Question for the Internet Experts

[Werewolf]

the botnet command & control servers were shut down on the 9th, his problems existed pre-shutdown. it also would not cause intermittent issues if he was affected, effected users would have seen a complete halt of traffic outside their private subnets as the proxy in use by the botnet was shut down no longer existed.


this sounds like it could be a cable issue.

i advise the following troubleshooting steps.

establish two persistent ping sessions; one to your local gateway, and one to the first hop IP of your ISP. during outages experienced in your browser take a look at the two ping sessions. if you are getting timeouts to both destinations you have an issue between you and your local router, most likely a bad tip on your cable, or horrific wireless interference if you are on wireless. if your local ping session is good but your next hop ping session shows any timeouts, specifically two or more in a row, you have identified your problem. repeat the procedure and/or execute the procedure simultaneously on all available computers on your private LAN for best results.


steps for the procedure:

local ping session:
press windows_key+R, type "cmd" -> press enter
type "ipconfig"
identify the IP address of your "Default Gateway"
type "ping -t "-your default gateway IP- , press enter: you should see "Reply from.. "
a sample would look like: ping -t 192.168.1.1

next hop session:
log into your home router, this can be done by going to http://(your default gateway IP)
goto the status page.
look for the IP address assigned to the router.
identify the DEFAULT GATEWAY of that IP address, not the ip address itself.
repeat the procedure for the local ping session in a new command prompt window using the gateway of your router's public ip address.

go about your business until the issue occurs again & observe results.

post results and i can advise further. the cause of the issue must be determined prior to any "fix" steps being performed.

Thanks - I'll try that this evening.

 

[Werewolf]

I agree with droberts. If your machine is dropping connection with both IE and Firefox, that rules out a specific web browser problem and since the wireless devices are staying connected, that takes you to the cable and/or the port in the switch. If your router has multiple ports, try plugging the computer into another port with a different cable.

I was going to type a bunch of IT crap here but I'll spare ya. Essentially, start with the physical layer (cables) first.

Another good idea - will try that 1st thing this evening as I have a spare ethernet cable and the router has 4 ethernet ports.

Thanks guys!

 

[Vamoose]

Modem or router. Call your provider (Cox?) and ask them to take a look at your modem.

 

[Popjim]

I appreciate all the information you OSA members provide in such a wide variety of fields.

 

[Droberts]

Modem or router. Call your provider (Cox?) and ask them to take a look at your modem.

i advise doing the trouble shooting steps in my previous post prior to this as it could be a much faster fix if identified. wasted time on both parties if its an in house issue.

its only happening on one pc, that is not indicative of an upstream issue, however - netflix is very loss tolerant and often pre-que's up to 5 minutes of playback. if that is the metric being used to determine functionality of other devices it could be invalid as a symptoms source. often times cox will upgrade line bandwidth for customers and not bother changing out in-line coax filters to the new required specs until customers call and complain. i used to be a certified cox installation tech about 10 years ago, you really have to twist some arms to get them to change the filters. still leaning toward a likely bad RJ45 tip though.

does the network cable pass through the area where your feet go by chance? have a big fatty subwoofer sitting on the cable anywhere?

 

[BallisticGuy]

Your computer is infected, please go to you friendly FBI site, and download the free patch.

Is this the free patch so they can track all of you purchases and find out when you dont pay your state interet tax!!!

I have no idea how to help you.

 

[Droberts]

the patch would have come from microsoft several years ago. the cleaning tool is what you'd want to download. but it wont do you any good if your machine isnt able to do windows updates, you'll just get infected again - and will continue to be infected with the numerous other competing botnets likely to be installed on an unpatched WinOS. basic rule of thumb for virus imo: wipe & reload.

be very wary of what you click on, thousands of fake "patch" or "cleaning tool" sites have popped up since this hit mainstream media, most of them being ransomware app installs.

