01:03 PM GMT -> Progress Update: DOWNLOAD_FILE_RESUMING: URL: "http://a240.g.akamai.net/3/240/1271/0e8c31e2178a11/liveupdate.symantec. com/ennfullb.x86", Full Download Path: "C:\WINDOWS\All Users\Application Data\Symantec\LiveUpdate\Downloads\ennfullb.x86", partial size: 1157120, full size: 1565842=20 Just not sure where the http://a240.g.akamai.net came from in the middle of this update. Is it normal? The entire log is available if it would help.=20 Thanks,=20 George=20 "Man performs, engenders so much more than he can or should have to bear. That's how he finds that he can bear anything" William Faulkner.=20 ------_=_NextPart_001_01C16896.06077B30 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; = charset=3Diso-8859-1"> <TITLE>Spoofed Norton Update URL?</TITLE> <META content=3D"MSHTML 5.50.4611.1300" name=3DGENERATOR></HEAD> <BODY> <DIV><SPAN class=3D620094020-08112001><FONT face=3DArial color=3D#0000ff = size=3D2>It=20 didnt seens that is spoofed.</FONT></SPAN></DIV> <DIV><SPAN class=3D620094020-08112001><FONT face=3DArial color=3D#0000ff = size=3D2></FONT></SPAN> </DIV> <DIV><SPAN class=3D620094020-08112001><FONT face=3DArial color=3D#0000ff = size=3D2>Non-authoritative answer:<BR>liveupdate.symantec.com canonical = name =3D=20 liveupdate.symantec.d4p.net.<BR>liveupdate.symantec.d4p.net & n= bsp; =20 canonical name =3D a188.g.akamai.net.<BR>Name: =20 a188.g.akamai.net<BR>Address: 216.52.56.38<BR>Name: =20 a188.g.akamai.net<BR>Address: 216.52.56.39<BR>Name: =20 a188.g.akamai.net<BR>Address: 216.52.56.50<BR></FONT></SPAN></DIV> <DIV><SPAN class=3D620094020-08112001><FONT face=3DArial color=3D#0000ff = size=3D2>Non-authoritative answer:<BR>Name: =20 a240.g.akamai.net<BR>Address: 216.52.56.37<BR>Name: =20 a240.g.akamai.net<BR>Address: 216.52.56.50</FONT></SPAN><SPAN=20 class=3D620094020-08112001><FONT face=3DArial color=3D#0000ff=20 size=3D2><BR></DIV></FONT></SPAN> <BLOCKQUOTE dir=3Dltr style=3D"MARGIN-RIGHT: 0px"> <DIV class=3DOutlookMessageHeader dir=3Dltr align=3Dleft><FONT = face=3DTahoma=20 size=3D2>-----Mensagem original-----<BR><B>De:</B> George=20 [mailto:[EMAIL PROTECTED]]<BR><B>Enviada em:</B> = s=E1bado, 3 de=20 novembro de 2001 23:37<BR><B>Para:</B>=20 [EMAIL PROTECTED]<BR><B>Assunto:</B> Spoofed Norton = Update=20 URL?<BR><BR></FONT></DIV> <P>Hi, can someone tell me if NAV update was spoofed here? </P><BR> <P><FONT size=3D2>8/20/01, 16:00:32 PM GMT -> Progress Update: = HOST_SELECTED:=20 HostName: "liveupdate.symantec.com" URL: = "http://liveupdate.symantec.com"=20 HostNumber: 0 </FONT></P> <P><FONT size=3D2>8/20/01, 16:00:32 PM GMT -> Progress Update:=20 UNZIP_FILE_START: Zip File: "C:\WINDOWS\All Users\Application=20 Data\Symantec\LiveUpdate\Downloads\livetri.zip", Dest Folder: = "C:\WINDOWS\All=20 Users\Application Data\Symantec\LiveUpdate\Downloads" </FONT></P> <P><FONT size=3D2>8/20/01, 16:00:32 PM GMT -> Progress Update:=20 UNZIP_FILE_FINISH: Zip File: "C:\WINDOWS\All Users\Application=20 Data\Symantec\LiveUpdate\Downloads\livetri.zip", Dest Folder: = "C:\WINDOWS\All=20 Users\Application Data\Symantec\LiveUpdate\Downloads", HR: 0x0 = </FONT></P> <P><FONT size=3D2>8/20/01, 16:01:02 PM GMT -> GetUpdates: Avenge = 1.5=20 MicroDefs, MicroDefsB.Full, English =3D=3D> ennfullb.x86 = </FONT></P> <P><FONT size=3D2>8/20/01, 16:01:02 PM GMT -> GetUpdates: NAV95, = 6.10.20,=20 ENGLISH =3D=3D> enna0530.x00 </FONT></P> <P><FONT size=3D2>8/20/01, 16:01:02 PM GMT -> Progress Update:=20 DOWNLOAD_BATCH_START: Files to download: 2, Estimated total size: = 2970837=20 </FONT></P> <P><FONT size=3D2>8/20/01, 16:01:02 PM GMT -> Progress Update:=20 DOWNLOAD_FILE_START: URL:=20 = "http://a240.g.akamai.net/3/240/1271/0e8c31e2178a11/liveupdate.symantec. c= om/ennfullb.x86",=20 Estimated Size: 2722962, Destination Folder: "C:\WINDOWS\All = Users\Application=20 Data\Symantec\LiveUpdate\Downloads" </FONT></P> <P><FONT size=3D2>8/20/01, 16:01:03 PM GMT -> Progress Update:=20 DOWNLOAD_FILE_RESUMING: URL:=20 = "http://a240.g.akamai.net/3/240/1271/0e8c31e2178a11/liveupdate.symantec. c= om/ennfullb.x86",=20 Full Download Path: "C:\WINDOWS\All Users\Application=20 Data\Symantec\LiveUpdate\Downloads\ennfullb.x86", partial size: = 1157120, full=20 size: 1565842 </FONT></P><BR> <P><FONT size=3D2>Just not sure where the http://a240.g.akamai.net = came from in=20 the middle of this update. Is it normal? The entire log is available = if it=20 would help. </FONT></P><BR> <P><FONT size=3D2>Thanks, </FONT></P><BR> <P><FONT size=3D2>George</FONT> </P> <P>"Man performs, engenders so much more than he can or should have to = bear.=20 That’s how he finds that he can bear anything" William Faulkner. = </P></BLOCKQUOTE></BODY></HTML> ------_=_NextPart_001_01C16896.06077B30--
