Website doesn't load

[Crow T Robot]

Only problem is I can't load the page from my Laptop either which is
connected to the router. So more than likely a router issue? Of course
that doesn't explain why I can connect through IE when running on XP?


"Big Steel" wrote in message

Yes, CISCO E10000

Yeah I thought so. I had that problem where one machine on the LAN
couldn't access the site when all the other machines could. I think you
will find out that if you remove the router and connect the machine
directly to the Internet, it's going to connect just fine to the site.

I had to flash the router with its firmware, which was an article about
on the router I found long ago.

You can look at it from that angle. You could also connect the machine
to another plug on the router.

 

[Big Steel]

Only problem is I can't load the page from my Laptop either which is
connected to the router. So more than likely a router issue? Of course
that doesn't explain why I can connect through IE when running on XP?

One way to find out where the problem lies is to connect the computer or
computers to the Internet directly without the router. Take the laptop
to another location and see if it can access the site.

 

[G. Morgan]

You are not David H Lipman. You are impersonating him which is not a very nice thing
to do. Your posting properties does not lie.

Besides David would never say those things which you said in your post

Or spell "behaviour" that way.

 

[Crow T Robot]

I will rule the router out or in as the problem tomorrow. I 'll connect
directly to the modem and see what happens.


"Big Steel" wrote in message

Only problem is I can't load the page from my Laptop either which is
connected to the router. So more than likely a router issue? Of course
that doesn't explain why I can connect through IE when running on XP?

One way to find out where the problem lies is to connect the computer or
computers to the Internet directly without the router. Take the laptop
to another location and see if it can access the site.

 

[Stan Brown]

No I don't just poorly worded my mistake.

"Stan Brown" wrote in message



It sounds like you think an operating system loads a Web site (or
doesn't) but actually it's a browser. This Web site must have an
issue with MSIE, because it loads just fine in Firefox 3.6.

You might not be aware of a big problem with your quoting style.
The way your newsreader is doing it, when someone else follows
up, it looks like you *said* what you actually only quoted.

The problem is that Windows Live Mail 2011 (version 15) has a
quoting style that is completely broken. Unfortunately that poses
a painful choice to you: either fix every quote manually, or get
a real newsreader such as Gravity, Xananews, and Forte Agent (to
mention some that come to mind at the moment). OR, if you really
want WLM, some say that WLM 14 will serve; see "SC Tom" below.

update 2011-04-02: I've seen a newsgroup posting claiming you
can un-break WLM 15 by installing and using an Autohotkey script:
http://www.dusko-lolic.from.hr/wlmquote/

Thanks for your consideration!

Along with what the others have suggested, you can uninstall
WLM 2011 and install WLM 2009 instead, which handles quoting
a lot better:

http://www.microsoft.com/downloads/en/details.aspx?
FamilyID=56883de5-2024-4631-806e-757693072a1c

[or use http://tinyurl.com/25zfouw which redirects to the above]

 

[Ed Cryer]

But your name is dummy; so whatever you say is not important because
dummies are dummies with nothing of relevance to us!

Your name is Tester; testy and unproven. Keep on growing up and trying.

Ed

 

[Tester]

Your name is Tester; testy and unproven. Keep on growing up and trying.

And you should stop crying about problems that are not yours or nothing
to do with you. Have you been off today from going to your local park
to abuse young boys? You are being watched - did you know that?

 

[Ed Cryer]

And you should stop crying about problems that are not yours or nothing
to do with you. Have you been off today from going to your local park
to abuse young boys? You are being watched - did you know that?

You're an idiot; and a predictable idiot.

Ed

 

[Tester]

You're an idiot; and a predictable idiot.

It takes one idiot to know another and easily predictable!

 

[Crow T Robot]

"Crow T Robot" wrote in message

"Big Steel" wrote in message

Only problem is I can't load the page from my Laptop either which is
connected to the router. So more than likely a router issue? Of course
that doesn't explain why I can connect through IE when running on XP?

Ok, its not the router as I connected straight to the computer and still
could not load the site. So some random setting got changed somewhere as I
can not load the site with IE8, Firefox, or Chrome. But as I said if I boot
into XP and run IE8 or it might be 7 it loads no problem. I'm gonna try XP
mode next which may or may not load.

