One word: DNS

Well, actually that's three but nevermind.
The point is - I don't have any and it's getting annoying!

What are NTL doing about this?
The status page says that it's fixed... BS!


C:\Documents and Settings\********>ping www.samspade.org
Ping request could not find host www.samspade.org. Please check the name and try
again.


:afire:

Any chance that someone could post the IP for www.samspade.org please? :)

(not http://samspade.org but for the www sub domain)

perhaps you should vent your anger at samspade:


C:\Documents and Settings\Baldy>tracert www.samspade.org

Tracing route to www.samspade.org [206.117.161.80]
over a maximum of 30 hops:

1 10 ms 11 ms 9 ms 10.149.119.254
2 21 ms 9 ms 7 ms swan-t2cam1-a-v100.inet.ntl.com [80.0.254.1]
3 10 ms 9 ms 9 ms swa-t2core-a-ge-wan61.inet.ntl.com [213.105.225.17]
4 12 ms 12 ms 38 ms bir-bb-a-so-210-0.inet.ntl.com [62.253.187.237]
5 23 ms 14 ms 16 ms man-bb-b-so-700-0.inet.ntl.com [62.253.185.134]
6 16 ms 15 ms 16 ms man-bb-a-ae0-0.inet.ntl.com [62.253.187.177]
7 18 ms 15 ms 13 ms ycr2-so-3-0.Manchester.cw.net [208.175.252.89]
8 25 ms 26 ms 25 ms bcr2-so-3-0-0.Thamesside.cw.net [166.63.209.201]
9 89 ms 89 ms 91 ms dcr2-loopback.NewYork.cw.net [206.24.194.100]
10 91 ms 134 ms 89 ms agr4-so-6-0-0.NewYork.cw.net [206.24.207.206]
11 89 ms 89 ms 93 ms acr1-loopback.NewYork.cw.net [206.24.194.61]
12 86 ms 86 ms 278 ms p4-2-1-0.r04.nycmny01.us.bb.verio.net [129.250.9.77]
13 87 ms 86 ms 86 ms p16-1-1-0.r21.nycmny01.us.bb.verio.net [129.250.3.48]
14 95 ms 93 ms 93 ms p16-1-0-1.r21.asbnva01.us.bb.verio.net [129.250.5.99]
15 182 ms 167 ms 168 ms p16-0-1-2.r20.plalca01.us.bb.verio.net [129.250.2.192]
16 163 ms 167 ms 165 ms p64-0-0-0.r20.snjsca04.us.bb.verio.net [129.250.2.71]
17 267 ms 155 ms 214 ms xe-0-2-0.r21.snjsca04.us.bb.verio.net [129.250.2.73]
18 158 ms 162 ms 157 ms p16-1-1-1.r21.lsanca01.us.bb.verio.net [129.250.2.186]
19 158 ms 158 ms 270 ms ge-3-0-0.a02.lsanca02.us.ra.verio.net [129.250.29.131]
20 157 ms 160 ms 160 ms ge-1-2.a01.lsanca02.us.ra.verio.net [129.250.46.93]
21 157 ms 158 ms 158 ms ge-2-3-0.a02.lsanca02.us.ce.verio.net [198.172.117.163]
22 159 ms 161 ms 161 ms lngw2-isi-1-atm.ln.net [130.152.180.22]
23 172 ms 162 ms 162 ms acg-isi.ln.net [130.152.136.2]
24 * * ^C

try doing a 'Traceroute' report from samspade itself:

http://www.samspade.org/t/trace?a=www.samspade.org

perhaps they've turned ICMP off

Yeah, but at least you can resolve the domain...I can't :cry:

EDIT: OK - fixed at last.

What I did:

Zone Alarm had been blocking my DNS servers so I added them to trusted then did this in a command prompt:

ipconfig /flushdns

Now everything works again. :) :rolleyes: :mad: :p

:rolleyes: I doubt the DNS issues are resolved..

Originally posted by Roger K
What are NTL doing about this?
The status page says that it's fixed... BS!
:afire:

have you called ntl to tell them you have finally fixed their DNS issue :eek: :rolleyes:

OK - that is resolved (and is a fix for ZA owners) but I have noticed a worrying sharp increase in pings to my IP from NTL IPs.
It's like the worm, except that it's more frequent.

Check this out:

FWIN,2003/08/18,17:09:20 +1:00 GMT,81.99.28.85:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:09:28 +1:00 GMT,81.98.255.23:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:09:44 +1:00 GMT,200.77.111.136:4977,*.*.*.*:2318,TCP (flags:S)
FWIN,2003/08/18,17:10:12 +1:00 GMT,81.104.8.10:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:10:16 +1:00 GMT,81.101.161.22:3564,*.*.*.*:135,TCP (flags:S)
FWIN,2003/08/18,17:10:22 +1:00 GMT,172.196.97.59:2279,*.*.*.*:4662,TCP (flags:S)
FWIN,2003/08/18,17:10:40 +1:00 GMT,81.101.29.163:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:10:42 +1:00 GMT,81.101.113.197:3303,*.*.*.*:135,TCP (flags:S)
FWIN,2003/08/18,17:10:46 +1:00 GMT,81.101.22.102:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:11:44 +1:00 GMT,81.100.194.15:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:12:12 +1:00 GMT,81.101.29.171:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:12:14 +1:00 GMT,81.101.213.19:1911,*.*.*.*:445,TCP (flags:S)
FWIN,2003/08/18,17:12:14 +1:00 GMT,81.101.43.123:2277,*.*.*.*:135,TCP (flags:S)
FWIN,2003/08/18,17:12:16 +1:00 GMT,81.101.209.133:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:12:24 +1:00 GMT,81.101.244.6:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:12:34 +1:00 GMT,81.101.148.148:1623,*.*.*.*:135,TCP (flags:S)
FWIN,2003/08/18,17:12:50 +1:00 GMT,81.99.188.193:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:13:00 +1:00 GMT,81.98.39.69:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:13:04 +1:00 GMT,81.98.255.135:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:13:24 +1:00 GMT,81.104.239.91:0,*.*.*.*:0,ICMP (type:8/subtype:0)
PE,2003/08/18,17:13:46 +1:00 GMT,Generic Host Process for Win32 Services,194.168.4.100:53,N/A
FWIN,2003/08/18,17:13:46 +1:00 GMT,81.104.160.116:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:14:02 +1:00 GMT,81.101.152.185:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:14:06 +1:00 GMT,81.101.127.52:4645,*.*.*.*:135,TCP (flags:S)
FWIN,2003/08/18,17:14:18 +1:00 GMT,81.103.247.93:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:14:20 +1:00 GMT,81.101.255.129:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:14:32 +1:00 GMT,81.101.54.239:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:14:42 +1:00 GMT,81.101.161.52:2886,*.*.*.*:135,TCP (flags:S)
FWIN,2003/08/18,17:14:58 +1:00 GMT,81.101.8.57:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:15:16 +1:00 GMT,81.100.148.122:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:15:58 +1:00 GMT,81.101.148.148:4473,*.*.*.*:139,TCP (flags:S)
FWIN,2003/08/18,17:16:02 +1:00 GMT,81.101.159.164:1465,*.*.*.*:135,TCP (flags:S)
FWIN,2003/08/18,17:16:10 +1:00 GMT,81.101.88.194:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:16:32 +1:00 GMT,81.103.112.102:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:16:38 +1:00 GMT,81.102.45.5:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:16:44 +1:00 GMT,81.103.146.203:4044,*.*.*.*:135,TCP (flags:S)
FWIN,2003/08/18,17:17:22 +1:00 GMT,81.98.107.7:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:17:34 +1:00 GMT,81.101.126.208:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:17:42 +1:00 GMT,81.102.224.53:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:17:54 +1:00 GMT,81.101.20.118:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:18:06 +1:00 GMT,81.101.4.23:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:18:24 +1:00 GMT,81.101.53.131:3942,*.*.*.*:135,TCP (flags:S)
FWIN,2003/08/18,17:18:46 +1:00 GMT,81.98.173.183:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:18:58 +1:00 GMT,81.101.255.175:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:19:24 +1:00 GMT,81.101.62.20:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:20:08 +1:00 GMT,81.101.4.65:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:20:10 +1:00 GMT,81.101.183.8:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:20:20 +1:00 GMT,81.103.194.193:0,*.*.*.*:0,ICMP (type:8/subtype:0)
FWIN,2003/08/18,17:20:22 +1:00 GMT,81.100.237.102:4861,*.*.*.*:135,TCP (flags:S)
FWIN,2003/08/18,17:20:30 +1:00 GMT,81.99.146.23:0,*.*.*.*:0,ICMP (type:8/subtype:0)


:eek:

Upon further investigation, it appears that there is a new worm about already: http://isc.sans.org/diary.html?date=2003-08-18

:erm:

yea...ive got the same, just looking at my ZA logs. IS there anymore info on this new worm/virus?
A few of the hits are from NTL customers, or atleast the DNS shows them up to be from NTL although i have a few which shows ".in-addr.arpa" - anyone got aclue what that means?

Also, you cant ping www.samspade.org (found this out when i was working for an ISP) although it works here ok though :)

EDIT: This worm is doing some damage - im getting pinged every 4 seconds ! its making me dizzy :spin:

is this why web access is as slow as a sedated snail tonight ?


It seems to be back up to speed now, it was running slow from about 10.30 till just now :shrug:

I tried changing my proxy to Northampton (from Nottingham) last night and I'm speeding along ever since!:D :D :cool: