What are the requests? You're right -= "from Akamai" is pretty meaningless since their whole business is hosting other folk's content. Jim From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Neil Cassidy Sent: Tuesday, May 12, 2009 5:53 AM To: isalist@xxxxxxxxxxxxx Subject: [isalist] UPX packed executables - Akamai technologies Ok, here is my dilemma, not even sure how to word this question - I have a Sonicwall with gateway anti-virus that is (just in the last 2 weeks) flagging hundreds of daily occurrences of UPX packed executables, all from Akamai technologies websites. I believe these are probably legitimate updating services, but cannot tell for sure. My ISA 2004 server only shows the external NIC IP address and a port number in the logs (and of course the external information), I cannot tell what if any program is trying to access the websites and download the files. Anyway I can get more information on this? I have no idea if it is something on the server or a workstation, as it only shows the external NIC IP address.