Curious – 68. IP will not work, but not 192 [trend micro housecall] [mcafee stinger]
Q: Do you have a neighbor who asked me to look at their connection to take. Heres the deal .
Their laptop connected to a cable modem will get 75% packet loss and does not charge anything other than MSN. Ran current version of AVG, Trend Micro HouseCall, McAfee Stinger, Spybot S u0026 D, Ad Aware and it comes clean.
Hooked my laptop to their modem and it is perfect, so I tell them the problem with their laptop. They take it to a local store – it works fine when tested (Shop uses a router). They bring it back and still can not surf on their cable modem.
I rebuild the Winsock just to be sure and it still will not work. Its actually worse and now it will not resolve DNS, but will ping an IP at 75% packet loss. I got a router connected to the modem and laptop and works like a charm.
The current situation is this:
It will not be solved or browse by using the modem 68. But with an IP router in line with the same modem works fine on a 192. IP.
Not one of the most popular apps updated and found a single problem, other than a few common tracking cookies.
Anyone ever seen this before? My guess is that it has been hijacked, but the most common bug hunters did not then I do not know what would.
Thanks in advance!
Best Answer: I read in your code this:
b1 = NULL;
//delete (b1); //why won't this work?
cout <<b1 <<endl; //be very careful…
You should not set b1=NULL until you don't need it anymore:
cout <<b1 <<endl; //be very careful
delete (b1); //Now it should work
b1 = NULL; //Now it's safe to set it to null
The reason is that delete function releases all the memory associated to the pointer b1, that is, after deleting b1, it points to an invalid address. Then that's why you finally set it to null, which is also an invalid address, but is used to specify the pointer is not valid anymore. So strictly, it is not necessary to set it to null, but is convenient for the programmer.
Re:Originally posted by: guy
Originally posted by: guy
You sound like you're on the right track. My guess would be an open relay or trojan using the upstream bandwidth when you have a public ip on the laptop creating the ploss.
Have you tried msconfig trick? Safe mode with networking? Try a different browser (ff/opera?) Sounds really screwy but you've already isolated it down to their desktop. NAT behind a router is fine for me, but it still doesn't fix the initial problem. If you find out check back in and let us inquiring minds know.
It's a puzzle. Tried it with Firefox and got the same thing as pinging from the cmd window – 75 to 100% packet loss on the modem but it works perfect with the router. I tried another Motorola SB they had from a previous address… called it in and it linked right up but the problem remained.
I almost started it in safe mode to run the cleaners but backed off since it's not mine and I didn't have time to get married to the problem right then. I expect a follow up report from them this weekend or after they get a router. I took a quick look in msconfig but nothing jumped off the screen. There were 36 processes and nothing looked odd.
I have no plans to bust down their door, but if they ask I'll go back and run the cleaners in safe mode. If that doesn't work I can try HijackThis and see if I can decipher what it tells me. I just thought I would tap the AT brain trust for some more ideas. If I find it I'll report back. Thanks everyone!
Ahhh!!!! Maybe Zone Alarm! I don't suppose it would tell me about a redirect but it might tell me if something other than IE was trying to get out. Wish I had thought of that at the time.
Try disabling/uninstalling ZoneAlarm and just using the built-in Windows XP firewall… Almost sounds like somehow ZoneAlarm is blocking connections using the public, external IP address, but allowing connections when the computer has the private IP address from the router.
JW
Re:Originally posted by: guy
You sound like you're on the right track. My guess would be an open relay or trojan using the upstream bandwidth when you have a public ip on the laptop creating the ploss.
Have you tried msconfig trick? Safe mode with networking? Try a different browser (ff/opera?) Sounds really screwy but you've already isolated it down to their desktop. NAT behind a router is fine for me, but it still doesn't fix the initial problem. If you find out check back in and let us inquiring minds know.
It's a puzzle. Tried it with Firefox and got the same thing as pinging from the cmd window – 75 to 100% packet loss on the modem but it works perfect with the router. I tried another Motorola SB they had from a previous address… called it in and it linked right up but the problem remained.
I almost started it in safe mode to run the cleaners but backed off since it's not mine and I didn't have time to get married to the problem right then. I expect a follow up report from them this weekend or after they get a router. I took a quick look in msconfig but nothing jumped off the screen. There were 36 processes and nothing looked odd.
I have no plans to bust down their door, but if they ask I'll go back and run the cleaners in safe mode. If that doesn't work I can try HijackThis and see if I can decipher what it tells me. I just thought I would tap the AT brain trust for some more ideas. If I find it I'll report back. Thanks everyone!
Ahhh!!!! Maybe Zone Alarm! I don't suppose it would tell me about a redirect but it might tell me if something other than IE was trying to get out. Wish I had thought of that at the time.
Re:You sound like you're on the right track. My guess would be an open relay or trojan using the upstream bandwidth when you have a public ip on the laptop creating the ploss.
Have you tried msconfig trick? Safe mode with networking? Try a different browser (ff/opera?) Sounds really screwy but you've already isolated it down to their desktop. NAT behind a router is fine for me, but it still doesn't fix the initial problem. If you find out check back in and let us inquiring minds know.
Re:Try this – unplug the cable moden for about 30 minutes or so and then try it again.
Re:The IP that starts with 60. is a Public IP, the IP that starts with 192. is a private LAN IP that is used passed a Cable/DSL Router.
When a Router is used, the Router does the authentication. When the computer is directly on the Modem, the computer has to authenticate. In other words your comparison as though it is an IP number issue is not the issue.
:sun:
Re:It's DHCP so with everything else being the same but the IP's it looks strange that one will work and the other won't. Since it works perfect with a router I think that's what they are are going to get. It doesn't fix the problem but it will get them around it for now, plus provide some extra security. Thanks
Re:Assuming that the Hardware is OK.
Opitimize the TCP/IP Stack, Optimizing & Measuring the "Speed" of Internet Connection. (http://www.ezlan.net/Internet_Speed.html)
Call the ISP and find out what is the authentication (password) scheme.
:sun:
P.S No matter what tell the nice people to spend $10-$20 and buy a Router, if nothing else it would provide NAT Firewall,a nd would keep the connetion alive.
Re:If their laptop works fine on other connections and with other routers, and your computer works fine with their modem, then the problem has to be a compatibility (or configuration) issue between their modem and their laptop.
I'm not sure what could be causing the problem, but personally, I'd just put a simple home broadband router in place and be done with it since the router will give them some firewall protection that they don't have when connected directly to the modem and the laptop works normally when connected to a router.
Related posts
Tags: mcafee stinger, trend micro housecall