Security

Reply
Frequent Contributor II
Posts: 125
Registered: ‎08-07-2013

Amazon Appstore PEF Rules

I'm trying to provide access to our Kindle devices to the Amazon Appstore before authenticating on our captive portal network. I've found very little and I've attached an android device and tried to check the datapath session table but the kindle was trying to reach a lot of destinations.

 

Here are networks I was allowing:

 

72.21.0.0/16

184.84.227.3/32

207.171.162.142/32

216.137.33.0/24

 

I was allowing ports 80 and 443 and not seeing any denies to these address when checking.

 

Thanks in advance,

 

Rosie

Guru Elite
Posts: 8,444
Registered: ‎09-08-2010

Re: Amazon Appstore PEF Rules

You should sniff to see what dns names are being looked up and allow the domains instead of IP blocks.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Frequent Contributor II
Posts: 125
Registered: ‎08-07-2013

Re: Amazon Appstore PEF Rules

I did a pcap and used ClearSight Analyzer to read it and produce host names where applicable and was able to get the amazon appstore to load and browse apps but not download apps. The NAT addresses looked like they were going to an akamai server and several other IPs that changed each time I tried to redownload an app or download a different app.

 

Any other thoughts? I am so close!

Aruba
Posts: 1,542
Registered: ‎06-12-2012

Re: Amazon Appstore PEF Rules

Ive seen multiple devices go to different destinations and its also different by reagion. Here is the complete list of the ones that I have seen.

 

Kindle Fire CNA


http://spectrum.s3.amazonaws.com/kindle-wifi/wifistub.html

 

Google Play (aka Android Market)


android.clients.google.com - google play access
.ggpht.com - download app from google play store

Additional (these resolved IPs may not match your local environment):
android.clients.google.com - 74.125.103.138, 74.125.239.128~135, 137, 142
android.pool.ntp.org
googleusercontent.com - 74.125.239.138~140, 74.125.239.42~44
gstatic.com - 74.125.239.47
accounts.google.com - 74.125.22.84
clients1.google.com - 74.125.228.0~9,14
www.google-analytics.com - 74.125.228.32
i.ytimg.com - 74.125.239.32~41, 46
lh6.ggpht.com - 74.125.239.42~44

 

Amazon Market


amzdigitaldownloads.edgesuite.net

Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
Frequent Contributor II
Posts: 125
Registered: ‎08-07-2013

Re: Amazon Appstore PEF Rules

For amazon I've added:

 

mst-ext.amazon.com

mas-ssr.amazon.com

mas-ext.amazon.com

applab-sdk.amazon.com

72.21.0.0/16

184.84.227.3

207.171.162.142

216.137.33.0

 

But ultimately I'm just putting a local copy of the APK that they'll need to download becuase what a pain!

Search Airheads
Showing results for 
Search instead for 
Did you mean: