Apple 17.0.0.0/8 Services Redux

Long time readers of this blog are probably familiar with this https://richard-purves.com/2016/09/10/apple-services/ post from last year. It’s a pretty comprehensive list but it’s not easy to follow to find the things you want. I’m still in a high security type environment, and I still have a requirement to restrict what traffic goes in and out. Today I’ve been simplifying that list down to it’s bare essentials.

Below will allow you to access services such as App Store (VPP or otherwise), all the backend certificate validation checking, Apple Software Updates, Help Centre, checks to see if there’s a local caching server and Apple Push Notification Service.

This will not include anything to do with external management services, google safe browsing or DEP.

Apple DNS Names
No Used For DNS Ports Used
com.apple.geod.xpc – resolves geographic data to readable addresses
1 gspe1-ssl.ls.apple.com 443
2 gspe35-ssl.ls-apple.com 443
3 gsp64-ssl.ls-apple.com 443
4 configuration.apple.com 443
nsurlsessiond – NSURL Session Daemon
5 api-glb-fra.smoot.apple.com 443
6 api-glb.smoot.apple.com 443
7 mesu.apple.com 443
helpd – Apple’s Help Viewer
8 help.apple.com 443
storedownloadd – Connects to Apple to download App Store apps
9 p53-buy.itunes.apple.com 443
10 osxapps.itunes.apple.com 80
storeassetd – Connects to Apple to show available App Store apps
11 su.itunes.apple.com 443
storeaccountd – Connects to Apple to check App Store account info
12 play.itunes.apple.com 443
13 init.itunes.apple.com 443
14 xp.apple.com 443
trustd – validates encryption and security certificates
15 *.thawte.com 80
16 *.geotrust.com 80
17 *.ws.symantec.com 80
18 *.symcb.com 80
19 *.symcd.com 80
AssetCacheLocatorService
20 lcdn-locator.apple.com
softwareupdated – checks Apple for OS updates
21 swscan.apple.com 443
22 swcdnlocator.apple.com
23 swcdn.apple.com 80
apsd – Apple Push Notification System Daemon
24 Initialisation server. Daemon downloads a key bag file? init-p01st.push.apple.com
21 1-courier.push.apple.com 5223:443
22 2-courier.push.apple.com 5223:443
23 3-courier.push.apple.com 5223:443
24 4-courier.push.apple.com 5223:443
28 5-courier.push.apple.com 5223:443
30 6-courier.push.apple.com 5223:443
31 7-courier.push.apple.com 5223:443
32 8-courier.push.apple.com 5223:443
33 9-courier.push.apple.com 5223:443
34 10-courier.push.apple.com 5223:443
35 11-courier.push.apple.com 5223:443
36 12-courier.push.apple.com 5223:443
37 13-courier.push.apple.com 5223:443
38 14-courier.push.apple.com 5223:443
39 15-courier.push.apple.com 5223:443
40 16-courier.push.apple.com 5223:443
41 17-courier.push.apple.com 5223:443
42 18-courier.push.apple.com 5223:443
43 19-courier.push.apple.com 5223:443
44 20-courier.push.apple.com 5223:443
45 21-courier.push.apple.com 5223:443
46 22-courier.push.apple.com 5223:443
47 23-courier.push.apple.com 5223:443
48 24-courier.push.apple.com 5223:443
49 28-courier.push.apple.com 5223:443
50 30-courier.push.apple.com 5223:443
51 31-courier.push.apple.com 5223:443
52 32-courier.push.apple.com 5223:443
53 33-courier.push.apple.com 5223:443
54 34-courier.push.apple.com 5223:443
55 35-courier.push.apple.com 5223:443
56 36-courier.push.apple.com 5223:443
57 37-courier.push.apple.com 5223:443
58 38-courier.push.apple.com 5223:443
59 39-courier.push.apple.com 5223:443
60 40-courier.push.apple.com 5223:443
61 41-courier.push.apple.com 5223:443
62 42-courier.push.apple.com 5223:443
63 43-courier.push.apple.com 5223:443
64 44-courier.push.apple.com 5223:443
65 45-courier.push.apple.com 5223:443
66 46-courier.push.apple.com 5223:443
67 47-courier.push.apple.com 5223:443
68 48-courier.push.apple.com 5223:443
69 49-courier.push.apple.com 5223:443
70 50-courier.push.apple.com 5223:443