ESET IP Addresses

[JosephKing 3]

I've found activity through my firewall and Wireshark. they are IP addresses belonging to RIPE NCC. They fall in a 77.x.x.x-89.x.x.x IP address range. Through TCPView I've traced activity to RIPE NCC, however, I have not made a 100% determination. I'm wondering if ESET uses a range of RICE NCC IP addresses to function. The only packets I've captured are for NBNS and UDP going to a destination port of 8888. In TCPView the IP addresses go to PIDs such as 0 (System Process), and other important handles. My firewall shows a regular block of inbound activity from 77.x.x.x  I wonder if this activity could also be malicious or a bot activity.

Edited April 21, 2018 by JosephKing

[Marcos 5,070]

Please refer to this KB article for a list of IP addresses used by ESET's products: https://support.eset.com/kb332/.