Question
Thread display: Collapse - |
All Answers
Start or search
Create a new discussion
If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.
Funny Apple Traffic?
It would appear that a user's Apple iTunes is getting very chatty with the mothership.
What I see is three times a second, an inbound packet from:
commnat-cohort.gc.apple.com
remote port 16387 local port 64536
Since this is happening three times a second, it's filling up my logs....
And my Firewall is alerting on this....saying it's a UDP port scan (!)
2010-10-13T12:03:27-04:00 fw,fwmon src=17.155.5.237 dst=xxx.xxx.xxx.xxx ipprot=17 sport=16387 dport=54070 UDP Port Scan Detected
Since I am not logging everything that's going outbound, this traffic is most likely a response to a desktop running iTunes.
I verified the IP address belongs to Apple, so it's legit traffic.
I know the version of iTunes was recently updated....is this a new feature 'phoning home'? (Ironically, could it be their new PING feature?)
I may add a firewall rule to explicitly block this traffic, but anybody know why Apple iTunes is doing this?