anyone experience weirdness in the internet lately.

here in our office, there are several pc with public ip (with personal firewall). other pc is behind firewall and can browse thru a proxy. the proxy is behind the firewall.

what we notice, those pc with public ip are experiencing difficult to browse sites. there are sites that can be browse the others not. luckily GSO is one of those that can be browse.

but those that are using proxy are not experiencing such problem. they can browse most of the sites.

any comments.

I get asked this lot. So I tell them "No the Internet is not stuffed! Your computer is stuffed! Okay maybe I don't say that but i do think it. Sorry

This is a very open question tikbalang. Could be so many things pal. Could be your DNS servers, your link, your telco, or more likely your ISP.

Always go back to the basics when having connectivity issues.
1. Can you ping?
2. Can you perform nslookups?
3. Where can you traceroute to???

You'll be surrpised how much they can help.

what makes me think weird is the facts that those pc with public ip works fine before, then all of a sudden it happens.

but what makes the pc behind firewall and using the proxy didnt experience that same problem.

if its the link or telco related problem, its all or nothing experience.

and why there are some sites that can be browse. other not.

prolly something wrong with your line. call your isp.

the pc who connect to the net thrue the proxy get a lot of data from its cashe, if it is an cashing enabled proxy. this could be an explanation.

Check if nothing is eating your bandwith. Here is a noob example but in case u are used as scanbot/botnet (the pc's directly connected to the net) is wil give u timeouts to sites if they scan @ high treading. I mean could be some kind of infection, from wich the pc's behind the fire and proxy escaped.

Is your computer fully secured? If it has a public ip it could be vulnerable to a remote attack.

Make sure your comptuer it up to date and that you are using a secure password.
hxxp://geodsoft.com/howto/password/common.htm

Personaly i just firewall all windows default ports, i strongly suggest doing this if you can.

Peace out

the cashe in the proxy are updated. we tested this several times. no problem here.

those pc with public ip is protected by AV and personal firewall. mine is using bit defender and outpost.

what i notice that my outpost is reporting a DOS attack, which i think might be the cause. but i'm getting others opinion.

other fw also notice that DOS and report it to our log.

if the computers with the public ip have a local site blocking active (like Norton Internet Security) then this is quite normal and can be deactivated only sites with some dangeroeus contents are blocked (fortunately GSO is not one of them)

wish it was that features.

but its not. before without any changes its working fine. then all of a sudden not.

i dont think its anything to do with the firewall installed, since we tested by deactivating it and still same problem.

i think i know what's wrong now.

its the DNS, appending extra information of the clients request.

example:
user requested www.yahoo.com
the tcpdump on the DNS the request is something like www.www.yahoo,com.net



i'm still not that certain what happen, but i think its the patch we loaded.