Author Topic: 2 Major Problems (ICSI Netalyzr)  (Read 15287 times)

0 Members and 1 Guest are viewing this topic.

Offline silents429

  • Jr. Member
  • **
  • Join Date: Mar 2014
  • Posts: 59
  • Location: North Charleston, SC
  • Karma: 1
  • I secretly enjoy troubleshooting problems.
    • View Profile
2 Major Problems (ICSI Netalyzr)
« on: April 26, 2015, 11:20:23 pm »
As per usual random crap happens to my internet out of the blue with my internet, Woke up to my sister saying the internet is broke, for some reason the entire router settings reset, the modem/router that Time Warner had wasn't in bridge mode anymore. It was a mess to deal with at 6am.

After re-setting the internet up, naturally problems. Browser opens slowly, anything internet related is pretty bleh. Nothing major, but after troubleshooting everything else, I tested my router with the analyzer here is the result.



Summary of Noteworthy Events + –
Major Abnormalities –

    We received unexpected and possibly dangerous results when looking up important names
    Your DNS resolver returns IP addresses for names that do not exist

Address-based Tests + –
NAT detection (?): NAT Detected +
Local Network Interfaces (?): OK +
DNS-based host information (?): OK +
NAT support for Universal Plug and Play (UPnP) (?): Yes +
Reachability Tests + –
TCP connectivity (?): OK +
UDP connectivity (?): OK +
Traceroute (?): OK +
Path MTU (?): OK +
Hidden Proxy Detection (?): OK +
Network Access Link Properties + –
Network performance (?): Latency: 38 ms, Loss: 0.0% +
TCP connection setup latency (?): 47ms +
Background measurement of network health (?): no transient outages +
Network bandwidth (?): Upload 5.5 Mbit/s, Download 12 Mbit/s +
Network buffer measurements (?): Uplink 380 ms, Downlink is good +
HTTP Tests + –
Address-based HTTP proxy detection (?): OK +
Content-based HTTP proxy detection (?): OK +
HTTP proxy detection via malformed requests (?): OK +
Filetype-based filtering (?): OK +
HTTP caching behavior (?): OK +
JavaScript-based tests (?): OK +
Sensitive proxy-introduced HTTP headers (?): OK +
DNS Tests + –
Restricted domain DNS lookup (?): OK +
Unrestricted domain DNS lookup (?): OK +
DNS resolver address (?): OK +
DNS resolver properties (?): Lookup latency 150 ms +
Internal Server Error on Test Report
DNS glue policy (?): OK +
DNS resolver port randomization (?): OK +
DNS lookups of popular domains (?): Warning –

One popular name has a significant anomaly. The ownership suggested by the reverse name lookup does not match our understanding of the original name. This could be caused by an error somewhere in the domain information, deliberate blocking or redirection of a site using DNS, or it could be that your ISP's DNS Server is acting as a DNS "Man-in-the-Middle".

We attempted to download HTTP content from the IP addresses that your ISP's DNS server returned to you for these names. Where the download succeeded, you can click on the IP address in the table below to download a compressed file containing an HTTP session transcript.

Note! The session content is potentially harmful to your computer when viewed in a browser, so use caution when examining it.
Name    IP Address    Reverse Name/SOA
us.etrade.com    12.221.217.40    SOA: cbru.br.ns.els-gms.att.net
100 of 100 popular names were resolved successfully. Show all names.
40 popular names have a mild anomaly. The ownership suggested by the reverse name lookup does not match our understanding of the original name. The most likely cause is the site's use of a Content Delivery Network. Show all names.
4 popular names have a mild anomaly: we are unable to find a reverse name associated with the IP address provided by your ISP's DNS server. This is most likely due to a slow responding DNS server or misconfiguration on the part of the domain owner. Show all names.
DNS external proxy (?): OK +
DNS results wildcarding (?): Warning –

Your ISP's DNS server returns IP addresses even for domain names which should not resolve. Instead of an error, the DNS server returns an address of 198.105.254.228, which does not resolve. You can inspect the resulting HTML content here.

There are several possible explanations for this behavior. The most likely cause is that the ISP is attempting to profit from customer's typos by presenting advertisements in response to bad requests, but it could also be due to an error or misconfiguration in the DNS server.

The big problem with this behavior is that it can potentially break any network application which relies on DNS properly returning an error when a name does not exist.

The following lists your DNS server's behavior in more detail.

    www.{random}.com is mapped to 198.105.254.228.
    www.{random}.org is mapped to 198.105.254.228.
    fubar.{random}.com is correctly reported as an error.
    www.yahoo.cmo [sic] is mapped to 198.105.254.228.
    nxdomain.{random}.netalyzr.icsi.berkeley.edu is correctly reported as an error.

DNS-level redirection of specific sites (?): OK +
Direct probing of DNS roots (?): OK +
IPv6 Tests + –
DNS support for IPv6 (?): OK +
IPv4, IPv6, and your web browser (?): No IPv6 support +
IPv6 connectivity (?): No IPv6 support +
Network Security Protocols + –
DNSSEC Support from the DNS Roots (?): OK +
Host Properties + –
System clock accuracy (?): OK +
Browser properties (?): OK +
Uploaded data (?): OK


Any idea what I can do to fix this?

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: 2 Major Problems (ICSI Netalyzr)
« Reply #1 on: April 27, 2015, 02:21:36 am »
Absolutely Nothing - that's exactly what I get when I run Netalyzr.

It's probably the first reason in that your ISP are filling their back pockets from typos - mine resolve to a different IP address but other than that, your report is identical to what I get.

Don't know what originally happened to your set up though - sometimes crap happens.

Offline silents429

  • Jr. Member
  • **
  • Join Date: Mar 2014
  • Posts: 59
  • Location: North Charleston, SC
  • Karma: 1
  • I secretly enjoy troubleshooting problems.
    • View Profile
Re: 2 Major Problems (ICSI Netalyzr)
« Reply #2 on: April 27, 2015, 10:13:02 am »
Time Warner Cable happened.

Such a terrible company, Before my setup got completely removed and had me reset it, everything was green.

Offline Shane

  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9281
  • Location: USA
  • Karma: 137
  • "Knowledge should be shared not hidden."
    • View Profile
Re: 2 Major Problems (ICSI Netalyzr)
« Reply #3 on: April 27, 2015, 02:47:29 pm »
Best thing to do, to find out if the problem is the router or the modem from the ISP is to take the router out and test while connected directly to the modem, that way you will know which one is causing the problem :wink:

Shane

Offline silents429

  • Jr. Member
  • **
  • Join Date: Mar 2014
  • Posts: 59
  • Location: North Charleston, SC
  • Karma: 1
  • I secretly enjoy troubleshooting problems.
    • View Profile
Re: 2 Major Problems (ICSI Netalyzr)
« Reply #4 on: April 27, 2015, 03:40:07 pm »
I don't think it is the router, Even when we used the combo (The current modem is in bridge mode) I was constantly getting DNS issues that all seemingly blamed my ISP. They actually went away when I setup the router originally.

I feel more inclined to say it's time warner cable, but I will try testing it out tonight.

Offline Shane

  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9281
  • Location: USA
  • Karma: 137
  • "Knowledge should be shared not hidden."
    • View Profile
Re: 2 Major Problems (ICSI Netalyzr)
« Reply #5 on: April 28, 2015, 09:14:31 am »
Test, just to be sure. I have seen plenty of those cable modems go bad, it happens.

I also never use my ISP's dns servers, I either use google dns servers or opendns servers :-)

Shane