J
Jeff Johnson
[I'll try not to be long-winded, but I bet I'll fail.]
I'm having routing issues, and I believe the problem is with my ISP's DNS
servers or upstream. For example, today I might go to the Web site
www.xyz.com and I'll get 21.22.23.111 for an IP address and get to the site
just fine. Tomorrow (or even an hour later!) I'll refresh the site and get
an "Internet Explorer cannot display the Web page" error. A ping or tracert
will tell me that now www.xyz.com is at 21.22.0.5. Flushing the DNS cache
will do nothing (I've tried), and performing an nslookup will also return
the bogus address. A few hours later I'll get the good address again. If
it's a site I'm particularly interested in I'll just put it in my HOSTS file
and hope it doesn't change.
Here's where the problem gets worse. I play an online game, and it
apparently does a DNS lookup to find its server. Sometimes it gets a good
address, sometimes it doesn't. I know what the good IP address is, but the
problem is that I don't know what host name the program is looking up, so I
can't put this address in my HOSTS file.
To this end I'm hoping to find some sort of monitoring program or "sniffer"
or whatever that can tell me all the DNS requests being made by my computer,
or, preferrably, by a single process. I'm sure these things exist, because
that's what people use to track what malware is trying to do.
Oh, one other thing: I'm looking for freeware. This problem is annoying, but
it's not worth spending money on. Any suggestions?
(I suppose in the worst case scenario I could set up a DNS server on my
machine, tell it to forward all requests to my real DNS servers, and then
check the logs.)
I'm having routing issues, and I believe the problem is with my ISP's DNS
servers or upstream. For example, today I might go to the Web site
www.xyz.com and I'll get 21.22.23.111 for an IP address and get to the site
just fine. Tomorrow (or even an hour later!) I'll refresh the site and get
an "Internet Explorer cannot display the Web page" error. A ping or tracert
will tell me that now www.xyz.com is at 21.22.0.5. Flushing the DNS cache
will do nothing (I've tried), and performing an nslookup will also return
the bogus address. A few hours later I'll get the good address again. If
it's a site I'm particularly interested in I'll just put it in my HOSTS file
and hope it doesn't change.
Here's where the problem gets worse. I play an online game, and it
apparently does a DNS lookup to find its server. Sometimes it gets a good
address, sometimes it doesn't. I know what the good IP address is, but the
problem is that I don't know what host name the program is looking up, so I
can't put this address in my HOSTS file.
To this end I'm hoping to find some sort of monitoring program or "sniffer"
or whatever that can tell me all the DNS requests being made by my computer,
or, preferrably, by a single process. I'm sure these things exist, because
that's what people use to track what malware is trying to do.
Oh, one other thing: I'm looking for freeware. This problem is annoying, but
it's not worth spending money on. Any suggestions?
(I suppose in the worst case scenario I could set up a DNS server on my
machine, tell it to forward all requests to my real DNS servers, and then
check the logs.)