dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
6
share rss forum feed

Rakeesh

join:2011-10-30
Mesa, AZ
Reviews:
·Sprint Mobile Br..
·Cox HSI
reply to Methadras

Re: [CA] Cox blocking torrent sites...

I really don't think Cox is doing IP level blocking of anything (in fact, I haven't heard of any domestic consumer facing ISPs that do any kind of IP level blocking of public addresses.)

I don't think they are doing DNS blocking of anything either, though they DO have flaky DNS servers (I remember one time they had an entire day where DNS servers were down due to a routing loop, and routing loops are usually a pretty easy thing to find and fix; shouldn't take a whole day.)

There are even times when I have tried to reach a subdomain which at certain times of the day, Cox's DNS servers can't resolve, whereas other DNS servers can. Interestingly, Level 3's DNS servers can't resolve them either, and Cox's DNS servers are sourced from Level 3 (anycast address of 4.2.2.1, guessing mine resides in Arizona, so it may be different elsewhere.)

What you might be running into is DNS poisoning. It's possible that your gateway device (router as most people call it, though it's actually multiple devices in one) has an internal DNS server that has a poisoned cache, or even a poisoned hosts file.

Or worse, it's possible that your client machine has a poisoned hosts file.


Methadras

join:2004-05-26
Spring Valley, CA

said by Rakeesh:

I really don't think Cox is doing IP level blocking of anything (in fact, I haven't heard of any domestic consumer facing ISPs that do any kind of IP level blocking of public addresses.)

I don't think they are doing DNS blocking of anything either, though they DO have flaky DNS servers (I remember one time they had an entire day where DNS servers were down due to a routing loop, and routing loops are usually a pretty easy thing to find and fix; shouldn't take a whole day.)

There are even times when I have tried to reach a subdomain which at certain times of the day, Cox's DNS servers can't resolve, whereas other DNS servers can. Interestingly, Level 3's DNS servers can't resolve them either, and Cox's DNS servers are sourced from Level 3 (anycast address of 4.2.2.1, guessing mine resides in Arizona, so it may be different elsewhere.)

What you might be running into is DNS poisoning. It's possible that your gateway device (router as most people call it, though it's actually multiple devices in one) has an internal DNS server that has a poisoned cache, or even a poisoned hosts file.

Or worse, it's possible that your client machine has a poisoned hosts file.

I looked at my hosts file and nothing is in there relating to cgpeers.com or torrentcrazy.com. I can load cgpeers.com now due to hunting it being blocked by a malware program i have running, but i didn't know it was blocking it. However, torrentcrazy.com won't load even if I shut down all of my malware/AV apps. flushed dnscache. Not sure where to look at this point.


Anon401

@cox.net

I do not think the problem is because of Cox. I am getting DNS resolution on the site and I can see traffic being passed back and forth in Wireshark.

The page never does load in a web browser - this is the response I get from a telnet session:

HTTP/1.1 400 Bad Request
Date: Mon, 12 Nov 2012 01:23:18 GMT
Server: Apache/2.2.3 (CentOS)
Content-Length: 311
Connection: close
Content-Type: text/html; charset=iso-8859-1
 
                                                              400 Bad Request
 
                                                                                                         Bad Request
                                                                                                                             <p>Your brows
 sent a request that this server could not understand.
                                                            </p>
                                                                <hr>
                                                                    Apache/2.2.3 (CentOS) Server at www.torrentcrazy.com Port 80
 
Connection to host lost.
 


odog
Cable Centric Vendor Biased
Premium,VIP
join:2001-08-05
Atlanta, GA
kudos:13
Reviews:
·Comcast
reply to Rakeesh

said by Rakeesh:

and Cox's DNS servers are sourced from Level 3 (anycast address of 4.2.2.1, guessing mine resides in Arizona, so it may be different elsewhere.)

Not sure what you mean by that, but COX has it's own discrete DNS servers. L3 has anycasted DNS servers all over america in a few of their larger peering points/datacenters.


judgeroybean

@cox.net

said by odog:

Not sure what you mean by that, but COX has it's own discrete DNS servers. L3 has anycasted DNS servers all over america in a few of their larger peering points/datacenters.

Cox sources direct from one of the root servers?