[isalist] Re: Best way to publish Webroot Spysweeper server

  • From: "John T \(lists\)" <johnlist@xxxxxxxxxxxxxxxxxxx>
  • To: <isalist@xxxxxxxxxxxxx>
  • Date: Fri, 10 Aug 2007 13:15:37 -0700

The best way is to uninstall Webroot. If you read the various forums, this
software is junk and is actually considered to be a form of spyware by some.

 

No way would I allow that on any of my or my client workstations or servers.

 

John T

 

From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Rob Moore
Sent: Friday, August 10, 2007 12:01 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Best way to publish Webroot Spysweeper server

 

Hello all-

Using ISA 2006 Standard Edition.

I have a question about getting updates to my Webroot Spysweeper server. It
may help if you've actually done this yourself, as the instructions are
confusing.

Apparently when my Spysweeper server looks for updates it goes out to the
Webroot server (enterprise.webroot.com) over port 443 to check for updates.
If there are updates available, they are delivered over random high-numbered
ports. Here's what one bit of Webroot documentation says:  "To allow the
Webroot Admin Console to download updates through an ISA server, the ISA
server must be set to allow INBOUND HTTPS traffic over ANY port from the
Webroot update servers. While the Admin Console makes a connection outbound
over port 443, the return reply and subsequent data is downloaded over a
random high-numbered port. The Webroot update servers can be specified in
the ISA/proxy server rules by server name which is enterprise.webroot.com,
or by IP address. Be aware that the IP address for the Webroot Update
servers may change periodically and can be obtained by using a dns lookup
command or by pinging enterprise.webroot.com."

In another bit of documentation it says they are delivered over port 50003.

In either case, I'm not sure how to handle this. I'm not exactly publishing
a server. How do I set this up to allow outbound traffic on one port
(actually, all my computers are allowed outbound traffic on port 443) and
return traffic over either "random high-numbered ports" or port 50003
(depending on which is correct)?

Sorry if this is a basic question, but it's not something I've done before.
Any help would be appreciated.

Thanks,

Rob

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Rob Moore

Network Manager

215-241-7870

Help Desk: 800-500-AFSC

Other related posts: