Suddenly unable to connect to one website
Beginning a couple days ago, I suddenly am unable to view the www.jamendo.com website. I also cannot play any songs from Jamendo in Rhythmbox (but the catalog does download). When attempting to go to the website, the html downloads and I can view the source, but the connection is hanging on a link at the top of the page to cdn.imgjam.com. I tried connecting to that site with wget (using the same link), and it fails to connect. Other machines (running Windows) on the same network can connect to that site with no problems. I can also ping the cdn site, and complete a traceroute. Can't get meaningful info from wireshark or tcpdump, though I'm rather amateur at reading both of those, so I may be missing something.
Any information will be greatly appreciated. Thanks!
Question information
- Language:
- English Edit question
- Status:
- Solved
- For:
- Ubuntu iproute Edit question
- Assignee:
- No assignee Edit question
- Solved by:
- Mannex
- Solved:
- Last query:
- Last reply:
Revision history for this message
|
#1 |
Are you using a proxy at all?
Revision history for this message
|
#2 |
No. It's even more interesting that I tried it on two different networks. So, the IP isn't blocked. I also tried changing my MAC to see if that was blocked, but no dice.
Additionally, the Jamendo people have responded to me that the cnd.imgjam.com site actually points (i.e. redirects) to an Amazon Cloud site, where all their images are stored. I opened an issue with them as well, but I was hoping to hear that someone else on Ubuntu had encountered the problem.
Revision history for this message
|
#3 |
Have you tried opening the stream with a different app. Glad you are asking the provider too and reporting progress here. This may help others.
Revision history for this message
|
#4 |
Yes, tried three different browsers as well as a simple wget from the cli. Hangs on all of them. Someone just categorized this as a Firefox issue, and I don't think that's correct, since it also does it in Google Chrome and Seamonkey (and wget).
Yes, I hope when this is finally resolved that it will help someone! Thanks.
Revision history for this message
|
#5 |
Perhaps this is a DNS problem.
What error do you get in web browsers / wget when you try to access the website?
Please also run this command in the Terminal (Ctrl+Alt+T / Applications > Accessories > Terminal), then select all the text in the Terminal (Edit > Select All), copy it to the clipboard (Edit > Copy), and paste it here:
ping -c 5 www.jamendo.com; ping -c 5 81.92.227.170
(The best way to avoid typos is to copy and paste that command into the Terminal rather than typing it in manually--that's also faster and easier.)
Revision history for this message
|
#6 |
Eliah, thanks for the suggestions on getting more info.
The web browsers simply hang. They appear to still be loading the web page, but indefinitely. When I run wget on the url for the image that hangs, it also seems to hang, then after a very long time it yields a timeout error.
As reported earlier, I can ping the site, and a traceroute succeeds as well. Here are the results of the ping you suggested:
mannex@Leviathan:~$ ping -c 5 www.jamendo.com; ping -c 5 81.92.227.170
PING www.jamendo.com (81.92.227.170) 56(84) bytes of data.
64 bytes from pound1.neofacto.lu (81.92.227.170): icmp_req=1 ttl=53 time=173 ms
64 bytes from pound1.neofacto.lu (81.92.227.170): icmp_req=2 ttl=53 time=177 ms
64 bytes from pound1.neofacto.lu (81.92.227.170): icmp_req=3 ttl=53 time=175 ms
64 bytes from pound1.neofacto.lu (81.92.227.170): icmp_req=4 ttl=53 time=172 ms
64 bytes from pound1.neofacto.lu (81.92.227.170): icmp_req=5 ttl=53 time=179 ms
--- www.jamendo.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4003ms
rtt min/avg/max/mdev = 172.611/
PING 81.92.227.170 (81.92.227.170) 56(84) bytes of data.
64 bytes from 81.92.227.170: icmp_req=1 ttl=53 time=179 ms
64 bytes from 81.92.227.170: icmp_req=2 ttl=53 time=173 ms
64 bytes from 81.92.227.170: icmp_req=3 ttl=53 time=317 ms
64 bytes from 81.92.227.170: icmp_req=4 ttl=53 time=178 ms
64 bytes from 81.92.227.170: icmp_req=5 ttl=53 time=180 ms
--- 81.92.227.170 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4003ms
rtt min/avg/max/mdev = 173.410/
mannex@Leviathan:~$
Hope this helps. Thanks again!