 

[Tester]

Ok, its not the router as I connected straight to the computer and
still could not load the site. So some random setting got changed
somewhere as I can not load the site with IE8, Firefox, or Chrome.
But as I said if I boot into XP and run IE8 or it might be 7 it loads
no problem. I'm gonna try XP mode next which may or may not load.

If you can't load on any of the browsers then clearly your hosts file is
"infected". The word is in quotation marks to indicate that although it
is a simple text file, some rogue program has entered an erroneous entry
to block that particular site.

do you get any error messages? If so post here together with a link to
that site in question. Also check that your host file hasn't got any
entry like:

127.0.0.1 www.example.com

Obviously, example.com is a fictitious domain blocked by host file in my
example above.

 

[Aretwodeetwo]

Has a problem with the browser only loading one site

It was the LAN settings and was set to some strange IP server

Also had some funky spyware

 

[Paul]

"Crow T Robot" wrote in message

"Big Steel" wrote in message



Ok, its not the router as I connected straight to the computer and still
could not load the site. So some random setting got changed somewhere
as I can not load the site with IE8, Firefox, or Chrome. But as I said
if I boot into XP and run IE8 or it might be 7 it loads no problem. I'm
gonna try XP mode next which may or may not load.

As Tester points out, part of the process is DNS translation.

You type in

http://www.bnsf.com

The browser consults DNS to get an IP address for that host.
Then, in effect, the packet sent looks like a request for this.

http://170.49.49.66

If you open a command prompt window, you can try

nslookup www.bnsf.com

and verify the 170.49.49.66 comes back. That would help
verify DNS is working.

DNS translations can be hijacked various ways, and
the "hosts" file is just one of them. The "hosts" file
on C:, is a way of overriding DNS translation. And
can be used to prevent access to particular sites.
For example, if I entered this as a line in the hosts file,
I wouldn't be able to reach bnsf.com

127.0.0.1 bnsf.com # point bnsf.com to "localhost"

It's possible for some legit software you're using,
to load up the hosts file, so if the hosts file is huge
and contains a lot of lines in it, it isn't a guarantee
of "malware". Some software may be filtering the Internet
for you, using that as a crude mechanism.

If you use this program, you can view incoming and outgoing
packets. And see whether a packet gets sent to 170.49.49.66
when you use the browser to reach www.bnsf.com . Using
the options under View:Name Resolution, you can change
how the IP addresses are displayed, either numeric or
symbolic. Viewing numerically, you can check to see
if 170.49.49.66 is actually being used.

http://en.wikipedia.org/wiki/Wireshark

Now, another hijacking method, is the "proxy server". The
web browser, may support going to an intermediate agent
like a proxy server. The browser may have a setting, for how
it detects a proxy server. Some malware, uses the proxy, to
redirect requests to their own server, serving their own
advertising, and making money for themselves.

Some legitimate reasons for a proxy scheme to exist, are here.

http://en.wikipedia.org/wiki/Proxy_server

Again, watch where Wireshark says the packets are going,
and see if the details look correct or not.

So that's at least two mechanisms, for preventing you from
getting to where you're going.

And if you can't get Wireshark to run, then some software
(malware) on your computer, doesn't want you debugging your
problem. Make sure the version of Wireshark you download,
is known to work with Windows 7, and follow all available
instructions for installing it (in case there are UAC issues).

Web browsers have plenty of security settings, which is
another way to introduce problems. But I don't see
much on that web site, in a quick check, to suggest
immediate security setting issues.

Paul

 

[Crow T Robot]

Ok, looked at the host file, Windows\system32\drivers\etc correct? All the
files"looked" ok nothing that I would call out of the ordinary. The
NS-lookup www.bnsf.com came back as

Server: dns-cac-lb-01.rr.com
Address 209.18.47.61

Non-authoritative answer:
Name: www.bnsf.com.twmi.rr.com
Address: 72.3.199.7

I know this probably is not workable but is there a file I could transfer
from XP to win7 that "might" solve this? IE8 under XP works fine. Or even
to compare the entries from one file to the other.



