Guy Harris wrote:
IchBin wrote:
The only problem I have is this just started last week. I have had this
connection since sometime in April. Why would it just now start to rear
it's head?
I did find out that Comcast is now updating and replacing hardware for
higher speeds. At least that is what one of the technical support person
told me. So their are big network changes happening. Naturally I do not
remember the specific details.
Did they make any network changes last week?
The impression I had from the tech support person from Comcast that it
seem to be something new that they had just started doing. As to a pin
point time of this I did not ask on the precise timing of this
development.
I am concerned with the DNS calls to dyndns.org. Well at least the half
hearted attempt. Not sure why is it appending xxz0n3dxx to the front of
that URL. Same goes with
xxz0n3dxx.dyndns.org.hsd1.pa.comcast.net. If I remember correctly the
suffix of hsd1.pa.comcast.net is part of a real comcast DNS.
Does Comcast give the IP address assigned to your machine a DNS address
in the hsdl.pa.comcast.net domain? If so, if some process is trying to
look up xxz0n3dxx.dyndns.org, when the attempt to look it up fails, the
resolver probably says "maybe that's a non-fully-qualified domain name"
and tries to append the domain name suffix for the domain you're in.
Well from what I am finding, using http://openrbl.org/,
hsdl.pa.comcast.net domain resolves to my IP address of 69.139.93.171:
Host-Name: c-69-139-93-171.hsd1.pa.comcast.net
Domain: comcast.net (204.127.228.15 216.148.227.202
63.240.76.72 204.127.195.15
204.127.205.8)
NetRange: 69.136.0.0 - 69.143.255.255
CIDR: 69.136.0.0/13
NetName: JUMPSTART-3
NetHandle: NET-69-136-0-0-1
Parent: NET-69-0-0-0-0
So I guess the answer is yes.
BTW - when I look at all the Local IP-host names and associated
Process-ids for the UDP and TCP protocol's running I see these as the
Local IP-host names:
localhost
WEConsultants.hsdl.pa.comcast.net
WEConsultants
Still need to find the bugger who is causing that problem. Or more
interestingly where is this xxz0n3dxx.dyndns.org coming from on my
machine. I did a global text search for xxz0n3dxx.dyndns.org and only
found in 5 files but these related to the emails I have sent to this
newsgroup. Maybe I should look for just xxz0n3dxx or dyndns by themselves.
When I see these Standard Queries, in real time, I see the Process-ids
associated but no associated program initiating that process.
--
Thanks in Advance... http://weconsulting.org
IchBin, Philadelphia, Pa, USA http://ichbinquotations.weconsulting.org
______________________________________________________________________
'If there is one, Knowledge is the "Fountain of Youth"'
-William E. Taylor, Regular Guy (1952-)
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users
