Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet works fine, but can't connect to services like skype etc.


  • Please log in to reply
50 replies to this topic

#16 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,536 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:55 AM

Posted 06 November 2014 - 11:27 AM

If you start a command line prompt (cmd.exe) and type ipconfig /all
your complete network configuration will be displayed.

Copy the output and paste it here, but review it first for data you might not want to share publicly.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


BC AdBot (Login to Remove)

 


m

#17 sturm115

sturm115
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:55 PM

Posted 06 November 2014 - 01:23 PM

Microsoft Windows [Version 6.1.7601]

Copyright © 2009 Microsoft Corporation.  All rights reserved.

Windows IP Configuration

   Primary Dns Suffix  . . . . . . . :

   Node Type . . . . . . . . . . . . : Hybrid

   IP Routing Enabled. . . . . . . . : No

   WINS Proxy Enabled. . . . . . . . : No

   DNS Suffix Search List. . . . . . : home

 

Wireless LAN adapter Wireless Network Connection 2:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter

 

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

 

Wireless LAN adapter Wireless Network Connection:

 

   Connection-specific DNS Suffix  . : home

   Description . . . . . . . . . . . : Realtek RTL8188CE 802.11b/g/n WiFi Adapte

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

   Subnet Mask . . . . . . . . . . . : 255.255.254.0

   Default Gateway . . . . . . . . . : 172.31.98.1

   DHCP Server . . . . . . . . . . . : 172.31.98.1

   DHCPv6 IAID . . . . . . . . . . . : 320868474

   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-9D-2B-7A-08-2E-5F-84-5F-AB

 

   DNS Servers . . . . . . . . . . . : 2001:558:feed::1

                                       2001:558:feed::2

                                       8.8.8.8

                                       8.8.4.4

   NetBIOS over Tcpip. . . . . . . . : Enabled

 

Ethernet adapter Local Area Connection:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : hsd1.ca.comcast.net.

   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller

   Physical Address. . . . . . . . . : 08-2E-5F-84-5F-AB

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter isatap.{0BC9F964-5076-434F-A736-99E9C332BCDC}:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter isatap.home:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : home

   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter Local Area Connection* 12:

 

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:42a:751:cd0a:56a4(Prefer

red)

   Link-local IPv6 Address . . . . . : fe80::42a:751:cd0a:56a4%19(Preferred)

   Default Gateway . . . . . . . . . : ::

   NetBIOS over Tcpip. . . . . . . . : Disabled

 

thats what came up



#18 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,536 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:55 AM

Posted 06 November 2014 - 01:45 PM

You censored information by removing it? Like your IP addresses?

Do you have an IPv4 and IPv6 address for your wireless adapter?


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#19 sturm115

sturm115
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:55 PM

Posted 06 November 2014 - 03:40 PM

wtf, i swore i left those in there...... Link-local IPv6 Address . . . . . : fe80::c98c:5b48:8d1c:ff19%12(Preferred)

   IPv4 Address. . . . . . . . . . . : 172.31.98.69(Preferred).



#20 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,536 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:55 AM

Posted 06 November 2014 - 04:38 PM

OK. start nslookup again, and report the output here.

 

Then type didierstevens.com (at the nslookup prompt), and also report the output.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#21 sturm115

sturm115
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:55 PM

Posted 06 November 2014 - 05:05 PM

same result as the last time



#22 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,536 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:55 AM

Posted 06 November 2014 - 05:10 PM

And what about when you type didierstevens.com? Do you get the IP address of my server?


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#23 sturm115

sturm115
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:55 PM

Posted 06 November 2014 - 05:45 PM

so i get the same things as before when i type in your site.



#24 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,536 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:55 AM

Posted 06 November 2014 - 07:49 PM

And what when you type in a site that you can access?


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#25 sturm115

sturm115
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:55 PM

Posted 07 November 2014 - 08:23 PM

k so i tried youtube and i got the same result as before. I know it works since i was on it just after doing it.



#26 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,536 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:55 AM

Posted 08 November 2014 - 05:38 AM

I have no explanation why nslookup doesn't find www.youtube.com, but that you can browse to it.

 

After you have browsed to www.youtube.com, can you open a command-line (cmd.exe) and type ipconfig.exe /displaydns

And then report here all the entries you find for www.youtube.com with their IP address?


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#27 sturm115

sturm115
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:55 PM

Posted 08 November 2014 - 01:26 PM

It kind of came up with a super long list and could fit all of it into the cmd display, but this is what i could copy that makes sense 

 r10---sn-vgqs7n7l.c.youtube.com
 ----------------------------------------
 Record Name . . . . . : r10---sn-vgqs7n7l.c.youtube.com
 Record Type . . . . . : 5
 Time To Live  . . . . : 1376
 Data Length . . . . . : 8
 Section . . . . . . . : Answer
 CNAME Record  . . . . : r10.sn-vgqs7n7l.c.youtube.com
 
 
 sturm115.deviantart.com
 ----------------------------------------
 Record Name . . . . . : sturm115.deviantart.com
 Record Type . . . . . : 5
 Time To Live  . . . . : 440
 Data Length . . . . . : 8
 Section . . . . . . . : Answer
 CNAME Record  . . . . : www.deviantart.com
 
 
 www.gstatic.com
 ----------------------------------------
 Record Name . . . . . : www.gstatic.com
 Record Type . . . . . : 1
 Time To Live  . . . . : 69
 Data Length . . . . . : 4
 Section . . . . . . . : Answer
 A (Host) Record . . . : 74.125.239.56
 
