Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Bad Tracert to Google

  • 01-03-2011 8:17pm
    #1
    Registered Users, Registered Users 2 Posts: 252 ✭✭


    Hi Folks,
    My friend Mick started having a problem with his pc. He cannot access google. Other sites, no problem. Google no. Well his problem is now mine to solve and Im stumped. Below is the result of a ping and a tracert. As you can see rte is fine but google stops at the tengigabit thingy. It timed out until it hit 30 hops. His machine is running 7 and has IE, FFox and chrome. They all will not connect. Any ideas ??


    C:\Users\mick>ping www.google.com
    Pinging www.google.com [96.44.181.243] with 32 bytes of data:
    Request timed out.
    Request timed out.
    Request timed out.
    Request timed out.
    Ping statistics for 96.44.181.243:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
    C:\Users\mick>tracert www.rte.ie
    Tracing route to www.rte.ie.nsatc.net [89.207.56.140]
    over a maximum of 30 hops:
    1 2 ms 3 ms 1 ms 192.168.1.254
    2 12 ms 11 ms 11 ms 89.19.64.5
    3 12 ms 11 ms 12 ms 89.19.65.49
    4 13 ms 11 ms 12 ms 213.233.129.253
    5 12 ms 12 ms 12 ms 89.19.64.178
    6 13 ms 12 ms 12 ms deg-gw-1.rte.ie [193.242.111.42]
    7 13 ms 13 ms 12 ms www.rte.ie [89.207.56.140]
    Trace complete.
    C:\Users\mick>tracert www.google.com
    Tracing route to www.google.com [96.44.181.243]
    over a maximum of 30 hops:
    1 1 ms 1 ms 2 ms 192.168.1.254
    2 11 ms 11 ms 11 ms 89.19.64.5
    3 12 ms 12 ms 12 ms 89.19.65.49
    4 12 ms 11 ms 11 ms 89.19.64.50
    5 53 ms 206 ms 207 ms 213.233.129.93
    6 23 ms 23 ms 23 ms TenGigabitEthernet9-3.ar6.LON3.gblx.net [208.50.
    59.101]
    7 * * * Request timed out.
    8 * * * Request timed out.


Comments

  • Registered Users, Registered Users 2 Posts: 7,606 ✭✭✭Jumpy


    That is not a google IP

    Reverse DNS says its a static address for quadranet.com

    Unless they are hosting google ...


  • Registered Users, Registered Users 2 Posts: 7,606 ✭✭✭Jumpy


    Try http://209.85.143.99/

    does that come back with a google page?


  • Registered Users, Registered Users 2 Posts: 252 ✭✭alanajane


    Jumpy wrote: »
    That is not a google IP

    Reverse DNS says its a static address for quadranet.com

    Unless they are hosting google ...

    Thanks Jumpy, I never thought of reverse DNS - Doh!

    So has it been hijacked in some way ??

    I did try the ip for google and I dont think it worked, I will check it again now.


  • Registered Users, Registered Users 2 Posts: 252 ✭✭alanajane


    Tracert on the google IP

    C:\Users\mick>tracert 209.85.143.99
    Tracing route to dy-in-f99.1e100.net [209.85.143.99]
    over a maximum of 30 hops:
    1 1 ms <1 ms 1 ms 192.168.1.254
    2 11 ms 12 ms 11 ms 89.19.64.5
    3 12 ms 11 ms 12 ms 89.19.65.49
    4 82 ms 210 ms 210 ms 213.233.129.253
    5 13 ms 14 ms 12 ms 89.19.65.201
    6 12 ms 12 ms 11 ms 209.85.252.162
    7 12 ms 12 ms 13 ms 209.85.253.127
    8 25 ms 22 ms 13 ms 216.239.47.26
    9 13 ms 13 ms 12 ms dy-in-f99.1e100.net [209.85.143.99]
    Trace complete.
    C:\Users\mick>


    Using the ip in IE address bar does bring me to google.com. However Trying to do a search or even add google to IE search providers will time out ??


  • Moderators, Computer Games Moderators, Technology & Internet Moderators, Help & Feedback Category Moderators Posts: 25,763 CMod ✭✭✭✭Spear


    You're not tracing to Google, it'll go to an Akamai CDN node.

    And that's a valid DNS lookup anyway.

    As regards the traceroute, there's nothing wrong there either. No-one's obliged to respond to ICMP packets, and many won't.

