Norton Internet Security auto connects to remote networks...

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hello from Australia ... checking my NIS activity log today and low and
behold come across these little beauties ...

Date: 12/4/2004 Time: 11:35:17
The user has created a rule to "permit" communications. Details:
Outbound TCP connection
Remote address,service is (12.158.80.10,http(80))
Process name is "C:\Program Files\Norton Internet Security\IAMAPP.EXE"

Now according to ARIN ... IP 12.158.80.10 is:
OrgName: AT&T WorldNet Services
OrgID: ATTW
Address: 400 Interpace Parkway
City: Parsippany
StateProv: NJ
PostalCode: 07054
Country: US

Anyone know why my NIS is smooching up to AT&T ???

Another one ... today also ???

Date: 12/4/2004 Time: 11:37:43
The user has created a rule to "permit" communications. Details:
Outbound TCP connection
Remote address,service is (208.184.139.112,30686)
Process name is "C:\Program Files\Symantec\LiveUpdate\LuComServer_2_5.EXE"

Now according to ARIN ... IP 208.184.139.112 is:
OrgName: Abovenet Communications, Inc
OrgID: ABVE
Address: 360 Hamilton Ave
City: White Plains
StateProv: NY
PostalCode: 10601
Country: US

Remember I live in Australia ... and again anyone know why my NIS is
smooching up to US networks without my direct knowledge or permission?

Cannot get an answer from Symantec.

Cheers ...
 
Rob said:
Hello from Australia ... checking my NIS activity log today and low
and behold come across these little beauties ...

Date: 12/4/2004 Time: 11:35:17
The user has created a rule to "permit" communications. Details:
Outbound TCP connection
Remote address,service is (12.158.80.10,http(80))
Process name is "C:\Program Files\Norton Internet Security\IAMAPP.EXE"

Now according to ARIN ... IP 12.158.80.10 is:
OrgName: AT&T WorldNet Services
OrgID: ATTW
Address: 400 Interpace Parkway
City: Parsippany
StateProv: NJ
PostalCode: 07054
Country: US

Anyone know why my NIS is smooching up to AT&T ???

Another one ... today also ???

Date: 12/4/2004 Time: 11:37:43
The user has created a rule to "permit" communications. Details:
Outbound TCP connection
Remote address,service is (208.184.139.112,30686)
Process name is "C:\Program
Files\Symantec\LiveUpdate\LuComServer_2_5.EXE"

Now according to ARIN ... IP 208.184.139.112 is:
OrgName: Abovenet Communications, Inc
OrgID: ABVE
Address: 360 Hamilton Ave
City: White Plains
StateProv: NY
PostalCode: 10601
Country: US

Remember I live in Australia ... and again anyone know why my NIS is
smooching up to US networks without my direct knowledge or permission?
Click to expand...

My guess would be it's allowing the Live Update program to connect to a
server which is on the networks involved above. I have no idea why it
would be connecting to a U.S. server when you're in Australia, but Live
Update is part of all Symantec products. Have you activated the
product? If not, perhaps it is trying to connect to the server where
you will need to activate since recent Symantec products require
activation.

Malke
 
Back
Top