 

[Droberts]

the whole deal with the "loss of internet service" that has been advertised around in the news really goes something like this:

put your tinfoil hats on as there's a little bit of my own biased viewpoint infused into my description of the whole thing. a friend of mine asked me what was up with it & this was my reply:

there was a really nasty botnet years ago that the US govt took control of. with access to the command and control servers they basically could use zombie machines (civilians infected pc's - 4,000,000 of them) to launch cyber terrorism warfare and collect personal information on millions of people for the last 1-2 years or so. well, about a year ago as more and more info on the operation got out of the bag they realized that they would have to close up shop somehow in the near future. basically, when an infected pc tries to goto a webpage they're funneled through the command and control server so that the botnet admins can capture all traffic (bank info credit cards identity theft stuff) as well as forcing advertisements and malware down your throat, adding content to web pages & having general total control over your machine. welllll after years of running the black op cyber warfare the press got wind of what the US govt had been doing with its little spoil of war(cyber warfare) (media coverage was severely stifled - you know in the name of national security - so you prolly never heard of it) they started asking questions. instead of blowing the whole lid off the entire invasion of privacy and "US GOVT OWNS YOUR COMPUTERS" on the front page of the newspapers they severely twisted the truth and through some feat of strength got the media to advertise the entire thing as if it were the ISP's that were going to present a problem. you're infected, and your ISP will help you. . . . well, looks to be that the ISP's (who are in no way at fault) are becoming the fall guy and cleanup crew..... cuz the govt is gonna shut down the command and control center soon before they get a bad rep smeared across the globe (too late - FLAME, STUXNET) and all the constitution advocates riot in the street. once the truth was uncovered they tried to spin it off as if the govt was doing a "favor" for all the infected pc owners, you know - out of the goodness of their hearts... by keeping the command and control servers up they were keeping people online.. now go about your business and pay no attention to the data center that was built for these command and control servers and never you mind those trucks full of hard drives leaving the premises.

http://arstechnica.com/tech-policy/2012/06/confirmed-us-israel-created-stuxnet-lost-control-of-it/
http://www.eweek.com/c/a/Security/F...r-Temporary-Servers-Infections-Remain-846224/

 

[Werewolf]

Okay guys.

1) I put a spare ethernet cable between my PC and the router and plugged it into a different jack.
2) Set up two ping windows one going to my router default gateway and one to the cox default gateway listed in the router pages.

So far been pinging away for over an hour with no disconnects. With luck the problem was just an intemittent cable and the problem is solved but I'm going to let the ping windows go until I hit the sack.

So if I understand this right if I get a disconnect and ping fails on both windows then the problem is the cable or the router. If the ping continues to the default router gateway but fails at the cox default gateway the problem exists with the cable running out of the house?

 

[flatwins]

Okay guys.

1) I put a spare ethernet cable between my PC and the router and plugged it into a different jack.
2) Set up two ping windows one going to my router default gateway and one to the cox default gateway listed in the router pages.

So far been pinging away for over an hour with no disconnects. With luck the problem was just an intemittent cable and the problem is solved but I'm going to let the ping windows go until I hit the sack.

So if I understand this right if I get a disconnect and ping fails on both windows then the problem is the cable or the router. If the ping continues to the default router gateway but fails at the cox default gateway the problem exists with the cable running out of the house?

That sums it up pretty well. Your connection to the internet happens in a series of "hops". One from your PC to the router, then another from your router to your ISP's gateway, then onto the rest of the world. To see what happens behind the scenes, open a command prompt and type "tracert www.google.com" without the quotes. You could always use that same command for general troubleshooting too if you doubt your connection.

Since you are getting a steady ping to Cox's gateway now after replacing the cable I betcha you're good to go.

Edit: Most likely (and depending on who makes the router, etc.) you could still ping the gateway address of the router even if it didn't have a connection to the internet. Most all of them have an internal DHCP (Dynamic Host Configuration Protocol) service that assigns IP addresses to devices on the network, both wireless and wired. So your true test would be to ping your ISP's gateway address.