 
 Record Name . . . . . : www.gstatic.com
 Record Type . . . . . : 1
 Time To Live  . . . . : 69
 Data Length . . . . . : 4
 Section . . . . . . . : Answer
 A (Host) Record . . . : 74.125.239.63
 
 
 Record Name . . . . . : www.gstatic.com
 Record Type . . . . . : 1
 Time To Live  . . . . : 69
 Data Length . . . . . : 4
 Section . . . . . . . : Answer
 A (Host) Record . . . : 74.125.239.55
 
 
 Record Name . . . . . : www.gstatic.com
 Record Type . . . . . : 1
 Time To Live  . . . . : 69
 Data Length . . . . . : 4
 Section . . . . . . . : Answer
 A (Host) Record . . . : 74.125.239.47
 
 
 th08.deviantart.net
 ----------------------------------------
 Record Name . . . . . : th08.deviantart.net
 Record Type . . . . . : 5
 Time To Live  . . . . : 1639
 Data Length . . . . . : 8
 Section . . . . . . . : Answer
 CNAME Record  . . . . : cs116.wac.edgecastcdn.net
 
 
 csi.gstatic.com
 ----------------------------------------
 Record Name . . . . . : csi.gstatic.com
 Record Type . . . . . : 1
 Time To Live  . . . . : 69
 Data Length . . . . . : 4
 Section . . . . . . . : Answer
 A (Host) Record . . . : 74.125.193.94
 
 
 Record Name . . . . . : csi.gstatic.com
 Record Type . . . . . : 1
 Time To Live  . . . . : 69
 Data Length . . . . . : 4
 Section . . . . . . . : Answer
 A (Host) Record . . . : 74.125.193.120
 
 
 th02.deviantart.net
 ----------------------------------------
 Record Name . . . . . : th02.deviantart.net
 Record Type . . . . . : 5
 Time To Live  . . . . : 1982
 Data Length . . . . . : 8
 Section . . . . . . . : Answer
 CNAME Record  . . . . : cs116.wac.edgecastcdn.net
 
 
 e.deviantart.net
 ----------------------------------------
 Record Name . . . . . : e.deviantart.net
 Record Type . . . . . : 5
 Time To Live  . . . . : 1982
 Data Length . . . . . : 8
 Section . . . . . . . : Answer
 CNAME Record  . . . . : cs116.wac.edgecastcdn.net
 
 
 p2-ousk74bh4dxf4-jcb5yy7pvhxoupps-425419-i1-v6exp3-v4.metric.gstatic.
 ----------------------------------------
 Record Name . . . . . : p2-ousk74bh4dxf4-jcb5yy7pvhxoupps-425419-i1-v
etric.gstatic.com
 Record Type . . . . . : 1
 Time To Live  . . . . : 121
 Data Length . . . . . : 4
 Section . . . . . . . : Answer
 A (Host) Record . . . : 74.125.239.41
 
 
 r14---sn-vgqsen76.c.youtube.com
 ----------------------------------------
 Record Name . . . . . : r14---sn-vgqsen76.c.youtube.com
 Record Type . . . . . : 5
 Time To Live  . . . . : 278
 Data Length . . . . . : 8
 Section . . . . . . . : Answer
 CNAME Record  . . . . : r14.sn-vgqsen76.c.youtube.com
 
 
 th05.deviantart.net
 ----------------------------------------
 Record Name . . . . . : th05.deviantart.net
 Record Type . . . . . : 5
 Time To Live  . . . . : 1648
 Data Length . . . . . : 8
 Section . . . . . . . : Answer
 CNAME Record  . . . . : cs116.wac.edgecastcdn.net
 
 
 docs.google.com
 ----------------------------------------
 Record Name . . . . . : docs.google.com
 Record Type . . . . . : 1
 Time To Live  . . . . : 78
 Data Length . . . . . : 4
 Section . . . . . . . : Answer
 A (Host) Record . . . : 74.125.239.37
 
 
 Record Name . . . . . : docs.google.com
 Record Type . . . . . : 1
 Time To Live  . . . . : 78
 Data Length . . . . . : 4
 Section . . . . . . . : Answer
 A (Host) Record . . . : 74.125.239.33
 
 
 Record Name . . . . . : docs.google.com
 Record Type . . . . . : 1
 Time To Live  . . . . : 78
 Data Length . . . . . : 4
 Section . . . . . . . : Answer
 A (Host) Record . . . : 74.125.239.40
 
 
 Record Name . . . . . : docs.google.com
 Record Type . . . . . : 1
 Time To Live  . . . . : 78
 Data Length . . . . . : 4
 Section . . . . . . . : Answer
 A (Host) Record . . . : 74.125.239.38
 
