New Contributor
•
6 Messages
Cox DNS servers not working with Google Search
My troubles involve not being able to do a google search on firefox. I cannot google search on firefox on any computer in the house, or on my iphone and ipods. When I type in www.google.com into the address bar it says it failed to connect, or the security certificate doesn't belong to google, it belings to *.apple.com. I can do a search on bing and yahoo, and go to any other website just by typing in the address. but whenever I try to go to www.google.com or just google.com (firefox automatically goes to www.google.com) it wouldnt' work.
I then did a ping on www.google.com and found the ip address. I did another ping on just google.com and found its a totally different domain. the IP addresses looked totally different. I did an iplookup on the bad www.google.com ip address and found it belongs to apple.com. that explains the bad security certificate belonging to apple.
I then went into my router and changed to a Static dns settings to open dns as primary and google dns as backup and reran my pings and now www.google.com and google.com point to the same domain. the ip adresses look similar.
Someone has hacked into the Cox DNS system and change the search of www.google.com to an invalid IP. I dont have the IP as I think I've fixed the issue, but if It comes back as an issue I'll post it here.
ChrisL
Former Moderator
•
7.1K Messages
13 years ago
There was a DNS changer virus going around that in some cases could access your router via macro and change your DNS server settings. I see you mentioned you changed your static DNS server addresses to open DNS and Google. Do you happen to remember what values you were configured static before you made that change?
0
0
mattcoaz
New Contributor
•
6 Messages
13 years ago
now I am at home, on cox high speed internet I have opendns as my dns engine and I'm trying to go to www.google.com and I get a security alert that the certificat doesnt' belong to google, but rather belongs to yahoo.
Technical Details
www.google.com uses an invalid security certificate.
The certificate is only valid for the following names:
yql.yahooapis.com , internal.query.yahoo.com , livestand.query.yahoo.com , locdrop.query.yahoo.com , mas.query.yahoo.com , pipesdb.yql.yahooapis.com , rush.query.yahoo.com , rush.yql.yahooapis.com , social.yql.yahooapis.com , sports.query.yahoo.com , ucs.query.yahoo.com , ugc.query.yahoo.com , mail.query.yahoo.com , globalmedia.yql.yahooapis.com , search.query.yahoo.com , auth.query.yahoo.com , apps.auth.query.yahoo.com , finance.query.yahoo.com , mobile-news.query.yahoo.com , autos.query.yahoo.com , analytics.query.yahoo.com , intonow.yql.yahooapis.com , reputation.yql.yahooapis.com , ucsnotif.query.yahoo.com , apple-mobile.query.yahooapis.com , mobileweather.yql.yahooapis.com , yapapp.yql.yahooapis.com , mobileposse.yql.yahooapis.com , media.query.yahoo.com , globalmedia.query.yahoo.com , searchx.query.yahoo.com , cricket.yql.yahooapis.com , answers.yql.yahooapis.com , mailapps.query.yahoo.com , videoplayer.query.yahoo.com , feeds.video.query.yahoo.com , myyqldb.query.yahoo.com , Hls.video.query.yahoo.com , xbox.video.query.yahoo.com
I know opendns is working because when I put something invalid in the address window like mixelplick I get the opendns website.
but everything is going to yahoo for the certificate so its not loading.
I'm opening the google chrome browser and it too is going to yahoo developer debug when I go to the www.google.com website.
why is that happening.
I"m pinging www.google.com and I get the ip address 98.139.43.115
I ping google.com and I get 74.125.224.201
Pinging www.google.com [98.139.43.115] with 32 bytes of data:
Reply from 98.139.43.115: bytes=32 time=37ms TTL=54
Reply from 98.139.43.115: bytes=32 time=37ms TTL=54
Reply from 98.139.43.115: bytes=32 time=36ms TTL=54
Reply from 98.139.43.115: bytes=32 time=37ms TTL=54
Ping statistics for 98.139.43.115:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 36ms, Maximum = 37ms, Average = 36ms
C:\Documents and Settings\daddy>ping google.com
Pinging google.com [74.125.224.201] with 32 bytes of data:
Reply from 74.125.224.201: bytes=32 time=23ms TTL=55
Reply from 74.125.224.201: bytes=32 time=22ms TTL=55
Reply from 74.125.224.201: bytes=32 time=22ms TTL=55
Reply from 74.125.224.201: bytes=32 time=47ms TTL=55
Ping statistics for 74.125.224.201:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 22ms, Maximum = 47ms, Average = 28ms
why has yahoo taken over my dns settings.
looking at my router.
I changed my dns on my router to be 8.8.8.8 and nothing else, then refreshed the dns on my computer and now google is working again.
something is affecting the dns servers.
0
0
mattcoaz
New Contributor
•
6 Messages
13 years ago
google was working fine earlier this evening, now its 11pm local time and I'm getting invalid www.google.com results.
when I ping www.google.com I'm getting an invalid IP address
Pinging www.google.com [17.172.192.78] with 32 bytes of data:
Request timed out.
Request timed out.
Ping statistics for 17.172.192.78:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
I'm using Cox DNS services
68.105.28.11
Why? cox why?
0
0
mattcoaz
New Contributor
•
6 Messages
13 years ago
local DNS cache poisoning.
explained here
http://www.youtube.com/watch?v=1d1tUefYn4U
running the dos command
ipconfig /displaydns
would show me several dns entries that were false.
flushing the dns with the command
ipconfig /flushdns
would flush the dns and get rid of all the poisoned entries.
I found the solution here
http://support.microsoft.com/kb/318803
so far so good.
0
0