Hi, I appear to have lost DNS functionality on my W2K box. No problem to get to a URL (e.g., 126.96.36.199), but dns does not work. A linux box on the same oruter has no problem whatsoever. It just quit last night - worked at 7 p.m., but not at 9:15. Did an ipconfig release tne a renew, no improvement. Rebooted, still no improvement.
Because Zonealarm is vulnerable against the SelfDoS attack, this is possible.
i.e. also Zonealarm blocks any communication with a host, which tries to "attack". Just a simple TCP SYN packet for opening, say, a typical socket some Trojan horses are using, makes Zonealarm to block any traffic with this host for the next minutes.
Even if the sender IP of this SYN cookie was spoofed to the IP of the DNS server ;-)
If the Linux box works at the same time the w2k box can't, that certainly would be a good place to check. Depending on what your local network configuration is (hub verses switch used to share the Internet connection), you might be able to run '/usr/sbin/tcpdump -n' on the Linux box - watching packets from the w2k box to the router (thence to the world). If so, do you see DNS queries to port 53 of a valid name server? Do you see reply attempts. The DNS would be using UDP, rather than TCP.
One assumes you can read through typos - if you can't, I can translate that for you. The last sentence should read
"A linux box on the same router has no problem whatsoever."
So, while the windoze box can't resolve names, another system running on the same connection has no problem.
Charles, it really helps if you read the posts.
So, you believe the Comcast - a rather large cable provider with about TWENTY FOUR MILLION IP ADDRESSES has "one" DNS server? That's a pretty large number of eggs to put into one basket. I know that Comcast is quite incompetent, but I doubt they are THAT st00pid. Maybe you have a slight configuration problem, as I have no problem identifying ten different servers, and I'm not even looking for the "customer only" servers that you should have access to IN ADDITION TO the ones I find.
Maybe you should consider switching to AOL - I'm told that their software is much easier to use, and you don't have to worry about complicated things like IP addresses, and configuring that technical stuff.
The have three of them, according to information from Sam Spade, which checks various registation databases. On rare occasion, all three DNS servers will go down, though that has not happened in several months.
Charles - in the section that followed the about I mentioned finding TEN, and I'm not even trying hard. You've got to learn that toy tools provide toy answers - incomplete ones to be sure.
No, that's much more likely a screwed up configuration on your firewall, as the servers are scattered across several different netblocks that I can see, and the names suggest they are located in Los Angeles, Denver, Fairfax, Philadelphia, and Boston (at least).