Skip

Connectivity issues--can ping out, no browsing, can't reach email servers
August 27, 2012 11:29 AM   Subscribe

Can ping, can get DNS, machine says its connected to the internet, but no browsing and no email

Hi, I have an older machine--a Toshiba laptop that's 4-5 years old running Vista Home Premium. Its connected via cable to a Comcast router. The comcast connection works but the machine won't browse or get email. It won't work on a wireless network either.

The machine says its connected to the internet. I can ping out. I worked with the Comcast folks and we have a DNS address.

We tried the main things, reboot, complete off and on, all of that. I took it to Starbucks and the wireless was not working. Also did a restore point to last night. It worked last night at home just fine.

Please help.
posted by Ironmouth to Computers & Internet (31 answers total) 4 users marked this as a favorite
 
Sounds like proxy settings for email and web, perhaps. Look into examining and disabling them.
posted by Blazecock Pileon at 11:40 AM on August 27, 2012


When you ping exterior hosts are you pinging a hostname or an IP address? Can you do an nslookup for something like google.com from the command prompt?

The behavior you are seeing makes me think that either you have a DNS resolution problem (quite possibly one of the comcast DNS servers isn't responding correctly or in a timely manner) or possibly you have some issue with your browser proxy settings or you have an overzealous software firewall that is blocking outgoing connections.
posted by vuron at 11:43 AM on August 27, 2012 [1 favorite]


Blazecock,

It says for the LAN:

Automatically detect settings: box unchecked
Use automatic configuration script: box unchecked

Proxy Server: use a proxy server: box unchecked
posted by Ironmouth at 11:47 AM on August 27, 2012


Vuron:

We did both google.com and a DNS address for a google site. We tried turning off my Webroot secure anywhere, that did nothing. Turning off windows firewall does nothing either.
posted by Ironmouth at 11:53 AM on August 27, 2012


Can you try booting your machine in safe mode with networking and see if you have the ability to browse the internet then? I've seen various browser hijackers block outgoing web access unless you purchase their malware. If you have network access in safe mode then I would suggest getting someone professional to clean or rebuild the machine.

I don't think there is fundamentally anything wrong with your IP stack but there definitely seems to be something interfering with the browser passing data up and down the stack.
posted by vuron at 11:59 AM on August 27, 2012


I worked with the Comcast folks and we have a DNS address - We did both google.com and a DNS address for a google site.

This is slightly confusing both statements seem to be about IP addresses. Can you clarify what you mean by "We did both google.com and a DNS address for a google site"?

DNS is a lookup process, you get a list of DNS servers which are the servers that translate domain names to IP addresses, these break sometimes, so sometimes you manually set your DNS servers using Google DNS servers (8.8.8.8 and 8.8.4.4 I believe) to see if its a DNS.

When you say you can ping out you can do:

ping yahoo.com

And it works?
posted by bitdamaged at 12:00 PM on August 27, 2012


How do I boot in safe mode?
posted by Ironmouth at 12:01 PM on August 27, 2012


Type 'cmd' into Run and type 'ipconfig /all' Copy and paste the output of that here.
posted by damn dirty ape at 12:04 PM on August 27, 2012


ironmouth: are you able to establish a connection without the browser?

Follow these directions on the problematic machine.

If you're successful (that is, if the cmd window fills up with HTML) then the browser is the issue.

If not...well, we'll want to know what happened instead of success.
posted by namewithoutwords at 12:04 PM on August 27, 2012 [1 favorite]


Bitdamaged

We pinged both google.com and 8.8.8.8

Works fine.
posted by Ironmouth at 12:05 PM on August 27, 2012


make sure that your DNS is resolving correctly, you could be hit by malware or something that is corrupting it.

nslookup metafilter.com should return 50.22.177.14.

do a traceroute to whatever it is you're pinging successfully and make sure that it actually is what you think it is. Some home ISP will put you into a quarantine network in some cases and redirect all traffic that you send to a specific server of theirs instead of what you think you're going to. This usually happens when you're router MAC isn't provisioned.


next do a raw socket connection to the website via command line, this will show whether the problem is in your browser or on the host/network.

easy way:

telnet 74.125.225.131 80
(wait for cursor)

if cursor appears type:

GET / HTTP/1.1
host: www.google.com
(press enter twice).

and confirm that you get html code back

if cursor does not appear and it says "connection refused" or (after a minute or two) says "connection timed out", then the problem is with the network.
posted by robokevin at 12:09 PM on August 27, 2012


That nslookup returned the proper DNS

Typed in telnet and exactly what you wrote in the command line and it didn't do anything, said telnet was not a recognized command. Let me know exact string I have to type in.
posted by Ironmouth at 12:19 PM on August 27, 2012


it's because in windows vista telnet is not enabled by default. you have to go into something like "windows programs and features" and enable it.


Here's how something on microsoft website says how to do it (I'm not sure, not a windows user here):
Click Start, and then click Control Panel.

On the Control Panel Home page, click Programs.

In the Programs and Features section, click Turn Windows features on or off.

If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.

In the Windows Features list, select Telnet Client, and then click OK.
posted by robokevin at 12:25 PM on August 27, 2012


I think in windows 7 and vista the ability to use telnet from the command prompt is disabled under normal installs. You actually have to re-enable that feature using windows features from programs and features in the control panel. Yeah for MS thinking that every user is an idiot.

You can turn telnet back on using the following:

Step 1
Click Start or the Vista logo on your taskbar.

Step 2
Select ' Control Panel' from the start menu.

OR

Type ' Control Panel' into the search box in the start menu, and click ' Control Panel' under programs from the search results.

Step 3
Click Programs' in the control panel.

Step 4
Click ' Turn windows features on or off' under ' Programs and Features'.
If you have User Account Control turned on, Vista will ask for your confirmation. Click continue.

Step 5
A window with the title "Windows Features" should pop up.
Scroll down and find "Telnet Client". Check or place a tick mark in the check box beside "Telnet Client".

Step 6
Click "OK". Vista will take its time and install telnet client.

Then you should be able to do robokevin's torubleshooting.
posted by vuron at 12:26 PM on August 27, 2012


did you do a traceroute? can you post the results?
posted by robokevin at 12:26 PM on August 27, 2012


Traceroute "completed fine" says my comcast guy. The computer won't work here or at Starbucks. It is unlikely its the network
posted by Ironmouth at 12:31 PM on August 27, 2012


traceroute always completes fine, it is the network path that we need to look at here in order to interpret whether you are making it to the site or not.

ever try installing a different browser?
posted by robokevin at 12:34 PM on August 27, 2012


go to c:\Windows\System32\ or c:\Windows\System32\drivers\etc (the former is correct for XP, the latter for Win7, but i'm not sure about Vista) and find the "hosts" file. It has no extension.

Open this in notepad.

Unless you or a spam-blocking, junk-blocking application has tinkered with this, or else malware has done the same, it's probably a short file with about 15 commented lines describing its function, followed by:

127.0.0.1 localhost
::1 localhost


..if that. If there are lots and lots of entries here, rename it, and create a blank file with the above lines only, and call it hosts. This file serves as a sort of first-line DNS, which allows you to add fake entries so that, for example, http requests to ad servers don't reach the ad server.

Also, check your email (for starters) settings: it's better practice in general to use dns (e.g. imap.google.com might have a dozen IP addresses, load-balanced and whatnot), but for temporary diagnostic purposes, do a lookup on the servers referenced in your email settings, and replace those entries with the IP addresses. If that helps, then that's a clue that DNS is screwy.

Also, google for "flushing your dns cache," which will clear out any bad entries your computer has cached so it doesn't have to hit the DNS server as often.
posted by Sunburnt at 12:43 PM on August 27, 2012


command line,

telnet 173.194.34.38 80
GET /
(emptyline)
(emptyline)


if that gives you some HTTP error or a web page source, then it's your browser. If it gives you a connection error, then it's your network layer or below.
posted by cmiller at 12:52 PM on August 27, 2012


I use chrome and IE. It isn't a browser specific issue. It also isn't specific to comcast because it doesn't work at starbucks either. Its local to the machine. I clicked on enable telnet, it was taking forever and I'm heading to a doctor's appointment now. Will try flushing the dns cache when I'm back to the office in an hour.
posted by Ironmouth at 12:55 PM on August 27, 2012


chrome imports many of IE's settings, it could very well be a browser specific issue and effect both chrome and IE.

network troubleshooting is still required even if the problem is local to the machine, there is plenty of "network stuff" that is configured on-host, specifically dns and routing. on-host routing and interface configuration is an extremely common point of failure if you use two interfaces or hop across networks.
posted by robokevin at 1:11 PM on August 27, 2012


The command for flushing the DNS cache is:
(Starting from the Start menu, select "Run". On the "Open" line, type cmd and then hit the [Enter] key. This should bring up a command prompt, also called a DOS prompt.)
In the command prompt, type
ipconfig /release [Enter]
You should see some text saying your machine has released its IP address. Then type
ipconfig /flushdns [Enter]
You should see some text saying your machine has flushed its DNS cache. Then type
ipconfig /renew [Enter]
Hopefully, you will see some text confirming that the machine has acquired a new IP address.
Here is Microsoft's reference page on the ipconfig command.

Let us know if that makes a difference.

Also, have a look at the drivers for the network card. Are they up to date?
posted by Multicellular Exothermic at 1:16 PM on August 27, 2012 [1 favorite]


Sounds like malware to me. Boot into Safe Mode with Networking, as described above (keep hitting F8 after the computer starts up) and see if browsing works. If it does, it's probably malware.
posted by cnc at 1:38 PM on August 27, 2012


Is it possible you could get Autoruns running on the pc? (may have to use a USB thumbdrive).

If none of the suggestions above have worked (in particular flushing DNS or using Safe Mode with Networking), it is possible that you could have a LSP hook that could be hindering web and e-mail traffic. These hooks can sometimes be the result of malware, but can also stem from badly installed security software (eg. internet security programs that heavily monitor IP packets will sometimes install as a winsock layer, but do not fully uninstall when removed...leaving orphaned components that still actively sit inline and hang)

With Autoruns you'll want to primarily look at Winsock providers, Network Providers, and Appinit. You could also try checking for common rootkits with TDSSKiller (click change parameters when launched and check for unsigned files and TDLFS).

Primarily though, make sure you don't have any internet security software running in memory...and if so...uninstall it. You can always reinstall it later if it's needed. Also make sure you're not running any kind of 3rd party blocking software like Peerblock, etc. Try to get your startup as clean as possible.

Instead of F8 to enter safemode. I recommend using msconfig (start/run box and type "msconfig"). You can then select on the general tab a different type of startup (diagnostic startup for starters...if things work in diagnostic mode, then you'll want to switch back to normal mode and start looking at your startup and services tab...eliminating the obvious things not needed first....you can always go back into msconfig and recheck them if one is unchecked by accident. When in the services tab, start by checking the checkbox to hide all microsoft services) You can also cause your PC to enter safe mode on the next boot with msconfig on the "Boot" tab.
posted by samsara at 1:50 PM on August 27, 2012


Ok, telnet gets me "Could not open connection to the host, on port 80: connection failed"
posted by Ironmouth at 2:13 PM on August 27, 2012


Guys, if you could check back later tonight--would be great. I'm out for a few.

This is only computer I have.
posted by Ironmouth at 2:31 PM on August 27, 2012


Ironmouth: Ok, telnet gets me "Could not open connection to the host, on port 80: connection failed""

Sounds very much like something on the machine is blocking outgoing TCP connections.
(you were able to ping, which is ICMP, and DNS was working, which is UDP. telnet and web browsing all happen over TCP).

A completely misconfigured firewall *could* do this, but I'm betting instead on some sort of malware.

See samsara or deezil's profile for steps on malware detection and removal as a possible next step.
posted by namewithoutwords at 5:00 PM on August 27, 2012


Ironmouth: I worked with the Comcast folks and we have a DNS address.
vuron: are you pinging a hostname or an IP address?
Ironmouth: We did both google.com and a DNS address for a google site.
bitdamaged: This is slightly confusing
robokevin: nslookup metafilter.com should return 50.22.177.14.
Ironmouth: That nslookup returned the proper DNS

This is not directly relevant to your problem, but please note that you are consistently misusing the term "DNS", causing some mild communication problems.

What the nslookup returned, the four numbers separated by dots, is called an IP address. DNS is (among other things) a system for converting domain names (such as "metafilter.com") into IP addresses (such as "50.22.177.14"). The term "DNS address" has, to my knowledge, no standard meaning; it certainly is not a substitute for "IP address".
posted by stebulus at 5:39 PM on August 27, 2012


Definitely try flushing your DNS cache, as Multicellular Exothermic recommends. When I had Vista, I found that I often had to do this, and it fixed the problem.

However, I usually had to do it as Administrator. Go to Start -> Accessories (err... maybe System Tools too - I forget). Right click on Command Prompt and click "Run as Administrator." Then follow Multicellular Exothermic's commands.
posted by ErikaB at 6:35 PM on August 27, 2012


I can't browse in safe mode.
posted by Ironmouth at 1:34 PM on August 28, 2012


Just delete the network adapter (there are two, your wired and your wireless) from the hardware manager. Reboot, it'll reinstall your network card drivers from scratch. This sometimes takes care of issues where some software (malware, AV) screwed the pooch.
posted by damn dirty ape at 1:52 PM on August 28, 2012


« Older My lab has a Django database a...   |  Looking for a shared private a... Newer »
This thread is closed to new comments.


Post