In a message written on Thu, Sep 29, 2011 at 12:11:48PM -0700, Jones, Barry wrote:
A little off topic, but wanted to share... I purchased a home storage Synology DS1511+. After configuring it on the home net, I did some captures to look at the protocols, and noticed that the DS1511+ is making outgoing connections to 59.124.41.242 (www) and 59.124.41.245 (port 81 & 89) on a regular basis. These addresses are owned by Synology and Chungwa Telecom in Taiwan.
So far, I've not been able to find much information on their support sites, or Synology's wiki, but I wanted to put it out there.
GET / HTTP/1.1 Host: 59.124.41.245:81 Accept: */*
Perhaps a little further digging was in order? For instance, putting the IP and port in a web browser (http://59.124.41.245:81) which returns: <html><head><title>Current IP Check</title></head><body>Current IP Address: REDACTED</body></html> Looking at Synology's web page we find: http://www.synology.com/dsm/internet_connection.php?lang=us If they are going to do things like UPNP to open a port, and then DDNS to let you get there from the outside world than the box needs to know your outside NAT address, and simple relays like this are the best bet. It's another ugly hack to get around the problems of a NAT in the middle. I bet the box also checks for a new version of software from time to time. While I would like vendors to better disclose the "phone home" behavior of their devices, virtually every computing device does this in some way or another if only to check for new software. Windows and Mac's check a web server to know if you are "connected to the internet" or not. NAT traversal often uses a relay. DDNS registrations need the real IP, and so on. Not much to see here, really, other than how ugly some of our protocols are in the real world. -- Leo Bicknell - bicknell@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/