This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Astaro device connected to one IP address which is belong to Astaro

Hi,

I just moved my IDS before my Astaro device, so I can get same traffic as Astaro WAN. When I check the snort log, I suddenly found that my Astaro device keep connecting to one IP address, 69.12.23.234, port 80, and this IP address is belong to Astaro, Dallas, Texas.

Here is the example:
Feb 7 08:53:11 aludra snort[3616]: [ID 702911 auth.alert] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING[Priority: 3]: {TCP} 192.168.0.10:34667 -> 69.12.23.234:80
Feb 7 08:53:11 aludra snort[3616]: [ID 702911 auth.alert] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING[Priority: 3]: {TCP} 192.168.0.10:34668 -> 69.12.23.234:80

It's connecting to port 80, which supposed to be a web site, so I try to see what's that web site, but it's totally empty!

My question: why my Astaro device keep connecting to this site? I turn off all my servers/PCs and let it runs lonely all night. This morning I check it again, it's trying to connect it often (but not like a cron job with a fixed period).

Thanks,

Hsinan

This thread was automatically locked due to age.

0 BAlfson over 15 years ago

Several possibilities, but my best guess is that's your Astaro checking for news to populate the news feed at the bottom of the Dashboard.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel
0 Hsinan over 15 years ago

Hi Bob,

I check my Astaro box again. There are only four news in the Dashboard, and it happened one or two months for each new .

First, I see no reason why this should be down so often. This should be done enough as daily base.

Second, if there is an "important" or "urgent" news, will we receive email notice? Can I disable it?

Thanks,

Hsinan
Cancel
Vote Up 0 Vote Down

Cancel