    There's no sign of any issues in anything you posted.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 252 ✭✭alanajane


    This is my tracert to google from my laptop.

    Microsoft Windows XP [Version 5.1.2600]
    (C) Copyright 1985-2001 Microsoft Corp.
    C:\tracert www.google.com
    Tracing route to www.l.google.com [209.85.143.99]
    over a maximum of 30 hops:
    1 1 ms 1 ms 1 ms 192.168.1.254
    2 14 ms 11 ms 10 ms 89.19.64.5
    3 11 ms 11 ms 11 ms 89.19.65.49
    4 14 ms 12 ms 12 ms 213.233.129.253
    5 14 ms 13 ms 11 ms 89.19.65.201
    6 12 ms 13 ms 12 ms 209.85.252.162
    7 14 ms 11 ms 12 ms 209.85.253.127
    8 15 ms 14 ms 17 ms 216.239.47.38
    9 15 ms 13 ms 12 ms dy-in-f99.1e100.net [209.85.143.99]
    Trace complete.
    C:\

    It seems to me that something is telling the pc the if it is looking for google then this is the IP (the bad one)


  • Moderators, Computer Games Moderators, Technology & Internet Moderators, Help & Feedback Category Moderators Posts: 25,763 CMod ✭✭✭✭Spear


    alanajane wrote: »
    This is my tracert to google from my laptop.

    Microsoft Windows XP [Version 5.1.2600]
    (C) Copyright 1985-2001 Microsoft Corp.
    C:\tracert www.google.com
    Tracing route to www.l.google.com [209.85.143.99]
    over a maximum of 30 hops:
    1 1 ms 1 ms 1 ms 192.168.1.254
    2 14 ms 11 ms 10 ms 89.19.64.5
    3 11 ms 11 ms 11 ms 89.19.65.49
    4 14 ms 12 ms 12 ms 213.233.129.253
    5 14 ms 13 ms 11 ms 89.19.65.201
    6 12 ms 13 ms 12 ms 209.85.252.162
    7 14 ms 11 ms 12 ms 209.85.253.127
    8 15 ms 14 ms 17 ms 216.239.47.38
    9 15 ms 13 ms 12 ms dy-in-f99.1e100.net [209.85.143.99]
    Trace complete.
    C:\

    It seems to me that something is telling the pc the if it is looking for google then this is the IP (the bad one)

    There is nothing wrong with the DNS response, as your tracert even shows as well.


  • Registered Users, Registered Users 2 Posts: 252 ✭✭alanajane


    Right, so if i trace using google's ip - no problem.

    If i trace using the url, it is redirecting to another ip which is a false/dead ip ??.

    Maybe my problem is to find where this is set. Regisdtery ??

    By the way i had run MBytes and it was clean.


  • Moderators, Computer Games Moderators, Technology & Internet Moderators, Help & Feedback Category Moderators Posts: 25,763 CMod ✭✭✭✭Spear


    alanajane wrote: »
    Right, so if i trace using google's ip - no problem.

    If i trace using the url, it is redirecting to another ip which is a false/dead ip ??.

    Maybe my problem is to find where this is set. Regisdtery ??

    By the way i had run MBytes and it was clean.

    By bad IP you mean the response of 96.44.181.24? That does look a little odd, since there's no rDNS entry pointing back to Googles domain at 1e100.net.

    Check the hosts file first (c:\windows\system32\drivers\etc\hosts). It's just a text file, though it may be hidden if you use Explorer to see it.

    After that, run "nslookup www.google.com" as it'll show the DNS servers in use.


  • Registered Users, Registered Users 2 Posts: 7,606 ✭✭✭Jumpy


    Spear wrote: »
    By bad IP you mean the response of 96.44.181.24? That does look a little odd, since there's no rDNS entry pointing back to Googles domain at 1e100.net.

    Check the hosts file first (c:\windows\system32\drivers\etc\hosts). It's just a text file, though it may be hidden if you use Explorer to see it.

    After that, run "nslookup www.google.com" as it'll show the DNS servers in use.

    That IP belongs to a cloud host. Its reverse lookup appears to be an entry with a naming context matching the IP, which is common practice for DHCP ranges in ISPs.


  • Advertisement
  • Moderators, Computer Games Moderators, Technology & Internet Moderators, Help & Feedback Category Moderators Posts: 25,763 CMod ✭✭✭✭Spear


    Jumpy wrote: »
    That IP belongs to a cloud host. Its reverse lookup appears to be an entry with a naming context matching the IP, which is common practice for DHCP ranges in ISPs.

