Weird DNS Issue on XP

2

2

I've been having a strange, intermittent issue that I think is tied to DNS. It's hard to describe exactly, so I'm just going to list what's happened.

  • I first noticed it with Facebook a few months ago. Once in a while, every request to Facebook would resolve to MySpace. Watching Firefox's traffic via LiveHttpHeaders, there didn't seem to be a browser redirect going on. Trying to request the site in any other browser also redirected to MySpace. I deleted all cookies tied to either site in Firefox, flushed DNS, but nothing happened. Just had to wait for it to go away.
  • It's started happening with Twitter as well. As an example, today Twitter started resolving to some spammy-looking Blogger blog. However, in this case it was only happening in Chrome, not happening in IE-- I switched browsers a few weeks ago, which makes it doubly frustrating (and makes me suspect something lower-level than the browser). However, I did import all passwords, favorites, etc from Firefox to Chrome

Flushing DNS and restarting the browser fixes the problem some times, but in other cases I just have to wait and see. Searching the site, I came across a question that suggested using the ICSI Netalyzr. The report threw up two red flags:

  1. A detected in-network HTTP cache incorrectly caches information
  2. Your DNS resolver returns results even when no such server exists

And two warnings:

  1. Network packet buffering may be excessive
  2. A detected in-network HTTP cache exists in your network

Do any of these sound like a possible culprit? Red flag #2 is just Comcast being skeevy. Looks like #1 is much the same.

Tom

Posted 2010-01-05T21:50:08.087

Reputation: 627

Answers

4

I would say, first off, do any other machines on your network do the same thing?

If the answer is yes, you may want to change the DNS providers/servers on your router to something such as OpenDNS or Google DNS.

If the answer is no, check your Hosts file located at c:\windows\system32\drivers\etc\hosts and make sure there are only entries for localhost (and any others that you created).

After this, if you are still having trouble, again try changing the DNS provider.

Next, again try restarting your router or restoring to factory settings (just in case) something is chached there.

Finally, if still having trouble, I would suspect that something is going on at your ISP and it will be out of your control to change it.

William Hilsum

Posted 2010-01-05T21:50:08.087

Reputation: 111 572

+1 for OpenDNS, try that one. If the issue vanishes, it's the DNS from your provider (either broken or poisoned). – Bobby – 2010-01-05T22:13:30.147

Also check for some spyware/malware which could rewrite the hosts file. Do you have any proxy server setup ? – jfmessier – 2010-01-05T23:31:41.970

No proxy server, no weird entries in hosts. I've still got my main DNS as Comcast (the secondary has been Google for a while, probably changed in the middle of this). I'll swap it over to Google or OpenDNS completely tomorrow once @comcastcares responds to my question about this. – Tom – 2010-01-06T03:31:24.807

Asked: 2010-01-05T21:50:08.087

Viewed: 188 times

Active: 2011-07-11T08:53:20.740