Microsoft Windows Vista Community Forums - Vistaheads
Recommended Download



Welcome to the Microsoft Windows Vista Community Forums - Vistaheads, YOUR Largest Resource for Windows Vista related information.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so , join our community today!

If you have any problems with the registration process or your account login, please contact us.

Driver Scanner

MS outsource updates, complicates 3rd party firewall

microsoft.public.windowsupdate






Speedup My PC
Reply
  #1 (permalink)  
Old 04-09-2009
AndyHancock
 

Posts: n/a
MS outsource updates, complicates 3rd party firewall
In Windows Professional 2000, svchost connects out to Limelight
Networks port 80. A bit of surfing indicates that this might be a
check for updates. How do users of 3rd party firewalls keep on top of
the 3rd party content providers that Microsoft uses? The rules must
be constantly updated.
Reply With Quote
Sponsored Links
  #2 (permalink)  
Old 04-09-2009
PA Bear [MS MVP]
 

Posts: n/a
Re: MS outsource updates, complicates 3rd party firewall
[[Forwarded to Win2K.WU and Win2K.General newsgroups via crosspost.]]

AndyHancock wrote:
> In Windows Professional 2000, svchost connects out to Limelight
> Networks port 80. A bit of surfing indicates that this might be a
> check for updates. How do users of 3rd party firewalls keep on top of
> the 3rd party content providers that Microsoft uses? The rules must
> be constantly updated.

Reply With Quote
  #3 (permalink)  
Old 04-10-2009
Anthony [MVP]
 

Posts: n/a
Re: MS outsource updates, complicates 3rd party firewall
"the 3rd party content providers that Microsoft uses" ?
Your firewall should tell you that something is trying to call out, and ask
if you want to allow it. You need to know what it is to know whether it
should be doing that.
Anthony
http://www.airdesk.com


"AndyHancock" <AndyMHancock@gmail.com> wrote in message
news:b1d906f4-b1ea-4e57-bfa9-0960a0fc7e6e@k2g2000yql.googlegroups.com...
> In Windows Professional 2000, svchost connects out to Limelight
> Networks port 80. A bit of surfing indicates that this might be a
> check for updates. How do users of 3rd party firewalls keep on top of
> the 3rd party content providers that Microsoft uses? The rules must
> be constantly updated.


Reply With Quote
  #4 (permalink)  
Old 04-12-2009
AndyHancock
 

Posts: n/a
Re: MS outsource updates, complicates 3rd party firewall
Hello, Anthony,

I'm not clear about your last post.

Are you asking for clarification of what I meant by "the 3rd party
content providers that Microsoft uses"?

The firewall (Kerio Personal Firewall 2.1.5 issues a warning that
svchost is trying to connect out to Limelight Networks port 80. The
rest of my sleuthing is as I describe in the original post. I have no
further details.

If this is Windows checking for updates, it must a common problem,
endemic to users with third party firewalls. So I was wondering what
the established practice is to recognize such checks for updates, and
to keep firewall rules that permit such checks synchronized with the
IP addresses used for such checks by the content distributors on
behalf of Microsoft.

On Apr 10, 6:53*am, "Anthony [MVP]" <anth...@no-reply.com> wrote:
> "the 3rd party content providers that Microsoft uses" ?
> Your firewall should tell you that something is trying to call out, and ask
> if you want to allow it. You need to know what it is to know whether it
> should be doing that.
> Anthonyhttp://www.airdesk.com
>
> "AndyHancock" <AndyMHanc...@gmail.com> wrote in message
>
> news:b1d906f4-b1ea-4e57-bfa9-0960a0fc7e6e@k2g2000yql.googlegroups.com...
>
> > In Windows Professional 2000, svchost connects out to Limelight
> > Networks port 80. *A bit of surfing indicates that this might be a
> > check for updates. *How do users of 3rd party firewalls keep on top of
> > the 3rd party content providers that Microsoft uses? *The rules must
> > be constantly updated.


Reply With Quote
  #5 (permalink)  
Old 04-12-2009
Anthony [MVP]
 

Posts: n/a
Re: MS outsource updates, complicates 3rd party firewall
Andy,
Limelight is a third party product going out to check for updates. Kerio is
alerting you to that. There is no connection with Microsoft.
Anthony,
http://www.airdesk.com



"AndyHancock" <AndyMHancock@gmail.com> wrote in message
news:fcf8c069-3571-41dd-bcd5-3b5916d38b7b@x6g2000vbg.googlegroups.com...
> Hello, Anthony,
>
> I'm not clear about your last post.
>
> Are you asking for clarification of what I meant by "the 3rd party
> content providers that Microsoft uses"?
>
> The firewall (Kerio Personal Firewall 2.1.5 issues a warning that
> svchost is trying to connect out to Limelight Networks port 80. The
> rest of my sleuthing is as I describe in the original post. I have no
> further details.
>
> If this is Windows checking for updates, it must a common problem,
> endemic to users with third party firewalls. So I was wondering what
> the established practice is to recognize such checks for updates, and
> to keep firewall rules that permit such checks synchronized with the
> IP addresses used for such checks by the content distributors on
> behalf of Microsoft.
>
> On Apr 10, 6:53 am, "Anthony [MVP]" <anth...@no-reply.com> wrote:
>> "the 3rd party content providers that Microsoft uses" ?
>> Your firewall should tell you that something is trying to call out, and
>> ask
>> if you want to allow it. You need to know what it is to know whether it
>> should be doing that.
>> Anthony

http://www.airdesk.com
>>
>> "AndyHancock" <AndyMHanc...@gmail.com> wrote in message
>>
>> news:b1d906f4-b1ea-4e57-bfa9-0960a0fc7e6e@k2g2000yql.googlegroups.com...
>>
>> > In Windows Professional 2000, svchost connects out to Limelight
>> > Networks port 80. A bit of surfing indicates that this might be a
>> > check for updates. How do users of 3rd party firewalls keep on top of
>> > the 3rd party content providers that Microsoft uses? The rules must
>> > be constantly updated.

>

Reply With Quote
  #6 (permalink)  
Old 04-13-2009
AndyHancock
 

Posts: n/a
Re: MS outsource updates, complicates 3rd party firewall
Anthony,

Limelight is a content dissemintaor, not a product or process running
on the computer.

I agree that Kerio is alerting me to an outgoing connection, as I
describe that in my last post.

As per my last post, I was wondering how one can determine whether the
outgoing connection is a check for Windows updates.

I was also curious as to how you determined that there is no
connection with Microsoft. The gist of the thread is how users in
general can keep their firewall rules updated so as to permit Windows
checks for updates. Knowing the content providers and the IP address
blocks would be one part of achieving this. Automated assistance in
keeping the rules synchronized with the changing list of IP addresses
would be another part of the solution.

Thanks.

On Apr 12, 4:28 pm, "Anthony [MVP]" wrote:
> Andy, Limelight is a third party product going out to check for
> updates. Kerio is alerting you to that. There is no connection with
> Microsoft.
>
> "AndyHancock" <AndyMHanc...@gmail.com> wrote:
>
>> Hello, Anthony,

>
>> I'm not clear about your last post.
>>
>> Are you asking for clarification of what I meant by "the 3rd party
>> content providers that Microsoft uses"?
>>
>> The firewall (Kerio Personal Firewall 2.1.5 issues a warning that
>> svchost is trying to connect out to Limelight Networks port 80.
>> The rest of my sleuthing is as I describe in the original post. I
>> have no further details.
>>
>> If this is Windows checking for updates, it must a common problem,
>> endemic to users with third party firewalls. So I was wondering
>> what the established practice is to recognize such checks for
>> updates, and to keep firewall rules that permit such checks
>> synchronized with the IP addresses used for such checks by the
>> content distributors on behalf of Microsoft.
>>
>> On Apr 10, 6:53 am, "Anthony [MVP]" <anth...@no-reply.com> wrote:
>>> "the 3rd party content providers that Microsoft uses" ? Your
>>> firewall should tell you that something is trying to call out, and
>>> ask if you want to allow it. You need to know what it is to know
>>> whether it should be doing that.
>>>
>>> "AndyHancock" <AndyMHanc...@gmail.com> wrote in message
>>>> In Windows Professional 2000, svchost connects out to Limelight
>>>> Networks port 80. A bit of surfing indicates that this might be a
>>>> check for updates. How do users of 3rd party firewalls keep on
>>>> top of the 3rd party content providers that Microsoft uses? The
>>>> rules must be constantly updated.

Reply With Quote
  #7 (permalink)  
Old 04-14-2009
Anthony [MVP]
 

Posts: n/a
Re: MS outsource updates, complicates 3rd party firewall
Hi Andy,
The check for windows updates will be from a hidden process wuauclt.exe
running under a svchost process. Kerio should alert you to these so you can
allow them. They will be going out to xxx.microsoft.com, so you can also
restrict them to going out to those sites only if you want.
Here is an example for Sophos. I don't know the Kerio one.
http://www.sophos.com/support/knowle...cle/17444.html
There are no content providers or disseminators involved, so there is no
list to keep updated,
Hope that helps,
Anthony
http://www.airdesk.com





"AndyHancock" <AndyMHancock@gmail.com> wrote in message
news:3217a645-b82a-4d21-9cb9-6dc1da876316@z9g2000yqi.googlegroups.com...
> Anthony,
>
> Limelight is a content dissemintaor, not a product or process running
> on the computer.
>
> I agree that Kerio is alerting me to an outgoing connection, as I
> describe that in my last post.
>
> As per my last post, I was wondering how one can determine whether the
> outgoing connection is a check for Windows updates.
>
> I was also curious as to how you determined that there is no
> connection with Microsoft. The gist of the thread is how users in
> general can keep their firewall rules updated so as to permit Windows
> checks for updates. Knowing the content providers and the IP address
> blocks would be one part of achieving this. Automated assistance in
> keeping the rules synchronized with the changing list of IP addresses
> would be another part of the solution.
>
> Thanks.
>
> On Apr 12, 4:28 pm, "Anthony [MVP]" wrote:
>> Andy, Limelight is a third party product going out to check for
>> updates. Kerio is alerting you to that. There is no connection with
>> Microsoft.
>>
>> "AndyHancock" <AndyMHanc...@gmail.com> wrote:
>>
>>> Hello, Anthony,

>>
>>> I'm not clear about your last post.
>>>
>>> Are you asking for clarification of what I meant by "the 3rd party
>>> content providers that Microsoft uses"?
>>>
>>> The firewall (Kerio Personal Firewall 2.1.5 issues a warning that
>>> svchost is trying to connect out to Limelight Networks port 80.
>>> The rest of my sleuthing is as I describe in the original post. I
>>> have no further details.
>>>
>>> If this is Windows checking for updates, it must a common problem,
>>> endemic to users with third party firewalls. So I was wondering
>>> what the established practice is to recognize such checks for
>>> updates, and to keep firewall rules that permit such checks
>>> synchronized with the IP addresses used for such checks by the
>>> content distributors on behalf of Microsoft.
>>>
>>> On Apr 10, 6:53 am, "Anthony [MVP]" <anth...@no-reply.com> wrote:
>>>> "the 3rd party content providers that Microsoft uses" ? Your
>>>> firewall should tell you that something is trying to call out, and
>>>> ask if you want to allow it. You need to know what it is to know
>>>> whether it should be doing that.
>>>>
>>>> "AndyHancock" <AndyMHanc...@gmail.com> wrote in message
>>>>> In Windows Professional 2000, svchost connects out to Limelight
>>>>> Networks port 80. A bit of surfing indicates that this might be a
>>>>> check for updates. How do users of 3rd party firewalls keep on
>>>>> top of the 3rd party content providers that Microsoft uses? The
>>>>> rules must be constantly updated.


Reply With Quote
  #8 (permalink)  
Old 04-15-2009
AndyHancock
 

Posts: n/a
Re: MS outsource updates, complicates 3rd party firewall
Thanks, Anthony. That does indeed help. I looked up the three URLs
provided at the sophos webpage your cited.

1. update.microsoft.com resolves to 207.46.21.123, which whois
confirms
is Microsoft.

2. download.microsoftupdates.com resolves to 208.73.210.121, which
whois
reveals to be Oversee.net (advertising).