    Which sounds like a common location for a malware site I'm thinking.


  • Registered Users, Registered Users 2 Posts: 7,606 ✭✭✭Jumpy


    Indeeds.

    However he has run malwarebytes. I think that checks for host file redirections that it recognises as well.


  • Registered Users, Registered Users 2 Posts: 7,606 ✭✭✭Jumpy




  • Registered Users, Registered Users 2 Posts: 252 ✭✭alanajane


    Hosts file, hosts file hosts file.

    Is this the dodgyiest looking hosts file you ever saw.

    THank you guys for all your help. Hope fully i have it sorted now.

    And I thought too that MB checks the hosts file.



    # Copyright (c) 1993-2009 Microsoft Corp.
    #
    # This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
    #
    # This file contains the mappings of IP addresses to host names. Each
    # entry should be kept on an individual line. The IP address should
    # be placed in the first column followed by the corresponding host name.
    # The IP address and the host name should be separated by at least one
    # space.
    #
    # Additionally, comments (such as these) may be inserted on individual
    # lines or following the machine name denoted by a '#' symbol.
    #
    # For example:
    #
    # 102.54.94.97 rhino.acme.com # source server
    # 38.25.63.10 x.acme.com # x client host
    # localhost name resolution is handled within DNS itself.
    # 127.0.0.1 localhost
    # ::1 localhost
    74.125.45.100 4-open-davinci.com
    74.125.45.100 securitysoftwarepayments.com
    74.125.45.100 privatesecuredpayments.com
    74.125.45.100 secure.privatesecuredpayments.com
    74.125.45.100 getantivirusplusnow.com
    74.125.45.100 secure-plus-payments.com
    74.125.45.100 www.getantivirusplusnow.com
    74.125.45.100 www.secure-plus-payments.com
    74.125.45.100 www.getavplusnow.com
    74.125.45.100 safebrowsing-cache.google.com
    74.125.45.100 urs.microsoft.com
    74.125.45.100 www.securesoftwarebill.com
    74.125.45.100 secure.paysecuresystem.com
    74.125.45.100 paysoftbillsolution.com
    74.125.45.100 protected.maxisoftwaremart.com
    96.44.181.243 www.google.com
    96.44.181.243 google.com
    96.44.181.243 google.com.au
    96.44.181.243 www.google.com.au
    96.44.181.243 google.be
    96.44.181.243 www.google.be
    96.44.181.243 google.com.br
    96.44.181.243 www.google.com.br
    96.44.181.243 google.ca
    96.44.181.243 www.google.ca
    96.44.181.243 google.ch
    96.44.181.243 www.google.ch
    96.44.181.243 google.de
    96.44.181.243 www.google.de
    96.44.181.243 google.dk
    96.44.181.243 www.google.dk
    96.44.181.243 google.fr
    96.44.181.243 www.google.fr
    96.44.181.243 google.ie
    96.44.181.243 www.google.ie
    96.44.181.243 google.it
    96.44.181.243 www.google.it
    96.44.181.243 google.co.jp
    96.44.181.243 www.google.co.jp
    96.44.181.243 google.nl
    96.44.181.243 www.google.nl
    96.44.181.243 google.no
    96.44.181.243 www.google.no
    96.44.181.243 google.co.nz
    96.44.181.243 www.google.co.nz
    96.44.181.243 google.pl
    96.44.181.243 www.google.pl
    96.44.181.243 google.se
    96.44.181.243 www.google.se
    96.44.181.243 google.co.uk
    96.44.181.243 www.google.co.uk
    96.44.181.243 google.co.za
    96.44.181.243 www.google.co.za
    96.44.181.243 www.google-analytics.com
    96.44.181.243 www.bing.com
    96.44.181.243 search.yahoo.com
    96.44.181.243 www.search.yahoo.com
    96.44.181.243 uk.search.yahoo.com
    96.44.181.243 ca.search.yahoo.com
    96.44.181.243 de.search.yahoo.com
    96.44.181.243 fr.search.yahoo.com
    96.44.181.243 au.search.yahoo.com


  • Registered Users, Registered Users 2 Posts: 7,606 ✭✭✭Jumpy


    Lucy for your mate that the malware site got closed. All he got was the inability to google and yahoo :)


Advertisement