We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Barracuda Web Security Gateway

Should I block http://www.msftncsi.com/ncsi.txt on my Barracuda Product?

  • Type: Knowledgebase
  • Date changed: one month ago
Solution #00007865


Scope:
All Barracuda Web Security Gateways


Answer:
You may encounter entries in your Web log referring to
http://www.msftncsi.com/ncsi.txt or
www.msftconnecttest.com/connecttest.txt.
While it may seem like a piece of malware, it is actually a component of
Microsoft Windows. This url is queried by Windows to determine if the
computer is connected to the Internet. The URL was changed to
www.msftconnecttest.com/connecttest.txt in the "Anniversary Update" to
Windows 10.

Specifically it is what determines the state of the network indicator in
the windows system tray. (That icon that turns blue when you are
connected, and has a yellow triangle when not)

To answer the question of whether this traffic should be blocked or not,
it is not necessary to block this traffic as it is merely an innocuous
part of Windows and may affect services and applications that rely upon it.

For more information, check out Microsoft's technet article on the subject.

https://technet.microsoft.com/en-us/library/cc766017(v=ws.10).aspx