Folks, Sniffynose pointed me to this. Since many of us are updating our games online now, you should ALL read this and pay attention I guess my morning post earlier was confusing people to think we were all actually updating firmware.
On boot the system contacts the server and uploads the play list etc. this list alone is enough to get anyone that goes online banned as it shows the bootmanger etc. has been running. Here is the list and what they do, I port sniffed this a while ago before I went online with a retail unit >.> because I am not stupid hehe.
All these need to be blocked, web access will still work, updates will still work, but psn and any system messages/ads/communication will be blocked completely. For other areas someone would have to sniff the addresses again to compare. North American Servers are listed.
fus01.ps3.update.playstation.net > Update Server (sys updates)
mercury.dl.playstation.net > What's new ads
nsx.np.dl.playstation.net > playstation store preview
nsx-e.np.dl.playstation.net > ads
(main file exchange connections)
us.np.stun.playstation.net > on boot initiates connection
ena.net.playstation.net > SSLv3 connection after above connection
dus01.ps3.update.playstation.net > secondary update attempt (could force updates)
auth.np.ac.playstation.net > SSLv3 authentication server
service.playstation.net (has multiple IPs if only the ip address is blocked)
creepo.ww.hl.playstation.net (uploads crash reports etc.)
Almost all connections cannot just be port blocked, the port will continue to increment until it connects, you have to block the entire domains. Also a big point is that ALL computers on your network need to have these blocked not just the PS3's MAC because if you are running a proxy for example to get patches, the computer you proxy to will just allow the connections right out to the open unless all local IPs are blocked from these sites as well.