Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

DNS: Unknown Host issue.


  • Please log in to reply
2 replies to this topic

#1 rowdog

rowdog

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:29 AM

Posted 30 November 2010 - 07:53 PM

Greetings all,

I am running Windows XP Pro on a Dell 370 Workstation, access the internet via a Westell 6100 modem, and Belkin's router, on Frontier DSL.

I have been having an odd issue recently, and cannot make heads or tails of it.

I have been receiving a LOT of DNS: Unknown Host logs in my diagnostic logs. While they are not directly causing issues with my connection in general, I am unsure what they may be doing, and why I may be getting them.

Here is an example from my log, I kept it brief, but it continues on much longer:



All Entries


CURRENT MODEM STATUS
DSL Modem Status....... Up
PPP Session Status...... Up
Connection Type......... PPPoE
Time set from............. Network
Time since last boot.... 0 days, 11 hrs: 54 mins: 12 secs

EVENTS
**********************************************************************
Events are listed starting from the most recent.
**********************************************************************

TUE NOV 30 23:59:09 2010
DNS: Unknown host: 'obegomzixj.Belkin'



TUE NOV 30 23:59:07 2010
DNS: Unknown host: 'shfsgabvru.Belkin'



TUE NOV 30 23:59:07 2010
DNS: Unknown host: 'obegomzixj.Belkin'



TUE NOV 30 23:59:06 2010
DNS: Unknown host: 'kctyvrtdzj.Belkin'



TUE NOV 30 23:59:06 2010
DNS: Unknown host: 'obegomzixj.Belkin'



TUE NOV 30 23:59:06 2010
DNS: Unknown host: 'shfsgabvru.Belkin'



TUE NOV 30 23:41:52 2010
Setting System clock to Network time TUE NOV 30 23:41:52 2010




TUE NOV 30 23:41:52 2010
Time set from Primary SNTP server: tock.usno.navy.mil



TUE NOV 30 23:41:47 2010
PPP CONNECTED on VPI 0 VCI 35



TUE NOV 30 23:41:46 2010
Connecting session(0): My Connection due to Manual Connect



TUE NOV 30 23:41:37 2010
Disconnecting session(-1): due to PADT received



TUE NOV 30 23:41:37 2010
Received PADT for session id 7670



TUE NOV 30 23:41:37 2010
PPP DISCONNECTED on VPI 0 VCI 35 : PPP commanded down



TUE NOV 30 23:41:37 2010
Disconnecting session(0): My Connection due to dsl Restart



TUE NOV 30 23:41:28 2010
US Atten: 30.0 DS Atten: 50.5



TUE NOV 30 23:41:28 2010
US Margin: 10.0 DS Margin: 11.0



TUE NOV 30 23:41:28 2010
US Tx Power: 11.8 DS Tx Power: 19.2



TUE NOV 30 23:41:28 2010
US DSL Rate: 384 kbits/sec DS DSL Rate: 3360 kbits/sec



TUE NOV 30 23:41:28 2010
WanMgr reports DSL is UP



TUE NOV 30 23:41:07 2010
WanMgr reports DSL is Down



TUE NOV 30 23:26:49 2010
DNS: Unknown host: 'wpad.Belkin'




But I truncated it a bit to avoid a long post. If you would like to see more of it, just let me know and I'll post it. Just hoping to find out what is cause this, and maybe nip it in the butt before it becomes a problem. Not sure but the connection has been real unstable lately (frequent disconnects), and I am getting the feeling this may be causing it.

Any help would be greatly appreciated, and thanks in advance!

Edited by rowdog, 30 November 2010 - 07:54 PM.


BC AdBot (Login to Remove)

 


#2 rowdog

rowdog
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:29 AM

Posted 03 December 2010 - 10:01 PM

Well to update, I just got a clean bill of health as far as viruses and malware goes. I did have a dropper, and was given assistance cleaning up and removing it thankfully. However, the DNS: Unknown Host issue remains, and is definitely puzzling.

I tried to navigate to the Hosts txt file, but was unable to locate it at all. I will give a go at reverse look-up's. Its just odd as sometimes the failed attempts are just plain jibberish. Something has to be trying to access it, but I cannot for the life of me figure out what.

EVENTS
**********************************************************************
Events are listed starting from the most recent.
**********************************************************************

FRI DEC 03 20:50:02 2010
DNS: Unknown host: 'etvwvsdmha.myhome.westell.com'



FRI DEC 03 20:50:02 2010
DNS: Unknown host: 'yesiiloaqw.myhome.westell.com'



FRI DEC 03 20:50:02 2010
DNS: Unknown host: 'vvduwljdtv.myhome.westell.com'



FRI DEC 03 20:50:02 2010
DNS: Unknown host: 'yesiiloaqw.myhome.westell.com'



FRI DEC 03 20:50:02 2010
DNS: Unknown host: 'vvduwljdtv.myhome.westell.com'



FRI DEC 03 20:50:02 2010
DNS: Unknown host: 'etvwvsdmha.myhome.westell.com'



FRI DEC 03 20:42:03 2010
DNS: Unknown host: 'oqavtohyyj.myhome.westell.com'



FRI DEC 03 20:42:03 2010
DNS: Unknown host: 'umqhlpalaj.myhome.westell.com'



FRI DEC 03 20:42:03 2010
DNS: Unknown host: 'kwryxahrln.myhome.westell.com'


Those are some recent ones, and really, just plain jibberish. Just tried a lookup on umqhlpalaj, and returned no results. I understand a bit the myhome.westell.com part, as for some reason in my modem, under the DNS settings, it is listed in the User Assigned DNS field (even though I never put it there myself).

I have wonder if changing that to OpenDNS, or Google Public DNS might help anything.

Edited by rowdog, 03 December 2010 - 10:04 PM.


#3 Baltboy

Baltboy

    Bleepin' Flame Head


  • Members
  • 1,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pennsylvania
  • Local time:04:29 AM

Posted 03 December 2010 - 11:07 PM

The myhome.westell.com is the default for westell modems. Diagnostic logs from where are we talking about, computer, router, modem? My first instinct is that there is smoething attempting to send random packets out to the internet from your computer. Have you attempted to do a netstat command when you are running but not online to see if there are any access attempts going on?
Get your facts first, then you can distort them as you please.
Mark Twain




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users