"Paul" wrote in message

"Crow T Robot" wrote in message

"Big Steel" wrote in message



Ok, its not the router as I connected straight to the computer and still
could not load the site. So some random setting got changed somewhere as
I can not load the site with IE8, Firefox, or Chrome. But as I said if I
boot into XP and run IE8 or it might be 7 it loads no problem. I'm gonna
try XP mode next which may or may not load.

As Tester points out, part of the process is DNS translation.

You type in

http://www.bnsf.com

The browser consults DNS to get an IP address for that host.
Then, in effect, the packet sent looks like a request for this.

http://170.49.49.66

If you open a command prompt window, you can try

nslookup www.bnsf.com

and verify the 170.49.49.66 comes back. That would help
verify DNS is working.

DNS translations can be hijacked various ways, and
the "hosts" file is just one of them. The "hosts" file
on C:, is a way of overriding DNS translation. And
can be used to prevent access to particular sites.
For example, if I entered this as a line in the hosts file,
I wouldn't be able to reach bnsf.com

127.0.0.1 bnsf.com # point bnsf.com to "localhost"

It's possible for some legit software you're using,
to load up the hosts file, so if the hosts file is huge
and contains a lot of lines in it, it isn't a guarantee
of "malware". Some software may be filtering the Internet
for you, using that as a crude mechanism.

If you use this program, you can view incoming and outgoing
packets. And see whether a packet gets sent to 170.49.49.66
when you use the browser to reach www.bnsf.com . Using
the options under View:Name Resolution, you can change
how the IP addresses are displayed, either numeric or
symbolic. Viewing numerically, you can check to see
if 170.49.49.66 is actually being used.

http://en.wikipedia.org/wiki/Wireshark

Now, another hijacking method, is the "proxy server". The
web browser, may support going to an intermediate agent
like a proxy server. The browser may have a setting, for how
it detects a proxy server. Some malware, uses the proxy, to
redirect requests to their own server, serving their own
advertising, and making money for themselves.

Some legitimate reasons for a proxy scheme to exist, are here.

http://en.wikipedia.org/wiki/Proxy_server

Again, watch where Wireshark says the packets are going,
and see if the details look correct or not.

So that's at least two mechanisms, for preventing you from
getting to where you're going.

And if you can't get Wireshark to run, then some software
(malware) on your computer, doesn't want you debugging your
problem. Make sure the version of Wireshark you download,
is known to work with Windows 7, and follow all available
instructions for installing it (in case there are UAC issues).

Web browsers have plenty of security settings, which is
another way to introduce problems. But I don't see
much on that web site, in a quick check, to suggest
immediate security setting issues.

Paul

 

[Paul]

Ok, looked at the host file, Windows\system32\drivers\etc correct? All
the files"looked" ok nothing that I would call out of the ordinary.
The NS-lookup www.bnsf.com came back as

Server: dns-cac-lb-01.rr.com
Address 209.18.47.61

Non-authoritative answer:
Name: www.bnsf.com.twmi.rr.com
Address: 72.3.199.7

I know this probably is not workable but is there a file I could
transfer from XP to win7 that "might" solve this? IE8 under XP works
fine. Or even to compare the entries from one file to the other.

OK, so your DNS isn't working right. It looks like some domain
magic is in effect, with "twmi.rr.com" being added to the URL.
I'm not enough of a "network guy" to know why they're doing that.
Presumably it's to force DNS translation to that particular
server, but they could just as easily have done it via DHCP
and auto-populating the DNS entries in the network control panel
for your LAN.

http://web.archive.org/web/20081209044155/http://www.robtex.com/dns/twmi.rr.com.html

It's obvious, the wrong answer is coming back. I tried reverse
translating 72.3.199.7 and it says it is part of Rackspace,
and I'm not getting the impression that is the bnsf site.
And no, I'm *not* entering 72.3.199.7 in my browser, "just
to see where it goes"...

*******

Have you tried

http://170.49.49.66

yet like suggested ? What happened when you did ? The purpose
of doing that, is to try to avoid DNS.

