TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
----------------------------------------------------------------------------
In my lab while running down another problem in RealSecure with Microsoft
encryption, I am seeing an outbound HTTP_Post event from my console machine
whenever I communicate with an engine. Source port is 1406 (TCP) destination is
207.46.133.14 (HTTP). Info Type is URL, Value is /objects/ocget.dll,
Partial ARIN listing for this address is:
Microsoft (NETBLK-MICROSOFT-GLOBAL-NET)
One Microsoft Way
Redmond, WA 98052-6399
US
Netname: MICROSOFT-GLOBAL-NET
Netblock: 207.46.0.0 - 207.46.255.255
I haven't torn the packets down to check, but I would guess this is Microsoft's
cert checking process. Can anyone confirm that and save me the trouble of
running it down?
I'll leave the ranting about how easy it might be to find a console on a
network if my guess is correct to someone else.
Ken Stephens, CISSP
Sr. Security Manager
CSC