3. windowsupdate.microsoft.com resolves to 207.46.18.94, which whois
confirms is Microsoft.

Strangely enough, I have found it necessary in the past to permit
access to the following before updates would work properly.

4. Net Access Corp, 209.123.0.0 - 209.123.255.255
5. Level 3 Communications, 206.32.0.0 - 206.35.255.255
6. Akamai Technologies, 72.246.0.0 - 72.247.255.255

I've disabled permissions #4 thru #6 to see if anything goes awry.

It is #4 thru #6 that caused me to believe that Microsoft uses 3rd
party content disseminators. Even #2 seems to do this.

On Apr 14, 3:27 am, "Anthony [MVP]" <anth...@no-reply.com> wrote:
> Hi Andy,
> The check for windows updates will be from a hidden process
> wuauclt.exe running under a svchost process. Kerio should alert you
> to these so you can allow them. They will be going out to
> xxx.microsoft.com, so you can also restrict them to going out to
> those sites only if you want. Here is an example for Sophos. I
> don't know the Kerio
> one.http://www.sophos.com/support/knowle...cle/17444.html
> There are no content providers or disseminators involved, so there
> is no list to keep updated,
> Hope that helps,
> Anthony http://www.airdesk.com
>
> "AndyHancock" <AndyMHanc...@gmail.com> wrote:
>> Anthony,
> >
>> Limelight is a content dissemintaor, not a product or process running
>> on the computer.
>>
>> I agree that Kerio is alerting me to an outgoing connection, as I
>> describe that in my last post.
>>
>> As per my last post, I was wondering how one can determine whether the
>> outgoing connection is a check for Windows updates.
>>
>> I was also curious as to how you determined that there is no
>> connection with Microsoft. The gist of the thread is how users in
>> general can keep their firewall rules updated so as to permit Windows
>> checks for updates. Knowing the content providers and the IP address
>> blocks would be one part of achieving this. Automated assistance in
>> keeping the rules synchronized with the changing list of IP addresses
>> would be another part of the solution.
>>
>> Thanks.
>>
>> On Apr 12, 4:28 pm, "Anthony [MVP]" wrote:
>>> Andy, Limelight is a third party product going out to check for
>>> updates. Kerio is alerting you to that. There is no connection with
>>> Microsoft.
>>>
>>> "AndyHancock" <AndyMHanc...@gmail.com> wrote:
>>>>
>>>> Hello, Anthony,
>>>>
>>>> I'm not clear about your last post.
>>>>
>>>> Are you asking for clarification of what I meant by "the 3rd party
>>>> content providers that Microsoft uses"?
>>>>
>>>> The firewall (Kerio Personal Firewall 2.1.5 issues a warning that
>>>> svchost is trying to connect out to Limelight Networks port 80.
>>>> The rest of my sleuthing is as I describe in the original post. I
>>>> have no further details.
>>>>
>>>> If this is Windows checking for updates, it must a common problem,
>>>> endemic to users with third party firewalls. So I was wondering
>>>> what the established practice is to recognize such checks for
>>>> updates, and to keep firewall rules that permit such checks
>>>> synchronized with the IP addresses used for such checks by the
>>>> content distributors on behalf of Microsoft.
>>>>
>>>> On Apr 10, 6:53 am, "Anthony [MVP]" <anth...@no-reply.com> wrote:
>>>>> "the 3rd party content providers that Microsoft uses" ? Your
>>>>> firewall should tell you that something is trying to call out, and
>>>>> ask if you want to allow it. You need to know what it is to know
>>>>> whether it should be doing that.
>>>>>
>>>>> "AndyHancock" <AndyMHanc...@gmail.com> wrote in message
>>>>>> In Windows Professional 2000, svchost connects out to Limelight
>>>>>> Networks port 80. A bit of surfing indicates that this might be a
>>>>>> check for updates. How do users of 3rd party firewalls keep on
>>>>>> top of the 3rd party content providers that Microsoft uses? The
>>>>>> rules must be constantly updated.