As far as I know, 170.49.49.66 is the address it should be using.

For fun, you can try "nslookup" again, like this

nslookup 170.49.49.66

just to see what kind of cornball excuse for a translation
you get

*******

You can set up DNS servers manually on your computer. Note
though, that an issue with letting anyone run DNS translations
for you, is they get to "sniff" where you're going. There is
a thing called OpenDNS and Google also offers a free DNS
server. They're used by people who have trouble with the
DNS their ISP provides.

I suspect you're the victim of some "install CD" your
ISP provided, which has done a bit more than what
we would normally do without such kind assistance.
In my network control panel, for my LAN interface on
the computer, I set it up to automatically get the
info from my home server (that uses DHCP). And my
modem/router, in term, get their information from
the ISP. In other words, next to no customization.

If I use the web interface to my modem/router, it shows
the two primary DNS servers allocated dynamically to my
session (they change each time I establish the DHCP lease).
That would be a relatively standard way of doing things.

But I suspect your networking setup has been modified, and
a qualified domain is being added to the URL to make
something that will always be accessing the twmi.rr.com
nameserver. Seems like overkill, especially if tomorrow
you changed ISPs, and that setup ended up completely broken :-(
The purpose of the default "automatic" option in Windows,
is so the next upstream networking device is consulted,
even after you change ISPs - being automatic, there
aren't the side effects of some custom monkey business.

And seeing as the wrong IP address is coming back anyway,
this doesn't really look like a functional setup.

If you read some of the comments regarding these options,
using an alternate solution for DNS isn't always an option.
You should contact RoadRunner tech support, and ask them
why you're using twmi.rr.com and why the right answer
isn't coming back (tell them your nslookup results and
why you're pissed!). Perhaps they have a pre-baked recipe
for undoing whatever has been done to your machine.

http://code.google.com/speed/public-dns/

http://code.google.com/speed/public-dns/docs/using.html

http://en.wikipedia.org/wiki/Opendns

Paul

 

[Thip]

OK, so your DNS isn't working right. It looks like some domain
magic is in effect, with "twmi.rr.com" being added to the URL.
I'm not enough of a "network guy" to know why they're doing that.
Presumably it's to force DNS translation to that particular
server, but they could just as easily have done it via DHCP
and auto-populating the DNS entries in the network control panel
for your LAN.

Maybe you're no "network guy," but thanks for that bit of educational info.
I've been out of IT for quite a few years and quit trying to keep up with
anything but hardware. Most informative.

 

[Crow T Robot]

Went through and looked over the Router settings. It requires a Domain and
in the domain entry is twmi.rr.com when I tried the IP address for the BNSF
website I got the same result could not connect to the requested website.
The trace revealed the same info as the www trace did.

the nslookup for 170.49.49.66 came back

Server dns-cac-lb-01.rr.com
Address 209.18.47.61

Name www.bnsf.com
address 170.49.49.66

Still does not work via DNS. I'm thinking it’s the router might try and
delete the Domain entry if I can??

"Paul" wrote in message

Ok, looked at the host file, Windows\system32\drivers\etc correct? All
the files"looked" ok nothing that I would call out of the ordinary. The
NS-lookup www.bnsf.com came back as

Server: dns-cac-lb-01.rr.com
Address 209.18.47.61

Non-authoritative answer:
Name: www.bnsf.com.twmi.rr.com
Address: 72.3.199.7

I know this probably is not workable but is there a file I could transfer
from XP to win7 that "might" solve this? IE8 under XP works fine. Or
even to compare the entries from one file to the other.

OK, so your DNS isn't working right. It looks like some domain
magic is in effect, with "twmi.rr.com" being added to the URL.
I'm not enough of a "network guy" to know why they're doing that.
Presumably it's to force DNS translation to that particular
server, but they could just as easily have done it via DHCP
and auto-populating the DNS entries in the network control panel
for your LAN.

http://web.archive.org/web/20081209044155/http://www.robtex.com/dns/twmi.rr.com.html

It's obvious, the wrong answer is coming back. I tried reverse
translating 72.3.199.7 and it says it is part of Rackspace,
and I'm not getting the impression that is the bnsf site.
And no, I'm *not* entering 72.3.199.7 in my browser, "just
to see where it goes"...

