Copy link to clipboard
Copied
Currently, I have Adobe Acrobat Reader and my firewall keeps notifying me that the executable AdobeARM.exe is trying to connect to the following address:
IP Address: 23.41.168.139
Address Name: a23-41-168-139.deploy.static.akamaitechnologies.com
I am unsure if this is a legitimate address for adobeARM.exe. Does Adobe use Akamai Technologies servers to distribute its updates?
I want to create a rule allowing Adobe updates to do their thing, but I need to know the IP address or domain of the legitimate servers it should talk to. Attackers can use Adobe software to install malicious updates by having it connect to malicious servers acting like distribution servers.
How should I set up the firewall rule to allow Adobe to perform updates? i.e. the IP address, range, or domain name.
For instance, Google provides a list of their legitimate servers so that you can easily configure your firewalls to allow their products to operate.
Have something to add?