[mythtv-users] Why is MythTV sending data out to some servers out there?

[Simon Hobson]

Ian Campbell <ijc at hellion.org.uk> wrote:

> "curl -v https://178.62.234.39" presents a certificate with
> CN=vpn.delin.pro.

But bear in mind that anything supporting SNI (which is anything not rather ancient) will present a different certificate based on the hostname being requested by the client. Mostly likely it's a generic hosting service upon which some website runs, and knowing it's default identity doesn't help.
The traffic might be nothing more than (e.g.) something trying to lookup channel icons or something like that - and retrying stuff it's failed to collect already.

The only way to find out for sure would be to capture the traffic and take a look. If it's HTTPS then at least part of the initial data packet will contain human readable text. Failing that, route everything via a transparent proxy - and yes, you can do that for secure traffic if you generate your own certificate and configure your clients to trust the certificate used by the proxy to re-encrypt traffic client-side.

It all depends how much effort the OP wants to put in ;-)

Simon