-Mannex
Revision history for this message
|
#7 |
Also, please note that neither of the pings above is actually the problematic site (as far as the network is concerned); the html file at that site loads correctly, but is not displayed because of a link in that file to the cdn.imgjam.com site. Thus, what you may have actually wanted was to see the attempted wget:
mannex@
--2011-04-20 12:00:29-- http://
Resolving cdn.imgjam.com... 216.137.37.66, 216.137.37.75, 216.137.37.90, ...
Connecting to cdn.imgjam.
Which eventually times out after a very long time. Now, a ping of THAT ip:
mannex@
PING 216.137.37.66 (216.137.37.66) 56(84) bytes of data.
64 bytes from 216.137.37.66: icmp_req=1 ttl=53 time=61.0 ms
64 bytes from 216.137.37.66: icmp_req=2 ttl=53 time=19.3 ms
64 bytes from 216.137.37.66: icmp_req=3 ttl=53 time=45.1 ms
64 bytes from 216.137.37.66: icmp_req=4 ttl=53 time=24.4 ms
64 bytes from 216.137.37.66: icmp_req=5 ttl=53 time=35.4 ms
64 bytes from 216.137.37.66: icmp_req=6 ttl=53 time=64.0 ms
64 bytes from 216.137.37.66: icmp_req=7 ttl=53 time=15.9 ms
^C
--- 216.137.37.66 ping statistics ---
7 packets transmitted, 7 received, 0% packet loss, time 6006ms
rtt min/avg/max/mdev = 15.951/
Which appears good (despite my rather slow network response times), and a traceroute:
mannex@
traceroute 216.137.37.66
traceroute to 216.137.37.66 (216.137.37.66), 30 hops max, 60 byte packets
1 rohn4014.
2 192.168.127.3 (192.168.127.3) 25.639 ms 27.355 ms *
3 * * *
4 * * te-9-2-
5 te-1-4-
6 * * pos-1-7-
7 xe-5-2-
8 ae-32-90.
9 AMAZON.
10 * * *
11 * * *
12 server-
mannex@
The last address there is the amazon cloudfront site, where Jamendo stores all their images. That's why their site is linking to the amazon site. It is apparently at the amazon site that the browser (and wget) hangs. That's why I also opened a trouble ticket with Amazon, even though they report no problems or outages (propaganda!).
Hope that helps.
Revision history for this message
|
#8 |
Additional info: I ran an nmap and this is the result:
mannex@Leviathan:~$ nmap cdn.imgjam.com
Starting Nmap 5.21 ( http://
Hostname cdn.imgjam.com resolves to 8 IPs. Only scanned 216.137.37.131
Note: Host seems down. If it is really up, but blocking our ping probes, try -PN
Nmap done: 1 IP address (0 hosts up) scanned in 3.23 seconds
mannex@Leviathan:~$
The part that bothers me is the "resolves to 8 IPs" part. When I ping the address it tried (and claimed it couldn't ping), I get:
mannex@Leviathan:~$ ping 216.137.37.131
PING 216.137.37.131 (216.137.37.131) 56(84) bytes of data.
64 bytes from 216.137.37.131: icmp_req=1 ttl=53 time=63.8 ms
64 bytes from 216.137.37.131: icmp_req=2 ttl=53 time=16.9 ms
64 bytes from 216.137.37.131: icmp_req=3 ttl=53 time=25.6 ms
64 bytes from 216.137.37.131: icmp_req=4 ttl=53 time=18.5 ms
64 bytes from 216.137.37.131: icmp_req=5 ttl=53 time=101 ms
^C
--- 216.137.37.131 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4005ms
rtt min/avg/max/mdev = 16.961/
mannex@Leviathan:~$
Looks like the ping is working for me, so why is nmap having a problem with it? Could this be part of the problem?
Revision history for this message
|
#9 |
I'm not sure why a simple ping is working but nmap's "ping scan" isn't. nmap's ping scan is not the same as a simple ping, but it should include one. Or maybe it doesn't include the actual ping if you don't run it as root (only probing ports 80 and 443).
Try running these commands:
nslookup cdn.imgjam.com
sudo nmap -sS -sV -O -vv 204.246.169.145 204.246.169.157 204.246.169.171 204.246.169.175 204.246.169.191 204.246.169.250 204.246.169.60 204.246.169.133
(The second of those commands, which starts with "sudo", should be entered as a single command. Furthermore, if those are not the 8 IP addresses you get from nslookup, then [1] that would be strange, and [2] replace them with the IP addresses you do get.)
Then please copy all the text from the Terminal starting with the line where you entered the nslookup command, and paste it here. (This will probably be about 300 lines, but if it ends up being much more--for example, if most of the output is nmap giving status messages and/or telling you it's automatically slowing itself down to reduce accuracy--then you could alternatively post it at http://
Revision history for this message
|
#10 |
I found it odd that the two pings were different, but as you say, perhaps they are doing something different.
Interestingly, I received different IP addresses than those you suggested. Might that be the problem? Could I be referring to some bogus name server? However, I tried this on two different networks (serviced by two different service providers), so I think that would be statistically unlikely.
Apologies on the slow response; my network is often slower than dialup (but it's free, so my complaints are at a minimum :) It's difficult to explain, but there is a major thoroughfare between my wireless node and my machine, so as traffic (i.e. automobiles) increases, the network decreases.
Here are the results of your request:
mannex@Leviathan:~$ nslookup cdn.imgjam.com
Server: 192.168.1.1
Address: 192.168.1.1#53
Non-authoritative answer:
cdn.imgjam.com canonical name = d17p4ic5t6hlcg.
d17p4ic5t6hlcg.
Name: d17p4ic5t6hlcg.
Address: 216.137.37.9
Name: d17p4ic5t6hlcg.
Address: 216.137.37.15
Name: d17p4ic5t6hlcg.
Address: 216.137.37.4
Name: d17p4ic5t6hlcg.
Address: 216.137.37.51
Name: d17p4ic5t6hlcg.
Address: 216.137.37.187
Name: d17p4ic5t6hlcg.
Address: 216.137.37.30
Name: d17p4ic5t6hlcg.
Address: 216.137.37.165
Name: d17p4ic5t6hlcg.
Address: 216.137.37.243
mannex@
Starting Nmap 5.21 ( http://
NSE: Loaded 4 scripts for scanning.
Initiating Ping Scan at 17:36
Scanning 8 hosts [4 ports/host]
Completed Ping Scan at 17:36, 0.06s elapsed (8 total hosts)
Initiating Parallel DNS resolution of 8 hosts. at 17:36
Completed Parallel DNS resolution of 8 hosts. at 17:36, 0.04s elapsed
Initiating SYN Stealth Scan at 17:36
Scanning 8 hosts [1000 ports/host]
sendto in send_ip_packet: sendto(4, packet, 44, 0, 216.137.37.15, 16) => Operation not permitted
Offending packet: TCP 192.168.1.35:60576 > 216.137.37.15:443 S ttl=37 id=64461 iplen=44 seq=329574597 win=2048 <mss 1460>
sendto in send_ip_packet: sendto(4, packet, 44, 0, 216.137.37.4, 16) => Operation not permitted
Offending packet: TCP 192.168.1.35:60576 > 216.137.37.4:443 S ttl=37 id=3476 iplen=44 seq=329574597 win=2048 <mss 1460>
sendto in send_ip_packet: sendto(4, packet, 44, 0, 216.137.37.30, 16) => Operation not permitted
Offending packet: TCP 192.168.1.35:60576 > 216.137.37.30:443 S ttl=54 id=25319 iplen=44 seq=329574597 win=3072 <mss 1460>
sendto in send_ip_packet: sendto(4, packet, 44, 0, 216.137.37.9, 16) => Operation not permitted
Offending packet: TCP 192.168.1.35:60576 > 216.137.37.9:443 S ttl=50 id=47941 iplen=44 seq=329574597 win=3072 <mss 1460>
sendto in send_ip_packet: sendto(4, packet, 44, 0, 216.137.37.243, 16) => Operation not permitted
Offending packet: TCP 192.168.1.35:60576 > 216.137.37.243:443 S ttl=53 id=13450 iplen=44 seq=329574597 win=2048 <mss 1460>
sendto in send_ip_packet: sendto(4, packet, 44, 0, 216.137.37.187, 16) => Operation not permitted
Offending packet: TCP 192.168.1.35:60576 > 216.137.37.187:443 S ttl=42 id=33063 iplen=44 seq=329574597 win=3072 <mss 1460>
sendto in send_ip_packet: sendto(4, packet, 44, 0, 216.137.37.165, 16) => Operation not permitted
Offending packet: TCP 192.168.1.35:60576 > 216.137.37.165:443 S ttl=54 id=14133 iplen=44 seq=329574597 win=3072 <mss 1460>
SYN Stealth Scan Timing: About 46.58% done; ETC: 17:37 (0:00:36 remaining)
adjust_timeouts2: packet supposedly had rtt of 9552470 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 9552470 microseconds. Ignoring time.
Completed SYN Stealth Scan against 216.137.37.15 in 83.06s (7 hosts left)
Completed SYN Stealth Scan against 216.137.37.187 in 84.95s (6 hosts left)
Completed SYN Stealth Scan against 216.137.37.243 in 86.10s (5 hosts left)
Completed SYN Stealth Scan against 216.137.37.4 in 88.50s (4 hosts left)
Completed SYN Stealth Scan against 216.137.37.30 in 88.56s (3 hosts left)
Completed SYN Stealth Scan against 216.137.37.51 in 88.59s (2 hosts left)
Completed SYN Stealth Scan against 216.137.37.9 in 88.78s (1 host left)
Completed SYN Stealth Scan at 17:38, 89.01s elapsed (8000 total ports)
Initiating Service scan at 17:38
Initiating OS detection (try #1) against 8 hosts
sendto in send_ip_packet: sendto(4, packet, 60, 0, 216.137.37.9, 16) => Operation not permitted
Offending packet: TCP 192.168.1.35:60679 > 216.137.37.9:34844 FPU ttl=53 id=54181 iplen=60 seq=35554053 win=65535 <wscale 15,nop,mss 265,timestamp 4294967295 0,sackOK>
sendto in send_ip_packet: sendto(4, packet, 60, 0, 216.137.37.15, 16) => Operation not permitted
Offending packet: TCP 192.168.1.35:60679 > 216.137.37.15:41211 FPU ttl=54 id=55786 iplen=60 seq=35554053 win=65535 <wscale 15,nop,mss 265,timestamp 4294967295 0,sackOK>
sendto in send_ip_packet: sendto(4, packet, 60, 0, 216.137.37.4, 16) => Operation not permitted
Offending packet: TCP 192.168.1.35:60679 > 216.137.37.4:39902 FPU ttl=37 id=63883 iplen=60 seq=35554053 win=65535 <wscale 15,nop,mss 265,timestamp 4294967295 0,sackOK>
Omitting future Sendto error messages now that 10 have been shown. Use -d2 if you really want to see them.
Retrying OS detection (try #2) against 8 hosts
NSE: Script scanning 8 hosts.
NSE: Script Scanning completed.
Nmap scan report for server-
Host is up (0.061s latency).
All 1000 scanned ports on server-
Too many fingerprints match this host to give specific OS details
TCP/IP fingerprint:
SCAN(V=
SEQ(II=I)
T6(R=Y%
U1(R=N)
IE(R=Y%
Nmap scan report for server-
Host is up (0.048s latency).
All 1000 scanned ports on server-
Too many fingerprints match this host to give specific OS details
TCP/IP fingerprint:
SCAN(V=
SEQ(II=I)
T6(R=Y%
U1(R=N)
IE(R=Y%
Nmap scan report for server-
Host is up (0.071s latency).
All 1000 scanned ports on server-
Too many fingerprints match this host to give specific OS details
TCP/IP fingerprint:
SCAN(V=
SEQ(II=I)
T6(R=Y%
U1(R=N)
IE(R=Y%
Nmap scan report for server-
Host is up (0.092s latency).
All 1000 scanned ports on server-
Too many fingerprints match this host to give specific OS details
TCP/IP fingerprint:
SCAN(V=
SEQ(II=I)
T6(R=Y%
U1(R=N)
IE(R=Y%
Nmap scan report for server-
Host is up (0.11s latency).
All 1000 scanned ports on server-
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
OS fingerprint not ideal because: Missing an open TCP port so results incomplete
Aggressive OS guesses: 3Com OfficeConnect 3CRWER100-75 wireless broadband router (92%), 3Com OfficeConnect 3CRWER100-75 wireless router (92%), Aastra RFP L32 IP DECT WAP (92%), AirMagnet SmartEdge wireless sensor (92%), Sirio by Alice VoIP phone (92%), Allnet 2210 webcam or Cisco MDS 9216i switch (92%), Aruba 3400 or 6000 wireless LAN controller (ArubaOS 3.3.2) (92%), AXIS 207W Network Camera (92%), AXIS 207 Network Camera (Linux 2.6.16) or 241Q Video Server (92%), AXIS 211A Network Camera (Linux 2.6) (92%)
No exact OS matches for host (test conditions non-ideal).
TCP/IP fingerprint:
SCAN(V=
SEQ(II=I)
T6(R=Y%
T6(R=Y%
U1(R=N)
U1(R=Y%
IE(R=Y%
IE(R=Y%
Network Distance: 12 hops
Nmap scan report for server-
Host is up (0.054s latency).
All 1000 scanned ports on server-
Too many fingerprints match this host to give specific OS details
TCP/IP fingerprint:
SCAN(V=
SEQ(II=I)
T6(R=Y%
U1(R=N)
IE(R=Y%
Nmap scan report for server-
Host is up (0.14s latency).
All 1000 scanned ports on server-
Too many fingerprints match this host to give specific OS details
TCP/IP fingerprint:
SCAN(V=
SEQ(II=I)
T6(R=Y%
U1(R=N)
IE(R=Y%
Nmap scan report for server-
Host is up (0.065s latency).
All 1000 scanned ports on server-
Too many fingerprints match this host to give specific OS details
TCP/IP fingerprint:
SCAN(V=
SEQ(II=I)
T6(R=Y%
U1(R=N)
IE(R=Y%
Read data files from: /usr/share/nmap
OS and Service detection performed. Please report any incorrect results at http://
Nmap done: 8 IP addresses (8 hosts up) scanned in 103.95 seconds
Raw packets sent: 16270 (740.136KB) | Rcvd: 104 (10.078KB)
mannex@
Revision history for this message
|
#11 |
I found it odd that the two pings were different, but as you say, perhaps they are doing something different.
Interestingly, I received different IP addresses than those you suggested. Might that be the problem? Could I be referring to some bogus name server? However, I tried this on two different networks (serviced by two different service providers), so I think that would be statistically unlikely.
Apologies on the slow response; my network is often slower than dialup (but it's free, so my complaints are at a minimum :) It's difficult to explain, but there is a major thoroughfare between my wireless node and my machine, so as traffic (i.e. automobiles) increases, the network decreases.
Here are the results of your request:
mannex@Leviathan:~$ nslookup cdn.imgjam.com
Server: 192.168.1.1
Address: 192.168.1.1#53
Non-authoritative answer:
cdn.imgjam.com canonical name = d17p4ic5t6hlcg.
d17p4ic5t6hlcg.
Name: d17p4ic5t6hlcg.
Address: 216.137.37.9
Name: d17p4ic5t6hlcg.
Address: 216.137.37.15
Name: d17p4ic5t6hlcg.
Address: 216.137.37.4
Name: d17p4ic5t6hlcg.
Address: 216.137.37.51
Name: d17p4ic5t6hlcg.
Address: 216.137.37.187
Name: d17p4ic5t6hlcg.
Address: 216.137.37.30
Name: d17p4ic5t6hlcg.
Address: 216.137.37.165
Name: d17p4ic5t6hlcg.
Address: 216.137.37.243
mannex@
Starting Nmap 5.21 ( http://
NSE: Loaded 4 scripts for scanning.
Initiating Ping Scan at 17:36
Scanning 8 hosts [4 ports/host]
Completed Ping Scan at 17:36, 0.06s elapsed (8 total hosts)
Initiating Parallel DNS resolution of 8 hosts. at 17:36
Completed Parallel DNS resolution of 8 hosts. at 17:36, 0.04s elapsed
Initiating SYN Stealth Scan at 17:36
Scanning 8 hosts [1000 ports/host]
sendto in send_ip_packet: sendto(4, packet, 44, 0, 216.137.37.15, 16) => Operation not permitted
Offending packet: TCP 192.168.1.35:60576 > 216.137.37.15:443 S ttl=37 id=64461 iplen=44 seq=329574597 win=2048 <mss 1460>
sendto in send_ip_packet: sendto(4, packet, 44, 0, 216.137.37.4, 16) => Operation not permitted
Offending packet: TCP 192.168.1.35:60576 > 216.137.37.4:443 S ttl=37 id=3476 iplen=44 seq=329574597 win=2048 <mss 1460>
sendto in send_ip_packet: sendto(4, packet, 44, 0, 216.137.37.30, 16) => Operation not permitted
Offending packet: TCP 192.168.1.35:60576 > 216.137.37.30:443 S ttl=54 id=25319 iplen=44 seq=329574597 win=3072 <mss 1460>
sendto in send_ip_packet: sendto(4, packet, 44, 0, 216.137.37.9, 16) => Operation not permitted
Offending packet: TCP 192.168.1.35:60576 > 216.137.37.9:443 S ttl=50 id=47941 iplen=44 seq=329574597 win=3072 <mss 1460>
sendto in send_ip_packet: sendto(4, packet, 44, 0, 216.137.37.243, 16) => Operation not permitted
Offending packet: TCP 192.168.1.35:60576 > 216.137.37.243:443 S ttl=53 id=13450 iplen=44 seq=329574597 win=2048 <mss 1460>
sendto in send_ip_packet: sendto(4, packet, 44, 0, 216.137.37.187, 16) => Operation not permitted
Offending packet: TCP 192.168.1.35:60576 > 216.137.37.187:443 S ttl=42 id=33063 iplen=44 seq=329574597 win=3072 <mss 1460>
sendto in send_ip_packet: sendto(4, packet, 44, 0, 216.137.37.165, 16) => Operation not permitted
Offending packet: TCP 192.168.1.35:60576 > 216.137.37.165:443 S ttl=54 id=14133 iplen=44 seq=329574597 win=3072 <mss 1460>
SYN Stealth Scan Timing: About 46.58% done; ETC: 17:37 (0:00:36 remaining)
adjust_timeouts2: packet supposedly had rtt of 9552470 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 9552470 microseconds. Ignoring time.
Completed SYN Stealth Scan against 216.137.37.15 in 83.06s (7 hosts left)
Completed SYN Stealth Scan against 216.137.37.187 in 84.95s (6 hosts left)
Completed SYN Stealth Scan against 216.137.37.243 in 86.10s (5 hosts left)
Completed SYN Stealth Scan against 216.137.37.4 in 88.50s (4 hosts left)
Completed SYN Stealth Scan against 216.137.37.30 in 88.56s (3 hosts left)
Completed SYN Stealth Scan against 216.137.37.51 in 88.59s (2 hosts left)
Completed SYN Stealth Scan against 216.137.37.9 in 88.78s (1 host left)
Completed SYN Stealth Scan at 17:38, 89.01s elapsed (8000 total ports)
Initiating Service scan at 17:38
Initiating OS detection (try #1) against 8 hosts
sendto in send_ip_packet: sendto(4, packet, 60, 0, 216.137.37.9, 16) => Operation not permitted
Offending packet: TCP 192.168.1.35:60679 > 216.137.37.9:34844 FPU ttl=53 id=54181 iplen=60 seq=35554053 win=65535 <wscale 15,nop,mss 265,timestamp 4294967295 0,sackOK>
sendto in send_ip_packet: sendto(4, packet, 60, 0, 216.137.37.15, 16) => Operation not permitted
Offending packet: TCP 192.168.1.35:60679 > 216.137.37.15:41211 FPU ttl=54 id=55786 iplen=60 seq=35554053 win=65535 <wscale 15,nop,mss 265,timestamp 4294967295 0,sackOK>
sendto in send_ip_packet: sendto(4, packet, 60, 0, 216.137.37.4, 16) => Operation not permitted
Offending packet: TCP 192.168.1.35:60679 > 216.137.37.4:39902 FPU ttl=37 id=63883 iplen=60 seq=35554053 win=65535 <wscale 15,nop,mss 265,timestamp 4294967295 0,sackOK>
Omitting future Sendto error messages now that 10 have been shown. Use -d2 if you really want to see them.
Retrying OS detection (try #2) against 8 hosts
NSE: Script scanning 8 hosts.
NSE: Script Scanning completed.
Nmap scan report for server-
Host is up (0.061s latency).
All 1000 scanned ports on server-
Too many fingerprints match this host to give specific OS details
TCP/IP fingerprint:
SCAN(V=
SEQ(II=I)
T6(R=Y%
U1(R=N)
IE(R=Y%
Nmap scan report for server-
Host is up (0.048s latency).
All 1000 scanned ports on server-
Too many fingerprints match this host to give specific OS details
TCP/IP fingerprint:
SCAN(V=
SEQ(II=I)
T6(R=Y%
U1(R=N)
IE(R=Y%
Nmap scan report for server-
Host is up (0.071s latency).
All 1000 scanned ports on server-
Too many fingerprints match this host to give specific OS details
TCP/IP fingerprint:
SCAN(V=
SEQ(II=I)
T6(R=Y%
U1(R=N)
IE(R=Y%
Nmap scan report for server-
Host is up (0.092s latency).
All 1000 scanned ports on server-
Too many fingerprints match this host to give specific OS details
TCP/IP fingerprint:
SCAN(V=
SEQ(II=I)
T6(R=Y%
U1(R=N)
IE(R=Y%
Nmap scan report for server-
Host is up (0.11s latency).
All 1000 scanned ports on server-
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
OS fingerprint not ideal because: Missing an open TCP port so results incomplete
Aggressive OS guesses: 3Com OfficeConnect 3CRWER100-75 wireless broadband router (92%), 3Com OfficeConnect 3CRWER100-75 wireless router (92%), Aastra RFP L32 IP DECT WAP (92%), AirMagnet SmartEdge wireless sensor (92%), Sirio by Alice VoIP phone (92%), Allnet 2210 webcam or Cisco MDS 9216i switch (92%), Aruba 3400 or 6000 wireless LAN controller (ArubaOS 3.3.2) (92%), AXIS 207W Network Camera (92%), AXIS 207 Network Camera (Linux 2.6.16) or 241Q Video Server (92%), AXIS 211A Network Camera (Linux 2.6) (92%)
No exact OS matches for host (test conditions non-ideal).
TCP/IP fingerprint:
SCAN(V=
SEQ(II=I)
T6(R=Y%
T6(R=Y%
U1(R=N)
U1(R=Y%
IE(R=Y%
IE(R=Y%
Network Distance: 12 hops
Nmap scan report for server-
Host is up (0.054s latency).
All 1000 scanned ports on server-
Too many fingerprints match this host to give specific OS details
TCP/IP fingerprint:
SCAN(V=
SEQ(II=I)
T6(R=Y%
U1(R=N)
IE(R=Y%
Nmap scan report for server-
Host is up (0.14s latency).
All 1000 scanned ports on server-
Too many fingerprints match this host to give specific OS details
TCP/IP fingerprint:
SCAN(V=
SEQ(II=I)
T6(R=Y%
U1(R=N)
IE(R=Y%
Nmap scan report for server-
Host is up (0.065s latency).
All 1000 scanned ports on server-
Too many fingerprints match this host to give specific OS details
TCP/IP fingerprint:
SCAN(V=
SEQ(II=I)
T6(R=Y%
U1(R=N)
IE(R=Y%
Read data files from: /usr/share/nmap
OS and Service detection performed. Please report any incorrect results at http://
Nmap done: 8 IP addresses (8 hosts up) scanned in 103.95 seconds
Raw packets sent: 16270 (740.136KB) | Rcvd: 104 (10.078KB)
mannex@
Revision history for this message
|
#12 |
The differences in DNS results for you and me might be an indication of a problem, or it might not. In either case, before we begin examining possible problems with your ISP and with the target site, let's examine a couple of things that could be broken on your computer to prevent you from being able to connect to the website.
(1) It appears that your DNS server is running on a NAT router (i.e., your home / office router which enables, or would enable, multiple computers on your LAN to access the Internet through the same external IP address). What happens if you flush its cache (you should be able to do this through its web-based interface) and try again? If this is the problem, then flushing the DNS cache on the router should change the results of nslookup immediately, but it might or might not change the results of ping or of trying to access the site with wget or a web browser (because your local machine's DNS cache might need to be cleared too). I don't think this is the cause of the problem, but it's worth flushing your NAT router's DNS cache to rule it out.
(2) During the scan, there are some interesting messages, like:
endto in send_ip_packet: sendto(4, packet, 44, 0, 216.137.37.15, 16) => Operation not permitted
Offending packet: TCP 192.168.1.35:60576 > 216.137.37.15:443 S ttl=37 id=64461 iplen=44 seq=329574597 win=2048 <mss 1460>
This is typically an indication of a restrictively configured software firewall. A misconfigured firewall (which is not the same as a restrictively configured one, though there is certainly great overlap) could explain your inability to use some services on some sites. Please run this command and post the output:
sudo iptables -L
Revision history for this message
|
#13 |
Thanks again for all the info/assistance.
In regards to #1, normally I use a free wi-fi connection here where I live (i.e. the building manager has a service provider that installed the router). However, it is down and we are waiting on the guy to come out and do something about it. The manager is notoriously apathetic about these things, so I am assuming it won't get fixed. In the meantime (since I've been having this problem), I have been connecting to two different routers: 1 at a business across the street, and 1 at the local library. They are both having this same problem, and I don't have access to either, although the one across the street (where I ran the tests from) IS DEFINITELY restrictive. However, the library router seems much less so. In either case, I have no way to flush the router's cache.
#2: Yes, I know for example that, using my normal router, there are problems with any https pages, but the #2 router described above does not seem to have many restrictions, and is also exhibiting the same problem. For this reason, I suspect there is something on my machine that is causing the problem. Additionally, there are other machines on the #2 router (at the library) that CAN connect to the site. Thus, the suspicion finger is pointing sharply at my machine.
Here is the result of the iptables on my machine (same router as the previous tests - note that "Leviathan" is my machine):
mannex@Leviathan:~$ sudo iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- 192.168.1.1 anywhere tcp flags:!
ACCEPT udp -- 192.168.1.1 anywhere
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere limit: avg 10/sec burst 5
DROP all -- BASE-ADDRESS.
DROP all -- anywhere BASE-ADDRESS.
DROP all -- 255.255.255.255 anywhere
DROP all -- anywhere 0.0.0.0
DROP all -- anywhere anywhere state INVALID
LSI all -f anywhere anywhere limit: avg 10/min burst 5
INBOUND all -- anywhere anywhere
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Input'
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere limit: avg 10/sec burst 5
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Forward'
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- Leviathan 192.168.1.1 tcp dpt:domain
ACCEPT udp -- Leviathan 192.168.1.1 udp dpt:domain
ACCEPT all -- anywhere anywhere
DROP all -- BASE-ADDRESS.
DROP all -- anywhere BASE-ADDRESS.
DROP all -- 255.255.255.255 anywhere
DROP all -- anywhere 0.0.0.0
DROP all -- anywhere anywhere state INVALID
OUTBOUND all -- anywhere anywhere
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Output'
Chain INBOUND (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED
LSI all -- anywhere anywhere
Chain LOG_FILTER (5 references)
target prot opt source destination
REJECT tcp -- anywhere anywhere tcp dpt:51413 reject-with icmp-port-
REJECT udp -- anywhere anywhere udp dpt:51413 reject-with icmp-port-
Chain LSI (2 references)
target prot opt source destination
LOG_FILTER all -- anywhere anywhere
LOG tcp -- anywhere anywhere tcp flags:FIN,
REJECT tcp -- anywhere anywhere tcp flags:FIN,
LOG tcp -- anywhere anywhere tcp flags:FIN,
REJECT tcp -- anywhere anywhere tcp flags:FIN,
LOG icmp -- anywhere anywhere icmp echo-request limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
REJECT icmp -- anywhere anywhere icmp echo-request reject-with icmp-port-
LOG all -- anywhere anywhere limit: avg 5/sec burst 5 LOG level info prefix `Inbound '
REJECT all -- anywhere anywhere reject-with icmp-port-
Chain LSO (0 references)
target prot opt source destination
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere limit: avg 5/sec burst 5 LOG level info prefix `Outbound '
REJECT all -- anywhere anywhere reject-with icmp-port-
Chain OUTBOUND (1 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
mannex@Leviathan:~$
Revision history for this message
|
#14 |
Um... OK, now it works. It suddenly decided to start working. At least at router #2. Will try again at router #1, but even if it doesn't work there, that one's very restrictive, so I would assume the problem was with something on that router. So... without further ado, I think I'll close this. So sorry. The mystery remains. However, I'd like to ask Eliah, how would I flush my local machine's DNS cache? That would be a good thing to know. Thanks, all!
-Mannex (who hates intermittent problems)
Revision history for this message
|
#15 |
False alarm. It seems to have loaded MORE of the page for display, but it's still hanging on the cdn site. Sorry.
Revision history for this message
|
#16 |
Eliah, it seems your suggestion worked. I did a routef (and subsequently lost all my connections -- Doh! Next time, read ALL of the man page first!), and when I reconnected, I the site loads just fine. So, that seems to have solved the problem. Gotta remember that one! Thanks for all the help!
Revision history for this message
|
#17 |
I'm glad to hear you've gotten it to work!
Revision history for this message
|
#18 |
I just wanted to add a comment. This is still solved, but recent news articles are reflecting that Amazon was having problems with their cloud servers causing some web sites to not work correctly. The link involved in this problem was a link to an Amazon cloud server, so I think that was also related to the problem. Either Amazon fixed it just as I did the routef, or the routef just removed an old IP to a machine that was having problems and allowed me to connect to them with a fresh IP (presumably of one of their backups?).
And, so you know, I HAD checked Amazon's site to see if there were any problems being reported at the beginning of this problem, but their green check mark was incredibly non-informational.
FYI.