NAV Liveupdate Question

K

Kierkecaat

Liveupdate on my lady's Win98, NAV 2002 PC is accessing:

panther.umaryland.edu

for the update files. She is on several mail lists at Maryland, which
have been riddled with various virii for many months.

Is is known that Norton distributes its definitions and updates to
participating sites, or is there reason to be concerned about this
behavior?

Thanks,
KC
 
K

Kierkecaat

Thanks for the feedback. I'm right there with you on the strategies;
I booted her machine in safe mode and installed the latest Intelligent
Update after running the latest Stinger (both found NOTHING).

I did find that her RNAAPP.exe was frequently trying to make friends
connecting out on UPD port 137 to various addresses. Used Kerio to
put an end to that, but I don't know if that indicates a problem.

Liveupdate DOES appear to be a complex beastie, however: on both her
machine and mine, liveupdate.symantecliveupdate.com resolves to:

a568.x.akamai.net

But on her machine with a different ISP than mine, a568.x.akamai.net
resolves to a different IP than it does on mine:

193.108.95.47 vs. 63.211.66.38

It does seem possible that Norton has a system in place to disperse
the load on Liveupdate, doesn't it?

I would be interested to hear from someone who has looked directly
into this question.

Thanks, KC
 
C

Chuck

Thanks for the feedback. I'm right there with you on the strategies;
I booted her machine in safe mode and installed the latest Intelligent
Update after running the latest Stinger (both found NOTHING).

I did find that her RNAAPP.exe was frequently trying to make friends
connecting out on UPD port 137 to various addresses. Used Kerio to
put an end to that, but I don't know if that indicates a problem.

Liveupdate DOES appear to be a complex beastie, however: on both her
machine and mine, liveupdate.symantecliveupdate.com resolves to:

a568.x.akamai.net

But on her machine with a different ISP than mine, a568.x.akamai.net
resolves to a different IP than it does on mine:

193.108.95.47 vs. 63.211.66.38

It does seem possible that Norton has a system in place to disperse
the load on Liveupdate, doesn't it?

I would be interested to hear from someone who has looked directly
into this question.

Thanks, KC
Click to expand...

KC,

Akamai is edge technology, and Symantec uses Akamai for its content
distribution, such as signature updates. Many ISPs have an Akamai server local
to their address space, so you should expect any xxx.akamai.net to resolve
differently for any different ISP.

In addition to running several virus scans, and AdAware / Spybot S&D (which
complement each other), I would advise HijackThis, which looks differently for
spyware. Complete instructions:
http://forums.spywareinfo.com/index.php?showtopic=227

For information about RNAAPP.exe, this might help:
http://www.modemhelp.net/newsletter/dun/combatrnaapp.shtml

Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
 
K

Kierkecaat

Chuck, thanks, useful stuff.

Cheers, KC

KC,

Akamai is edge technology, and Symantec uses Akamai for its content
distribution, such as signature updates. Many ISPs have an Akamai server local
to their address space, so you should expect any xxx.akamai.net to resolve
differently for any different ISP.

In addition to running several virus scans, and AdAware / Spybot S&D (which
complement each other), I would advise HijackThis, which looks differently for
spyware. Complete instructions:
http://forums.spywareinfo.com/index.php?showtopic=227

For information about RNAAPP.exe, this might help:
http://www.modemhelp.net/newsletter/dun/combatrnaapp.shtml

Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

NAV 2004 LiveUpdate Doesn't Update Live 3
Liveupdate/AOL broadband problem 8
Norton (NAV 2002) does not detect hotfix.exe as a threat even afterupdate 1
Norton Systemworks Professional 2003 NAV 2003 - Liveupdate keeps quitting, why?? 3
NAV & symnrt.exe 10
Norton Antivirus 2002 Liveupdate Help 2
NAV2006 19
Alert! W32.Welchia.B.Worm 3

Top