For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

khkim's avatar
khkim
Icon for Nimbostratus rankNimbostratus
Mar 27, 2023

DNS queries from APM Edge Client

hello everyone
I confirmed that APM Edge Client requests DNS queries to msftconnecttest.com and cdn.f5.com.

One question is why do you need communication for these 2 domains?

Who can help?

thank you

application delivery
security

1 Reply

  • AubreyKingF5's avatar
    AubreyKingF5
    Icon for Moderator rankModerator
    Mar 28, 2023

    I would think that's for client binary updates (cdn) and the other is something owned by http://www.comlaude.com and hosted in Azure, as evidenced by whois:

    aking@aknuc:~$ whois msftconnecttest.com
   Domain Name: MSFTCONNECTTEST.COM
   Registry Domain ID: 1853376581_DOMAIN_COM-VRSN
   Registrar WHOIS Server: whois.comlaude.com
   Registrar URL: http://www.comlaude.com
   Updated Date: 2023-03-05T23:12:11Z
   Creation Date: 2014-04-04T17:22:25Z
   Registry Expiry Date: 2024-04-04T17:22:25Z
   Registrar: Nom-iq Ltd. dba COM LAUDE
   Registrar IANA ID: 470
   Registrar Abuse Contact Email: abuse@comlaude.com
   Registrar Abuse Contact Phone: +442074218250
   Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
   Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
   Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
   Name Server: NS1-32.AZURE-DNS.COM
   Name Server: NS2-32.AZURE-DNS.NET
   Name Server: NS3-32.AZURE-DNS.ORG
   Name Server: NS4-32.AZURE-DNS.INFO
   DNSSEC: unsigned
   URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2023-03-28T18:18:43Z <<<

    Often, that's for auth services from the client.