 
 Record Name . . . . . : docs.google.com
 Record Type . . . . . : 1
 Time To Live  . . . . : 78
 Data Length . . . . . : 4
 Section . . . . . . . : Answer
 A (Host) Record . . . : 74.125.239.35
 
 
 Record Name . . . . . : docs.google.com
 Record Type . . . . . : 1
 Time To Live  . . . . : 78
 Data Length . . . . . : 4
 Section . . . . . . . : Answer
 A (Host) Record . . . : 74.125.239.36
 
 
 Record Name . . . . . : docs.google.com
 Record Type . . . . . : 1
 Time To Live  . . . . : 78
 Data Length . . . . . : 4
 Section . . . . . . . : Answer
 A (Host) Record . . . : 74.125.239.39
 
 
 Record Name . . . . . : docs.google.com
 Record Type . . . . . : 1
 Time To Live  . . . . : 78
 Data Length . . . . . : 4
 Section . . . . . . . : Answer
 A (Host) Record . . . : 74.125.239.34
 
 
 Record Name . . . . . : docs.google.com
 Record Type . . . . . : 1
 Time To Live  . . . . : 78
 Data Length . . . . . : 4
 Section . . . . . . . : Answer
 A (Host) Record . . . : 74.125.239.46
 
 
 Record Name . . . . . : docs.google.com
 Record Type . . . . . : 1
 Time To Live  . . . . : 78
 Data Length . . . . . : 4
 Section . . . . . . . : Answer
 A (Host) Record . . . : 74.125.239.32
 
 
 Record Name . . . . . : docs.google.com
 Record Type . . . . . : 1
 Time To Live  . . . . : 78
 Data Length . . . . . : 4
 Section . . . . . . . : Answer
 A (Host) Record . . . : 74.125.239.41
 
 
 www.fanfiction.net
 ----------------------------------------
 Record Name . . . . . : www.fanfiction.net
 Record Type . . . . . : 1
 Time To Live  . . . . : 1106
 Data Length . . . . . : 4
 Section . . . . . . . : Answer
 A (Host) Record . . . : 173.205.184.7
 
 
 Record Name . . . . . : www.fanfiction.net
 Record Type . . . . . : 1
 Time To Live  . . . . : 1106
 Data Length . . . . . : 4
 Section . . . . . . . : Answer
 A (Host) Record . . . : 173.205.184.6
 
 
 help.deviantart.com
 ----------------------------------------
 Record Name . . . . . : help.deviantart.com
 Record Type . . . . . : 5
 Time To Live  . . . . : 901
 Data Length . . . . . : 8
 Section . . . . . . . : Answer
 CNAME Record  . . . . : www.deviantart.com
 
 
 edge.quantserve.com
 ----------------------------------------
 Record Name . . . . . : edge.quantserve.com
 Record Type . . . . . : 5
 Time To Live  . . . . : 982
 Data Length . . . . . : 8
 Section . . . . . . . : Answer
 CNAME Record  . . . . : map-js.quantserve.com.akadns.net
 
 
 fc02.deviantart.net
 ----------------------------------------
 Record Name . . . . . : fc02.deviantart.net
 Record Type . . . . . : 5
 Time To Live  . . . . : 731
 Data Length . . . . . : 8
 Section . . . . . . . : Answer
 CNAME Record  . . . . : cs20.wpc.edgecastcdn.net
 
 
 lh4.googleusercontent.com
 ----------------------------------------
 Record Name . . . . . : lh4.googleusercontent.com
 Record Type . . . . . : 5
 Time To Live  . . . . : 69
 Data Length . . . . . : 8
 Section . . . . . . . : Answer
 CNAME Record  . . . . : googlehosted.l.googleusercontent.com
 
 
 r1---sn-o097znek.googlevideo.com
 ----------------------------------------
 Record Name . . . . . : r1---sn-o097znek.googlevideo.com
 Record Type . . . . . : 5
 Time To Live  . . . . : 246
 Data Length . . . . . : 8
 Section . . . . . . . : Answer
 CNAME Record  . . . . : r1.sn-o097znek.googlevideo.com


#28 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,536 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:55 AM

Posted 08 November 2014 - 02:20 PM

I can only conclude that it is not a DNS problem, even if nslookup doesn't give you the expected reply.

 

Let's go back to your connection problem.

 

I installed gyazo in a virtual machine, launched Wireshark and uploaded a screenshot.

The screenshot was a PNG file uploaded to upload.gyazo.com

 

What happens when you visit this URL with your browser?


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#29 sturm115

sturm115
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:55 PM

Posted 08 November 2014 - 03:49 PM

whats happens is that it just goes to a page that says upload.gyazo.com in normal text. the rest of the page is white



#30 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,536 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:55 AM

Posted 08 November 2014 - 04:39 PM

That is normal, I have the same thing.

 

And if you now try to upload a screenshot with gyazo, does it work?


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





2 user(s) are reading this topic

0 members, 2 guests, 0 anonymous users