Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

strange IP problem

Status
Not open for further replies.
bjdobs

bjdobs

Programmer
Joined
Mar 11, 2002
Messages
261
Location
CA
XP HOME

High speed ISP using dynamic IP/DNS ... ipconfig, grc.com and ISP confirm the same IP however PC anywhere host doesn't appear to connect from a remote plus whatismyip.com and whatismyipaddress.com give a different IP address ... there is no proxy and the TCPIP is set for auto IP/DNS

has anyone encountered a problem like this?
 
Sort by date Sort by votes
I can only speak about my ISP NTL in UK. They use the Cable Set Top Boxes to connect you to the Internet at Broadband speeds. This means that although you may not have a proxy installed on your machine, they are using them on their end. This is the IP address that is picked up at the two websites that you mentioned. If you are tring to connect to YOUR pc from another, you should use the IP Address from ipconfig.

You should also check to see if the Microsoft Internet Connection Firewall is enabled, and if so configue access on whatever port PC Anywhere uses.

Take a look at and
Greg Palmer
Free Software for Adminstrators
 
Upvote 0 Downvote
If I drop another PC in place of this one I have no problems with PC Anywhere or whatismyip.com so I don't think this is an ISP issue.

Its almost as if a spoofing process is running on this box ... Trojan? Virus? Both PC's that I am using have XP and NIS firewalls ... PCA is set up identically on both machines ... I have even turned off the firewall momentarily to see if Norton is doing something but to no avail.

I think I need to find an on line scanner other then symantec as whatever is going on has gotten by Norton.

 
Upvote 0 Downvote
The issue is confusing, but please try the utility discussed in faq779-4625
 
Upvote 0 Downvote
I would check logs from NIS or run a program like Ethereal to capture the data from your NIC to see what is going on, this will be especially helpful in diagnosing the norton problem.
 
Upvote 0 Downvote
If you are looking for an online virus check take a look at Smah's great faq FAQ760-3862

I would recommend the Trend Micro and Panda virus checkers.

bjdobs said:
If I drop another PC in place of this one I have no problems with PC Anywhere or whatismyip.com so I don't think this is an ISP issue.
Click to expand...

My PC is setup ok and I get the sort of problems you are discussing about with the whatismyip.com site because they are catching my ISP's Proxy ip and not my own.

Even though you are using NIS firewall, have you checked to see if the MS ICF is enabled? If it is it would deffinatly stop connections to your machine by PCanywhere.

If you know what port PCAnywhere is trying to connect to you could try pinging that port number from a remote machine to see if you it is open or closed.

Also check Norton FireWall to make sure that the PCanywhere software is not set to "Block All"


Greg Palmer
Free Software for Adminstrators
 
Upvote 0 Downvote
Could the mac adress of your ethernet device be messed up or something ?? just an idea i know some isps need mac adresses for each pc using the service.


The way web design should be
 
Upvote 0 Downvote
ran winsockfix ... no change

reinstalled PCA ... no change

deleted all cookies and temp internet files ... no change

This looks like two separate issues:

1) This machine has 3 users defined, only one user login has the problem with whatismyip.com

2) because PCA is a kernel like process (runs prior to the user login) none of the user level logins make any difference to the host mode. PCA is set up with the default ports ... the program list in NIS list PCA as automatic

I will try the remote ping plus see if I can find any NIS logs that show an issue ... although with NIS off there is still no change so I still think there is a system level problem for item 2 ... and an IE config level issue for item 1

 
Upvote 0 Downvote
Update:

installed ethereal on 2 machines to monitor PCA traffic ...

the Host (problem pc) gets the UDP and SYN TCP messages sent by the remote PC ... the HOST PC does not respond

on the remote I connected to a known PCA Host and the Host responded immediately to the UDP message then does a wack of TCP transactions

As for the traffic in for whatismyip.com ... cant make any sence out of the packets ... suspect the data being sent is either as hex and passed to a javascript or possibly as a gif file ... there is alot of port 8080 traffic but nothing that stands out.
 
Upvote 0 Downvote
Correction

whatismyipaddress.com has no readable IP response

whatismyip.com responds after one poke at port 8080

the reponse has an incorrect ip in plain text
 
Upvote 0 Downvote
At wits end ... I have done a complete update install of XP including reapplying all the critical and regular updates ... stripped IE and reinstalled ... this one has me completely stumped ... obviously there must be one or more registry entries that are involved and they weren't affected by reinstalling the OS or a regclean by Norton
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sebastian42
  • Locked
  • Question Question
Possibly a timing problem
Replies
3
Views
2K
Rick998
Rick998
VicM
  • Locked
  • Question Question
Problem updating Windows Explorer
Replies
1
Views
1K
Nancycaf
Nancycaf
Flinx
  • Locked
  • Question Question
Windows 10 Strange problems recently appear caused by microsoft ransomeware protection
Replies
3
Views
1K
Andrzejek
Andrzejek
Shengfu
  • Locked
  • Question Question
PROBLEM WITH FILES IN FLASHDRIVE
Replies
3
Views
624
mikrom
mikrom
keithinoz
  • Locked
  • Question Question
add ip address to quick access
Replies
4
Views
1K
keithinoz
keithinoz

Part and Inventory Search

Sponsor

Back
Top