[Date Prev][Date
Next][Thread Prev][Thread Next][Date
Index][Thread Index]
Re: Help needed with NAT on Winroute Pro
Keith Doxey wrote:
>
> Hi Guys,
>
> and why
> does my machine sometimes connect with the same message even when
no-one is
> using any of the PC's in the house. When it does this it stays online
for
> 10mins then drops the connection (although one time it was on for 34
mins).
I know bugger all about winroute whatever (sounds ghastly ;) but this
sounds like the same problems I encountered when I wrote a diald router
a while back. We found that the culprits were generally 'spyware' PC
apps and the like. From memory things like RealPlayer & co, virus
scanners etc. etc. would periodically attempt to phone home.
Most of them don't do it on a single PC with a dial up connection
because they're smart enough to spot the dial-up, but on a LAN PC they
just go ahead anyway, which of course brings the line up on a demand
dial access router.
The best way to identify them is from the router logs (if possible with
winroute). The first packet that goes out is nearly always the DNS
request for the hostname, so if you can examine the DNS packets you'll
see the hostname which might give you some clues:
evilspyware.realnetworks.com etc
If that doesn't help, you can run a LAN traffic analyzer on one of your
boxes (ethereal is a good one, I think it even has a windoze port) and
attempt to find the culprit with that.
The solution is then to either implement demand dial blocking rules
based on IP names, or to preload a local DNS server with non-expiring
entries for the relevant hostnames (with IP addresses that point to
local, LAN machines). I've no idea if winroute lets you do that sort of
stuff tho. Presumably windows has some sort of hosts file, maybe you
could achieve the same thing by manipulating that on all PCs on the LAN.
HTH,
ant
--
/\/\
ant@xxxxxxx (`') www.ant.org
()
Megawatt Winged Avenger
Home |
Main Index |
Thread Index
|