6
1
My computer suddenly couldn't access some websites anymore like ucla.edu or mrbluesummers.com. When I try and ping those sites it simply returns "General failure." I ran Wireshark and discovered that it first retrieves the IP from DNS (the correct IP BTW) but then, unlike other sites it doesn't send out the ping.
I then tried a bunch of things including: every virus scan known to man, checked hosts file, changed DNS, flushed any and all kinds of caches from TCP stack to browser cache, fiddled with MTU, changed network adapters, changed network, scanned system files, disabled any and all firewalls/securities and more stuff that I'm forgetting right now. None of it worked.
All the other computers in the same network can connect to those sites fine, I booted from a live CD and I could access them, going through a proxy also works. It's just the combination of this windows and those IP addresses that don't work. At this point I know that the easiest solution would be to just re-install Windows but all the digging got me curious and I want to find out what is wrong.
I tried fiddling with the IP addresses I can't access to see if there is any pattern to them, AFAIK only the first 2 bytes matter. Since the failure message was rather specific I was able to write a little program that would ping all combinations of the first 2 bytes in an IPv4 addresses and to record the ones that cause this "general failure". They are as follows:
62.128 |
62.213 |
65.52 |
65.53 |
65.54 |
65.55 |
67.192 |
94.245 |
98.129 |
119.254 |
119.255 |
128.32 |
128.54 |
128.97 |
128.111 |
128.114 |
128.120 |
128.125 |
128.200 |
128.218 |
128.221 |
128.222 |
128.240 |
129.65 |
130.226 |
131.107 |
131.179 |
132.239 |
132.241 |
143.127 |
149.20 |
149.142 |
152.62 |
155.64 |
157.54 |
157.56 |
157.57 |
157.58 |
157.59 |
157.60 |
161.69 |
164.67 |
166.98 |
167.10 |
168.159 |
169.228 |
169.231 |
169.233 |
169.233 |
169.234 |
169.235 |
169.236 |
169.237 |
194.30 |
198.188 |
204.68 |
204.95 |
205.155 |
207.46 |
209.85 |
213.220 |
216.121
They look rather specific to me, like something a virus would do but why..? The sites those lead to seem extremely random.
relative specs: Windows 7, network card integrated on p9x79, Thomson tg784 router, ADSL2+ connection type
Jake Freelander
Posted 2013-03-21T10:45:36.373
Reputation: 161
As this isn't a programming issue, it's offtopic for StackOverflow, and better suited to SuperUser.com. Your question will most likely be automatically migrated in short order! – Dan Puzey – 2013-03-21T10:47:24.037
1Most likely you have your
hostsfile edited by a malware. – None – 2013-03-21T10:48:05.480Have you tried checking your windows error logs to see if they have something? – prateek61 – 2013-04-02T11:43:26.067
Can you ping the ip addresses if you type in the decimal notation i.e. ping 155.64.2.3 or are you getting the same error as ping ucla.edu ? – Riccardo Zorn – 2013-09-05T19:06:47.097
I agree with @Vesper. This can possibly happen when the host file is edited. To confirm it, just open this file in notepad and check for host entires for the sites you are having issues with: C:\Windows\System32\drivers\etc\hosts – Prahlad Yeri – 2013-09-06T17:02:06.507
1According to his question, he already looked at his hosts file. Given you can get to some sites says your NIC is OK, but possibly misconfigured. Look at your IP settings (ipconfig /all) and maybe run the troubleshooter from Windows. – uSlackr – 2013-10-10T13:02:37.110
1Is there some protection(antimalware/antivirus/firewall) in place ? Some of these IPs could have been reported as dangerous – maiklos – 2013-10-19T07:45:00.300