Reply With Quote
  #9 (permalink)  
Old 04-19-2009
AndyHancock
 

Posts: n/a
Re: MS outsource updates, complicates 3rd party firewall
In addition to #2 below indicating that MS does indeed use what seem
to be 3rd party servers, common MS apps like media player also use
what seem to be 3rd party servers; Limelight Networks,
http://whois.domaintools.com/213.199.149.164, aka llnw, associated
with Level 3 below.

This practice is making firewall rule management very difficult.

---------- Forwarded message ----------
From: AndyHancock <AndyMHanc...@gmail.com>
Date: Apr 15, 12:31 am
Subject: MS outsource updates, complicates 3rd party firewall
To: microsoft.public.win2000.general,
microsoft.public.win2000.windows_update,
microsoft.public.windows.networking.firewall,
microsoft.public.windowsupdate

Thanks, Anthony. That does indeed help. I looked up the three URLs
provided at the sophos webpage your cited.

1. update.microsoft.com resolves to 207.46.21.123, which whois
confirms
is Microsoft.

2. download.microsoftupdates.com resolves to 208.73.210.121, which
whois
reveals to be Oversee.net (advertising).

3. windowsupdate.microsoft.com resolves to 207.46.18.94, which whois
confirms is Microsoft.

Strangely enough, I have found it necessary in the past to permit
access to the following before updates would work properly.

4. Net Access Corp, 209.123.0.0 - 209.123.255.255
5. Level 3 Communications, 206.32.0.0 - 206.35.255.255
6. Akamai Technologies, 72.246.0.0 - 72.247.255.255

I've disabled permissions #4 thru #6 to see if anything goes awry.

It is #4 thru #6 that caused me to believe that Microsoft uses 3rd
party content disseminators. Even #2 seems to do this.

On Apr 14, 3:27 am, "Anthony [MVP]" <anth...@no-reply.com> wrote:

> Hi Andy,
> The check for windows updates will be from a hidden process
> wuauclt.exe running under a svchost process. Kerio should alert you
> to these so you can allow them. They will be going out to
> xxx.microsoft.com, so you can also restrict them to going out to
> those sites only if you want. Here is an example for Sophos. I
> don't know the Kerio
> one.http://www.sophos.com/support/knowle...cle/17444.html
> There are no content providers or disseminators involved, so there
> is no list to keep updated,
> Hope that helps,
> Anthonyhttp://www.airdesk.com


> "AndyHancock" <AndyMHanc...@gmail.com> wrote:
>> Anthony,


>> Limelight is a content dissemintaor, not a product or process running
>> on the computer.


>> I agree that Kerio is alerting me to an outgoing connection, as I
>> describe that in my last post.


>> As per my last post, I was wondering how one can determine whether the
>> outgoing connection is a check for Windows updates.


>> I was also curious as to how you determined that there is no
>> connection with Microsoft. The gist of the thread is how users in
>> general can keep their firewall rules updated so as to permit Windows
>> checks for updates. Knowing the content providers and the IP address
>> blocks would be one part of achieving this. Automated assistance in
>> keeping the rules synchronized with the changing list of IP addresses
>> would be another part of the solution.


>> Thanks.


>> On Apr 12, 4:28 pm, "Anthony [MVP]" wrote:
>>> Andy, Limelight is a third party product going out to check for
>>> updates. Kerio is alerting you to that. There is no connection with
>>> Microsoft.


>>> "AndyHancock" <AndyMHanc...@gmail.com> wrote:


>>>> Hello, Anthony,


>>>> I'm not clear about your last post.


>>>> Are you asking for clarification of what I meant by "the 3rd party
>>>> content providers that Microsoft uses"?


>>>> The firewall (Kerio Personal Firewall 2.1.5 issues a warning that
>>>> svchost is trying to connect out to Limelight Networks port 80.
>>>> The rest of my sleuthing is as I describe in the original post. I
>>>> have no further details.


>>>> If this is Windows checking for updates, it must a common problem,
>>>> endemic to users with third party firewalls. So I was wondering
>>>> what the established practice is to recognize such checks for
>>>> updates, and to keep firewall rules that permit such checks
>>>> synchronized with the IP addresses used for such checks by the
>>>> content distributors on behalf of Microsoft.


>>>> On Apr 10, 6:53 am, "Anthony [MVP]" <anth...@no-reply.com> wrote:
>>>>> "the 3rd party content providers that Microsoft uses" ? Your
>>>>> firewall should tell you that something is trying to call out, and
>>>>> ask if you want to allow it. You need to know what it is to know
>>>>> whether it should be doing that.


>>>>> "AndyHancock" <AndyMHanc...@gmail.com> wrote in message
>>>>>> In Windows Professional 2000, svchost connects out to Limelight
>>>>>> Networks port 80. A bit of surfing indicates that this might be a
>>>>>> check for updates. How do users of 3rd party firewalls keep on
>>>>>> top of the 3rd party content providers that Microsoft uses? The
>>>>>> rules must be constantly updated.

Reply With Quote
  #10 (permalink)  
Old 04-19-2009
Anthony [MVP]
 

Posts: n/a
Re: MS outsource updates, complicates 3rd party firewall
Andy,
Does Kerio require you to use an IP address instead of a domain name?

The domain names are registered to Microsoft, which you can confirm in
Whois. windowsupdate.com and microsoftupdate.com are registered by
Microsoft. Only Microsoft have the authority to control the name resolution
for those domains, so any IP address that is a host in those domains must be
one that Microsoft want you to go to.

The actual IP address can be any device, anywhere, hosted by anyone. Its
just that you won't resolve a name to that IP unless it is in the DNS
controlled by Microsoft.

When you lookup the IP address, you are just discovering which organisation
has control of that IP address range. So if I put a server in an ISP
datacentre they will assign me one of their IP addresses. I will then go
into my own DNS and put that address against my server name, so that it
resolves to the IP assigned to me. The ISP can't do that. Oversee.net
control the network and the routing that that particular Microsoft Updates
service is sitting on, but they have no control of the host itself by virtue
of that.

Hope that helps,
Anthony
http://www.airdesk.com



"AndyHancock" <AndyMHancock@gmail.com> wrote in message
news:a29b2dde-893e-47be-945f-2d6a86b9918a@e18g2000yqo.googlegroups.com...
> In addition to #2 below indicating that MS does indeed use what seem
> to be 3rd party servers, common MS apps like media player also use
> what seem to be 3rd party servers; Limelight Networks,
> http://whois.domaintools.com/213.199.149.164, aka llnw, associated
> with Level 3 below.
>
> This practice is making firewall rule management very difficult.
>
> ---------- Forwarded message ----------
> From: AndyHancock <AndyMHanc...@gmail.com>
> Date: Apr 15, 12:31 am
> Subject: MS outsource updates, complicates 3rd party firewall
> To: microsoft.public.win2000.general,
> microsoft.public.win2000.windows_update,
> microsoft.public.windows.networking.firewall,
> microsoft.public.windowsupdate
>
> Thanks, Anthony. That does indeed help. I looked up the three URLs
> provided at the sophos webpage your cited.
>
> 1. update.microsoft.com resolves to 207.46.21.123, which whois
> confirms
> is Microsoft.
>
> 2. download.microsoftupdates.com resolves to 208.73.210.121, which
> whois
> reveals to be Oversee.net (advertising).
>
> 3. windowsupdate.microsoft.com resolves to 207.46.18.94, which whois
> confirms is Microsoft.
>
> Strangely enough, I have found it necessary in the past to permit
> access to the following before updates would work properly.
>
> 4. Net Access Corp, 209.123.0.0 - 209.123.255.255
> 5. Level 3 Communications, 206.32.0.0 - 206.35.255.255
> 6. Akamai Technologies, 72.246.0.0 - 72.247.255.255
>
> I've disabled permissions #4 thru #6 to see if anything goes awry.
>
> It is #4 thru #6 that caused me to believe that Microsoft uses 3rd
> party content disseminators. Even #2 seems to do this.
>
> On Apr 14, 3:27 am, "Anthony [MVP]" <anth...@no-reply.com> wrote:
>
>> Hi Andy,
>> The check for windows updates will be from a hidden process
>> wuauclt.exe running under a svchost process. Kerio should alert you
>> to these so you can allow them. They will be going out to
>> xxx.microsoft.com, so you can also restrict them to going out to
>> those sites only if you want. Here is an example for Sophos. I
>> don't know the Kerio
>> one.http://www.sophos.com/support/knowle...cle/17444.html
>> There are no content providers or disseminators involved, so there
>> is no list to keep updated,
>> Hope that helps,
>> Anthonyhttp://www.airdesk.com

>
>> "AndyHancock" <AndyMHanc...@gmail.com> wrote:
>>> Anthony,

>
>>> Limelight is a content dissemintaor, not a product or process running
>>> on the computer.

