openaanval calling home

["BM HM" <bm0714 () hotmail com>]

I was just watching some tcpdump traffic and noticed my snort box making an 
outbound connection to 217.160.255.191

Looking up the IP I found that it is the website for openaanval 
'www.aanval.com'. It appears that exactly every 30 minutes, I mean EXACTLY 
it makes a short http connection to the aanval website.

I looked through the php code and I think it is simply checking for version 
information, but I am not experienced enough to know for real. Is this 
something I should be concerned about?

Could they be piggy-backing data maybe? What would they want to collect 
anyway?

_________________________________________________________________
> From must-see cities to the best beaches, plan a getaway with the Spring 
Travel Guide! http://special.msn.com/local/springtravel.armx



-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users