Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Deciphering IntoDNS report, ISP throttling.


  • Please log in to reply
No replies to this topic

#1 dontforgetme

dontforgetme

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:00 PM

Posted 01 November 2014 - 12:13 AM

I have for about 7 years had ISP issues and i recently have taken a little more effort in fixing this if possible. The conclusion i have come to is that the ISP is redirecting traffic illegally and trying to circumvent people. I was hacked 4 years ago and had been routed to a private server or DNS which was giving me tons of unwanted content, pop ups and this came from i believe on of those browser virus scanners. After replacing computers i realized this may likely be a ISP doing this ilegally, and thus far it seems they find my IP or MAC and seek the entire netblock potentially. I am not sure but it has lead to a ton of hacking and tampering of my services and constant disconnecting or packet loss. This is in addition to massive throttling going on on the network which limits my downloads to 9-1.3 Mb/s in anything i do. This is actually the highest it has been and the service as of now is 30/5 Mb/s. I have Time Warner and i have complained for years but i believe they are redirecting in illegal ways that allow for government to siphon data. I have tried all of thier packages and it just seems like a price gouging cam at this point. 

 

Things i have done:

Replaced computers, replaced modems and tried expensive models DOCSIS 3. 

Replacing the Router seems to have a minimal effect until a week later.

Rebooting the modem has a slight effect, where minutes later the connection is throttled again.

I have a direct line to the home, and sorted most ISP related issues out with the signal and the upstream and modem issues.

Functionally there is no hardware issue other than CPU loads.

 

I have tried a few programs

 

Wireshark shows a ton of TCPack errors or TTL and timeouts.

Packet reassembly is rampant and bidirectional.

NXDOMAINS are present where many websites are reported hijacked including google.

I am blacklisted by two SMTP servers.

 

My Pings are terrible when connected to others and seems to be limited to local access in NY, if sent elsewhere the latency skyrockets or jumps all over servers. 

I tried multiple DNS and some of my issue is over the span of years, as of recent these are still true and specific to service in my home.

 

It seems because i had a family member whom downloaded music off sharing sites alot i have been the target of pervasive throttling and stalking on the internet. Before that is very similar with service interruptions being rampant and no hardware problems. I feel like im not getting direct access to websites and service and being redirected by the ISP for the purpose of throttling and surveillance. 

 

NS lookup shows a few name server issues, it is provided below, i looked most of this up but cannot exactly understand the nameserver errors in troubleshooting literally dimed internet service. When i use a service, streaming is choppy at times and gaming is so slow it is unplayable at times due to the fact that events happen before i see them myself. I do not play call of duty but as a example i will be shot in 1 bullet without a chance to respond, that is all i will hear and i get destroyed. My ping is usually only 2 bars at best, it seems a mix of speed throttling and packet redirecting to damage and circumvent my service. I am looking for help in taking this to time warner for proof of discriminating services and price gouging.

 

Domain NS records Nameserver records returned by the parent servers are:

ns1.pmnhost.net.   ['192.185.169.242']   [TTL=172800] 
ns2.pmnhost.net.   ['192.185.169.241']   [TTL=172800] 
 

 

info.gif NS records from your nameservers NS records got from your nameservers listed at the parent NS are:

 

 error.gif Missing nameservers reported by parent FAIL: The following nameservers are listed at your nameservers as nameservers for your domain, but are not listed at the parent nameservers (see RFC2181 5.4.1). You need to make sure that these nameservers are working.If they are not working ok, you may have problems! 
ns1350.websitewelcome.com
ns1349.websitewelcome.com  

 

Missing nameservers reported by your nameservers ERROR: One or more of the nameservers listed at the parent servers are not listed as NS records at your nameservers. The problem NS records are: 
ns1.pmnhost.net
ns2.pmnhost.net

This is listed as an ERROR because there are some cases where nasty problems can occur (if the TTLs vary from the NS records at the root servers and the NS records point to your own domain, for example).

 

pass.gif Domain CNAMEs OK. RFC1912 2.4 and RFC2181 10.3 state that there should be no CNAMEs if an NS (or any other) record is present. NSs CNAME check OK. RFC1912 2.4 and RFC2181 10.3 state that there should be no CNAMEs if an NS (or any other) record is present.

 

 

 Different autonomous systems WARNING: Single point of failure

 

error.gif Stealth NS records sent Stealth NS records were sent: 

ns1350.websitewelcome.com
ns1349.websitewelcome.com SOA info.gif SOA record The SOA record is:
Primary nameserver: ns1349.websitewelcome.com
Hostmaster E-mail address: dnsadmin.santana.websitewelcome.com
Serial #: 2014080800 
Refresh: 86400 
Retry: 7200 
Expire: 3600000   5 weeks
Default TTL: 86400

 

SOA MNAME entry WARNING: SOA MNAME (ns1349.websitewelcome.com) is not listed as a primary nameserver at your parent nameserver!

 

 warn.gif SOA EXPIRE Your SOA EXPIRE number is: 3600000. That is NOT OK

 

 info.gif MX Records Your MX records that were reported by your nameservers are:

0   arrisint.com   192.185.169.38 

WWW info.gif WWW A Record Your www.arrisint.com A record is:
www.arrisint.com -> arrisint.com -> [ 192.185.169.38  ] 



BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users