Author Topic: What the hell?  (Read 9838 times)

0 Members and 3 Guests are viewing this topic.

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
What the hell?
« on: November 16, 2005, 08:25:43 pm »
Contents of my hosts file (C:\WINDOWS\System32\drivers\etc\hosts):

Code: [Select]
# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host
127.0.0.1       localhost
10.0.0.15 sidoh.no-ip.org
10.0.0.15 www.sidoh.org
10.0.0.15 sidoh.org

And now the odd part:

C:\>ping sidoh.no-ip.org -n 1

Pinging sidoh.no-ip.org [66.28.80.30] with 32 bytes of data:

Reply from 66.28.80.30: bytes=32 time<1ms TTL=64

C:\>ping www.sidoh.org -n 1

Pinging sidoh.org [66.28.80.30] with 32 bytes of data:

Reply from 66.28.80.30: bytes=32 time<1ms TTL=64

C:\>ping sidoh.org -n 1

Pinging sidoh.org [66.28.80.30] with 32 bytes of data:

Reply from 66.28.80.30: bytes=32 time<1ms TTL=64


I'm going to try the "Windows fix" (Restart).  This may end up in the trash can soon enough.  ;)

Offline deadly7

  • 42
  • x86
  • Hero Member
  • *****
  • Posts: 6496
    • View Profile
Re: What the hell?
« Reply #1 on: November 16, 2005, 08:31:39 pm »
You can ping yourself? wtfcopter since when
[17:42:21.609] <Ergot> Kutsuju you're girlfrieds pussy must be a 403 error for you
 [17:42:25.585] <Ergot> FORBIDDEN

on IRC playing T&T++
<iago> He is unarmed
<Hitmen> he has no arms?!

on AIM with a drunk mythix:
(00:50:05) Mythix: Deadly
(00:50:11) Mythix: I'm going to fuck that red dot out of your head.
(00:50:15) Mythix: with my nine

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: What the hell?
« Reply #2 on: November 16, 2005, 08:35:01 pm »
You can ping yourself? wtfcopter since when

No, the addresses should be resolving to 10.0.0.15 (the private address of my server), not my public IP address. (66.28.80.30).

Notice:

Code: [Select]
10.0.0.15      sidoh.no-ip.org
C:\>ping sidoh.no-ip.org -n 1

Pinging sidoh.no-ip.org [66.28.80.30] with 32 bytes of data:


And by the way... restart didn't fix it.  :(

Offline Newby

  • x86
  • Hero Member
  • *****
  • Posts: 10877
  • Thrash!
    • View Profile
Re: What the hell?
« Reply #3 on: November 16, 2005, 08:40:49 pm »
Hmm... this worked fine for me when I was in Windows!

Quote
newby@impaler:~$ cat /mnt/old-drive/WINDOWS/system32/drivers/etc/hosts
# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

127.0.0.1       localhost
192.168.169.2   mom
192.168.169.5   impaler
192.168.169.5   newby.x86labs.org
192.168.169.5   impaler.x86labs.orgnewby@impaler:~$
- Newby
http://www.x86labs.org

Quote
[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz
[17:32:54] * xar sets mode: +o newby
[17:32:58] <xar> new rule
[17:33:02] <xar> me and newby rule all

I'd bet that you're currently bloated like a water ballon on a hot summer's day.

That analogy doesn't even make sense.  Why would a water balloon be especially bloated on a hot summer's day? For your sake, I hope there wasn't too much logic testing on your LSAT. 

Offline Quik

  • Webmaster Guy
  • x86
  • Hero Member
  • *****
  • Posts: 3262
  • \x51 \x75 \x69 \x6B \x5B \x78 \x38 \x36 \x5D
    • View Profile
Re: What the hell?
« Reply #4 on: November 16, 2005, 08:41:19 pm »
I've had this issue with my own network for weeks now. My problem is that when I try to visit the domain from the same lan that my server is on, I get sent to my own IP address, which sees that I'm inside the router and puts me to the router's config page. I have a similar config file, no avail. I'm hoping that my future network changes (might not be possible for you) will fix this issue.
Quote
[20:21:13] xar: i was just thinking about the time iago came over here and we made this huge bomb and light up the sky for 6 min
[20:21:15] xar: that was funny

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: What the hell?
« Reply #5 on: November 16, 2005, 08:42:29 pm »
I've been using a HOSTS file to bypass sidoh.org resolving to my public IP address since I've had my server (about 1.5 years now), it's always worked.  It just stopped working today and I'm unsure why.

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: What the hell?
« Reply #6 on: November 16, 2005, 08:45:33 pm »
Quote
root@slayer:/home/iago# ping www.javaop.com -c1
PING iago.dnsalias.com (142.161.170.188) 56(84) bytes of data.
64 bytes from wnpgmb11dc1-170-188.dynamic.mts.net (142.161.170.188): icmp_seq=1 ttl=149 time=1.71 ms
--- iago.dnsalias.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 1.712/1.712/1.712/0.000 ms

root@slayer:/home/iago# echo "192.168.1.3 www.javaop.com" >> /etc/hosts

root@slayer:/home/iago# ping www.javaop.com -c1
PING www.javaop.com (192.168.1.3) 56(84) bytes of data.
64 bytes from darkside (192.168.1.3): icmp_seq=1 ttl=64 time=2.77 ms
--- www.javaop.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 2.771/2.771/2.771/0.000 ms

*shrug*

The reason I don't do that, however, is because I tend to move my laptop around a lot, and I usually take awhile to realize why I can't get here :)

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: What the hell?
« Reply #7 on: November 16, 2005, 08:47:22 pm »
The reason I don't do that, however, is because I tend to move my laptop around a lot, and I usually take awhile to realize why I can't get here :)

Hehe.  I guess I may have to switch to using the private IP address for everything.

I was wondering if maybe it got shut down or something (because I couldn't get to most of the services it was running -- including SSH), but then I realized I was still listening to Dry Kill Logic (Samba)! :)

You don't think this would have anything to do with it, do you?

C:\>ipconfig -all

Windows IP Configuration

        Host Name . . . . . . . . . . . . : chris
        Primary Dns Suffix  . . . . . . . :
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
        Physical Address. . . . . . . . . : 00-11-2F-62-A4-56
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 10.0.0.25
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 10.0.0.2
        DNS Servers . . . . . . . . . . . : 10.0.0.2


I would imagine Windows should consult the hosts file before it queries a DNS server, but I suppose I could be wrong.  I have all my network settings statically configured, DHCP is disabled on my router, my server is DMZ'd (and I haven't bothered setting up a DHCP server on Linux yet) and I accidentally disabled the HTTP server on my router (T_T).  I may have to restore settings on it or something soon to fix that...
« Last Edit: November 16, 2005, 08:49:45 pm by Sidoh »

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: What the hell?
« Reply #8 on: November 16, 2005, 08:48:26 pm »
Haha

By the way, did you try rebooting? That would probably fix it. 

If not, make sure every line is right in the hosts file.  One bad line might screw up the whole thing.  Also, check Windows' event log, see if there's any new errors?

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: What the hell?
« Reply #9 on: November 16, 2005, 08:51:04 pm »
Haha

By the way, did you try rebooting? That would probably fix it. 

If not, make sure every line is right in the hosts file.  One bad line might screw up the whole thing.  Also, check Windows' event log, see if there's any new errors?

Hehe, I sure did!

I'm going to try the "Windows fix" (Restart). This may end up in the trash can soon enough. ;)

Haha, I was pretty sure that would fix it, but it didn't.  :(

Great ideas, checking on those now.

Edit --

The file looked fine, at least for everything I checked for (extra line-breaks, etc).

I looked at the event log, I didn't notice anything suspicious, except for maybe this (which only seemed slightly suspcious because I didn't recognize it):

Event Type:   Warning
Event Source:   Userenv
Event Category:   None
Event ID:   1517
Date:      11/16/2005
Time:      6:46:20 PM
User:      NT AUTHORITY\SYSTEM
Computer:   CHRIS
Description:
Windows saved user CHRIS\sidoh registry while an application or
service was still using the registry during log off. The memory
used by the user's registry has not been freed. The registry will
be unloaded when it is no longer in use.

This is often caused by services running as a user account,
try configuring the services to run in either the LocalService or
NetworkService account.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

« Last Edit: November 16, 2005, 09:01:04 pm by Sidoh »

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: What the hell?
« Reply #10 on: November 16, 2005, 09:34:25 pm »
I just tried this too:

C:\>ipconfig /flushdns

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.


Didn't work.  :(

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: What the hell?
« Reply #11 on: November 16, 2005, 09:46:07 pm »
I've been poking around on Google and found a few suggestions... none of which worked.

One recommended disabling the DNS service (which didn't work), another suggested it was a virus that changed the path for the hosts file.  I found the registry entry (also listed in google groups) and found it's in the correct path:

 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters \
DataBasePath] = %SystemRoot%\System32\drivers\etc

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: What the hell?
« Reply #12 on: November 16, 2005, 10:07:39 pm »
Sorry for the mega-multiposting here, I just think it helps seperate things.

Found the solution!

Follow these steps:

Go to Control Panel -> Network Connections -> Right-click <YOUR CONNECTION> -> Properties



Click on "Install":



Click on "Protocol" then click the "Add" button:



Click on the "Have Disk..." button:



In the box below the label "Copy manufacturer's files from:", type "\windows\inf" and click on the "OK" button:



Click on "Internet Protocol (TCP/IP)" and then click "OK".

Reboot!

Worked great! :)

C:\>ping sidoh.org

Pinging sidoh.org [10.0.0.15] with 32 bytes of data:

Reply from 10.0.0.15: bytes=32 time<1ms TTL=64
« Last Edit: November 16, 2005, 10:09:26 pm by Sidoh »

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: What the hell?
« Reply #13 on: November 16, 2005, 11:03:19 pm »
Why clue why you had to do all that crap?

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: What the hell?
« Reply #14 on: November 16, 2005, 11:37:41 pm »
Why clue why you had to do all that crap?

Haha, apparently it's a lot easier on SP2:

C:\> netsh winsock reset catalog


But I don't have SP2 for obvious reasons, so I had to manually re-add TCP/IP.

There was actually a very strange problem on the w98 machines at my school that was fixed by this solution as well (it was a login issue).

But I think the answer you're looking for is closer to something like: BECAUSE IT'S WINDOWS! :D