*******

Have you tried

http://170.49.49.66

yet like suggested ? What happened when you did ? The purpose
of doing that, is to try to avoid DNS.

As far as I know, 170.49.49.66 is the address it should be using.

For fun, you can try "nslookup" again, like this

nslookup 170.49.49.66

just to see what kind of cornball excuse for a translation
you get

*******

You can set up DNS servers manually on your computer. Note
though, that an issue with letting anyone run DNS translations
for you, is they get to "sniff" where you're going. There is
a thing called OpenDNS and Google also offers a free DNS
server. They're used by people who have trouble with the
DNS their ISP provides.

I suspect you're the victim of some "install CD" your
ISP provided, which has done a bit more than what
we would normally do without such kind assistance.
In my network control panel, for my LAN interface on
the computer, I set it up to automatically get the
info from my home server (that uses DHCP). And my
modem/router, in term, get their information from
the ISP. In other words, next to no customization.

If I use the web interface to my modem/router, it shows
the two primary DNS servers allocated dynamically to my
session (they change each time I establish the DHCP lease).
That would be a relatively standard way of doing things.

But I suspect your networking setup has been modified, and
a qualified domain is being added to the URL to make
something that will always be accessing the twmi.rr.com
nameserver. Seems like overkill, especially if tomorrow
you changed ISPs, and that setup ended up completely broken :-(
The purpose of the default "automatic" option in Windows,
is so the next upstream networking device is consulted,
even after you change ISPs - being automatic, there
aren't the side effects of some custom monkey business.

And seeing as the wrong IP address is coming back anyway,
this doesn't really look like a functional setup.

If you read some of the comments regarding these options,
using an alternate solution for DNS isn't always an option.
You should contact RoadRunner tech support, and ask them
why you're using twmi.rr.com and why the right answer
isn't coming back (tell them your nslookup results and
why you're pissed!). Perhaps they have a pre-baked recipe
for undoing whatever has been done to your machine.

http://code.google.com/speed/public-dns/

http://code.google.com/speed/public-dns/docs/using.html

http://en.wikipedia.org/wiki/Opendns

Paul

 

[Paul]

Went through and looked over the Router settings. It requires a Domain
and in the domain entry is twmi.rr.com when I tried the IP address for
the BNSF website I got the same result could not connect to the
requested website. The trace revealed the same info as the www trace did.

the nslookup for 170.49.49.66 came back

Server dns-cac-lb-01.rr.com
Address 209.18.47.61

Name www.bnsf.com
address 170.49.49.66

Still does not work via DNS. I'm thinking it’s the router might try and
delete the Domain entry if I can??

For what it is worth, my router has a "LAN Settings" window
and "Local Domain Name (optional)". I leave the Local Domain Name
blank. What I was trying to do, is have the router just use
DHCP to automatically fetch the public IP address, and the
two ISP provided DNS server addresses.

Your router got that "twmi.rr.com" value somehow. Perhaps the
router is a rental that comes with the service, and that
dialog was populated by RoadRunner before shipping it to
you ? I'd write down the current settings, and experiment
with changing it.

Purely for your amusement, there *is* a way for a router
settings to get changed But since twmi.rr.com looks
legit, I wouldn't panic just yet. This highlights the need
to use a real password (not the default password) with any router.
When you get a router, change the administration password
on it immediately, and place a sticky paper on the router
casing so you won't forget.

http://blog.washingtonpost.com/securityfix/2008/06/malware_silently_alters_wirele_1.html

Have you tried this ? And did the BNSF site appear ?

http://170.49.49.66

Paul

 

[Crow T Robot]

"Paul" wrote in message

Went through and looked over the Router settings. It requires a Domain
and in the domain entry is twmi.rr.com when I tried the IP address for the
BNSF website I got the same result could not connect to the requested
website. The trace revealed the same info as the www trace did.

the nslookup for 170.49.49.66 came back

Server dns-cac-lb-01.rr.com
Address 209.18.47.61

Name www.bnsf.com
address 170.49.49.66

Still does not work via DNS. I'm thinking it’s the router might try and
delete the Domain entry if I can??

and "Local Domain Name (optional)". I leave the Local Domain Name
blank. What I was trying to do, is have the router just use
DHCP to automatically fetch the public IP address, and the
two ISP provided DNS server addresses.
router is a rental that comes with the service, and that
dialog was populated by RoadRunner before shipping it to
you ? I'd write down the current settings, and experiment
with changing it.
settings to get changed But since twmi.rr.com looks
legit, I wouldn't panic just yet. This highlights the need
to use a real password (not the default password) with any router.
When you get a router, change the administration password
on it immediately, and place a sticky paper on the router
casing so you won't forget.

http://blog.washingtonpost.com/securityfix/2008/06/malware_silently_alters_wirele_1.html

Have you tried this ? And did the BNSF site appear ?

http://170.49.49.66

No just got the browser statement could not connect. IE diagnoses reports
nothing is wrong. It is a store bought router so I'm not sure where the
twmi.rr.com came from??

 

[Paul]

"Paul" wrote in message
For what it is worth, my router has a "LAN Settings" window
and "Local Domain Name (optional)". I leave the Local Domain Name
blank. What I was trying to do, is have the router just use
DHCP to automatically fetch the public IP address, and the
two ISP provided DNS server addresses.

Your router got that "twmi.rr.com" value somehow. Perhaps the
router is a rental that comes with the service, and that
dialog was populated by RoadRunner before shipping it to
you ? I'd write down the current settings, and experiment
with changing it.

Purely for your amusement, there *is* a way for a router
settings to get changed But since twmi.rr.com looks
legit, I wouldn't panic just yet. This highlights the need
to use a real password (not the default password) with any router.
When you get a router, change the administration password
on it immediately, and place a sticky paper on the router
casing so you won't forget.

http://blog.washingtonpost.com/securityfix/2008/06/malware_silently_alters_wirele_1.html

Have you tried this ? And did the BNSF site appear ?

http://170.49.49.66


No just got the browser statement could not connect. IE diagnoses
reports nothing is wrong. It is a store bought router so I'm not sure
where the twmi.rr.com came from??

So http://170.49.49.66 doesn't work ? That should have worked as
it wouldn't need to use DNS to get there.

Some software uses "reverse translation" before carrying out a protocol.
I used to have problems with that, for network equipment without DNS
entries. Some OSes do the reverse translation as a means of detecting
spoofing. I thought the browser test, of the form we're testing,
should work. But it might not work on all OSes, as for security
reasons some may want to reverse translate and verify what
symbolic address that is. If an OS does the reverse translation, and
the answer is "there is no translation for 170.49.49.66", then the
OS would conclude that it shouldn't carry out the request. In your
case, whatever is doing DNS for you at the ISP, may not have an
entry for 170.49.49.66 . I didn't think browsing in Windows, would
involve such a check.

I'd try experimenting, by removing the optional LAN domain in your
router, and see if a different DNS server gets used automatically.
If things become worse, you can always put it back.

Your ISP *can* mess around, and do things to the DNS entries
if they want, preventing you from getting to certain sites.
This is one of the reasons, occasionally, there is a need to
verify with a third party DNS lookup, to see what the
address is supposed to be. Using OpenDNS or Google DNS are
options (your computer consults Google instead of the ISP),
but if an ISP really wants to block a site, they can also
filter the IP address itself. ISP networking equipment
has become quite powerful, with all sorts of
capabilities, such as detecting and stopping certain
protocols put by the user on arbitrary ports and so on.
The network equipment now, can look into the payload of
the packets, for hints about what the user is doing
(BitTorrent) and respond in some way. So just about anything
is possible now, in terms of networking problems.

To give an example, a couple years ago, my ISP had just
received such a networking box, and were using it to slow down
BitTorrent. But they also managed to "splatter" port 80 HTML traffic,
inserting RST packets where they didn't belong. That causes
web browsing problems, where a week ago there were none. They
eventually figured it out.

Paul