>
>>> I agree that Kerio is alerting me to an outgoing connection, as I
>>> describe that in my last post.

>
>>> As per my last post, I was wondering how one can determine whether the
>>> outgoing connection is a check for Windows updates.

>
>>> I was also curious as to how you determined that there is no
>>> connection with Microsoft. The gist of the thread is how users in
>>> general can keep their firewall rules updated so as to permit Windows
>>> checks for updates. Knowing the content providers and the IP address
>>> blocks would be one part of achieving this. Automated assistance in
>>> keeping the rules synchronized with the changing list of IP addresses
>>> would be another part of the solution.

>
>>> Thanks.

>
>>> On Apr 12, 4:28 pm, "Anthony [MVP]" wrote:
>>>> Andy, Limelight is a third party product going out to check for
>>>> updates. Kerio is alerting you to that. There is no connection with
>>>> Microsoft.

>
>>>> "AndyHancock" <AndyMHanc...@gmail.com> wrote:

>
>>>>> Hello, Anthony,

>
>>>>> I'm not clear about your last post.

>
>>>>> Are you asking for clarification of what I meant by "the 3rd party
>>>>> content providers that Microsoft uses"?

>
>>>>> The firewall (Kerio Personal Firewall 2.1.5 issues a warning that
>>>>> svchost is trying to connect out to Limelight Networks port 80.
>>>>> The rest of my sleuthing is as I describe in the original post. I
>>>>> have no further details.

>
>>>>> If this is Windows checking for updates, it must a common problem,
>>>>> endemic to users with third party firewalls. So I was wondering
>>>>> what the established practice is to recognize such checks for
>>>>> updates, and to keep firewall rules that permit such checks
>>>>> synchronized with the IP addresses used for such checks by the
>>>>> content distributors on behalf of Microsoft.

>
>>>>> On Apr 10, 6:53 am, "Anthony [MVP]" <anth...@no-reply.com> wrote:
>>>>>> "the 3rd party content providers that Microsoft uses" ? Your
>>>>>> firewall should tell you that something is trying to call out, and
>>>>>> ask if you want to allow it. You need to know what it is to know
>>>>>> whether it should be doing that.

>
>>>>>> "AndyHancock" <AndyMHanc...@gmail.com> wrote in message
>>>>>>> In Windows Professional 2000, svchost connects out to Limelight
>>>>>>> Networks port 80. A bit of surfing indicates that this might be a
>>>>>>> check for updates. How do users of 3rd party firewalls keep on
>>>>>>> top of the 3rd party content providers that Microsoft uses? The
>>>>>>> rules must be constantly updated.


Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Third-Party Firewall Auditing and Management Tools Gain Steam Steve Security News 0 02-25-2009 20:10
Do you feel the need for a 3rd party firewall to preotect your Vista ? WinVistaClub WinVistaClub Blog 0 12-22-2008 08:50
3rd Party Firewall JamesJ microsoft.public.windows.vista.security 13 09-08-2008 11:32
Third party firewall killing my Internet connection JJ microsoft.public.windows.vista.networking sharing 4 09-14-2007 23:06
Do I really need a third party firewall? notachance microsoft.public.windows.vista.general 32 06-27-2007 21:18




All times are GMT +1. The time now is 09:02.




Driver Scanner - Free Scan Now

Vistaheads.com is part of the Heads Network. See also XPHeads.com , Win7Heads.com and Win8Heads.com.


Design by Vjacheslav Trushkin for phpBBStyles.com.
Powered by vBulletin® Version 3.6.7
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.6.0 RC 2

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120