I’ve noticed that whenever I try to install anything with SP3, a confirmation window opens up asking me if I want to run. I also see that explorer.exe tries to connect to net ranges 199.7.48.0 - 199.7.63.255 over port 80. Following WhoIs, I see that range belongs to VeriSign Global Registry Services, I figure it’s probably just trying to certify the installer application.
Anyways, I’m wondering if this is something I can/should be blocking without any problems?
[attachment deleted by admin]
Explorer.exe and WOS should be outgoing only. Also svchost and system should be outgoing only. SP3 has no factory in this.
Nah, I’m pretty positive explorer can be killed off. I’m just not sure if the exception should be made in regards to the verisign digital thing.
I’m doubtful of the SP3 factor as well, though this kind of behavior with explorer didn’t happen for me in SP2 (except trying to connect to microsoft whenever I did a search for a file), so I’m just trying to draw the dots.
If I check a Digital sig. on a file and press details explorer.exe tries to connect out, so it is possible that it happens when you install.
Dennis
A quick check of the IP address 199.7.54.190 belongs to crl.verisgn.com. Most likely that is the “Certificate Revocation List” lookup, to make sure the signing certificate is valid. In Internet Explorer, click Tools → Internet Options, the Advanced tab, and way down toward the bottom of that list is a checkbox “check for certificate revocation”. Clear the checkbox, and the query should go away.
I’ll try it out, thanks.
edit: Presto it works, query is gone (at least I think with what I tried to run it with, but we’ll see in the long sense), thanks.