Unusual Traffic from Pritunl Server to Oracle IPs

Hello Community,

I recently noticed some unexpected traffic from my Pritunl server to Oracle IP addresses and I only have Pritunl installed on this server, and I’m finding this behavior a bit unusual. Has anyone else experienced this? Is there any documentation or explanation that might cover why Pritunl would be communicating with these IPs?

Thanks for any insights you might have!

One is app.pritunl.com this is used for the self shutdown system. If a vulnerability were found in the software specific versions can be notified to shutdown. This allows using the software without needing to monitor for security announcements. Vulnerable versions would automatically shutdown. This domain is also used for the license if a subscription is activated.

The other is app4.pritunl.com and also app6.pritunl.com if IPv6 is enabled. These are used to automatically detect the public address of the server for the configuration.

1 Like