[colug-432] Why does CentOS want to talk to mail.panamacityobgyn.com?
Rob Stampfli
rob944 at cboh.org
Mon Mar 6 15:13:30 EST 2017
Recently I loaded a VM with CentOS 6 (x86_64 6.7 final) from an old CD
image I happened to have laying around. I noticed afterwards that the
VM had established a connection to 75.76.84.26:http, which translates
to mail.panamacityobgyn.com. The connection is coming from the calendar
widget on the desktop. Delete it and the connection goes away. Hmm,
this didn't look kosher to me, so I pulled a copy of the latest CentOS
6.8 and loaded it instead. This time the connection moved to 75.76.84.32
(static-75-76-84-32.knology.net). (Actually, simply booting the install
disk is sufficient to observe this -- just bring up a shell on the desktop
and type "ss". "lsof" will point to the actual culprit: "clock-app")
So what is going on here? Why is this widget reaching out to these, well
at best unusual, IPs?
Enquiring minds...
Rob
More information about the colug-432
mailing list