SymDaemon outgoing connection

Archive
1

Hi,

 

We use LittleSnitch to observe outgoing connections.

 

We just had a request from SymDaemon to connect to a symantec.com address, which we allowed.

 

This is the first time that I have ever been aware of NAV asking for a connection outside of LiveUpdate.

 

There is nothing in the NAV activity log.

 

What is the nature of this connection?

 

LittleSnitch logged the following request: 

 

Connection report for process: SymDaemon (/Library/Application Support/Symantec/Daemon/SymDaemon.bundle/Contents/MacOS/SymDaemon)Total: 2.0kB sent, 2.4kB received avpg.crsi.symantec.com (206.204.63.20), Port 443 (https), Protocol 6 (TCP), 2.0kB sent, 2.4kB received

 

MacOS X 10.6.4

NAV 11.1.1 (stand-alone)

LittleSnitch 2.2.4

 

2

Not sure why LittleSnitch never caught these before. Kinda weird.

 

You mentioned NIS, Ryan.

We are just using the stand-alone version of NAV 11.  I assume the info about SymDaemon applies equally to plain NAV.

3

They were added to Vulnerability Protection update released last December. Since NAV 11 shares the same Vulnerability Protection engine, Norton AntiVirus received the same updates.

4

Hi,

 

We use LittleSnitch to observe outgoing connections.

 

We just had a request from SymDaemon to connect to a symantec.com address, which we allowed.

 

This is the first time that I have ever been aware of NAV asking for a connection outside of LiveUpdate.

 

There is nothing in the NAV activity log.

 

What is the nature of this connection?

 

LittleSnitch logged the following request: 

 

Connection report for process: SymDaemon (/Library/Application Support/Symantec/Daemon/SymDaemon.bundle/Contents/MacOS/SymDaemon)Total: 2.0kB sent, 2.4kB received avpg.crsi.symantec.com (206.204.63.20), Port 443 (https), Protocol 6 (TCP), 2.0kB sent, 2.4kB received

 

MacOS X 10.6.4

NAV 11.1.1 (stand-alone)

LittleSnitch 2.2.4