Result Summary + – (help) aal234.neoplus.adsl.tpnet.pl / 83.25.11.234 Recorded at 15:50 EST (20:50 UTC), Dec 23 2012. Permalink. Referrer. Client/server transcript. ________________________________________ Summary of Noteworthy Events+ – Major Abnormalities– • We received unexpected and possibly dangerous results when looking up important names • Your ISP is using DNS to redirect specific sites Minor Aberrations– • Not all DNS types were correctly processed Address-based Tests+ – NAT detection (?): NAT Detected+ Local Network Interfaces (?): OK+ DNS-based host information (?): OK+ NAT support for Universal Plug and Play (UPnP) (?): Not found+ Reachability Tests+ – TCP connectivity (?): OK+ UDP connectivity (?): OK+ Traceroute (?): OK+ Path MTU (?): OK+ Network Access Link Properties+ – Network latency measurements (?): Latency: 130ms Loss: 0.0%+ TCP connection setup latency (?): 140ms+ Network background health measurement (?): no transient outages+ Network bandwidth (?): Upload 550 Kbit/sec, Download 5.9 Mbit/sec+ Network buffer measurements (?): Uplink 240 ms, Downlink 229 ms+ HTTP Tests+ – Address-based HTTP proxy detection (?): OK+ Content-based HTTP proxy detection (?): OK+ HTTP proxy detection via malformed requests (?): OK+ Filetype-based filtering (?): OK+ HTTP caching behavior (?): OK+ JavaScript-based tests (?): OK+ DNS Tests+ – Restricted domain DNS lookup (?): OK+ Unrestricted domain DNS lookup (?): OK+ Direct DNS support (?): OK+ Direct EDNS support (?): OK+ DNS resolver address (?): OK+ DNS resolver properties (?): Lookup latency 210ms+ Direct probing of DNS resolvers (?)– Your system is configured to use 1 DNS resolver(s). The resolver at 192.168.1.1 could not process the following tested types: • Medium (~1300B) TXT records • Large (~3000B) TXT records It does not validate DNSSEC. It does not wildcard NXDOMAIN errors. The resolver reports a number of additional properties. Show them. DNS glue policy (?): OK+ DNS resolver port randomization (?): OK+ DNS lookups of popular domains (?): Warning– One popular name has a significant anomaly. The ownership suggested by the reverse name lookup does not match our understanding of the original name. This could be caused by an error somewhere in the domain information, deliberate blocking or redirection of a site using DNS, or it could be that your ISP's DNS Server is acting as a DNS "Man-in-the-Middle". We attempted to download HTTP content from the IP addresses that your ISP's DNS server returned to you for these names. Where the download succeeded, you can click on the IP address in the table below to download a compressed file containing an HTTP session transcript. Note! The session content is potentially harmful to your computer when viewed in a browser, so use caution when examining it. Name IP Address Reverse Name/SOA www.google.com 217.96.43.57 SOA: lemuria.zit.tpnet.pl One popular name has a moderate anomaly: we are unable to find a reverse name associated with the IP address provided by your ISP's DNS server, although we expected to find a name. This is most likely due to a slow responding DNS server. If you rerun Netalyzr and see this condition remain, it could be due to a misconfiguration on the part of the domain owner, deliberate blocking using DNS, or your DNS server could be misconfigured or enabling a Man-in-the-Middle attack. Name IP Address Reverse Name/SOA us.etrade.com 198.93.34.50 X 90 of 90 popular names were resolved successfully. Show all names. 25 popular names have a mild anomaly. The ownership suggested by the reverse name lookup does not match our understanding of the original name. The most likely cause is the site's use of a Content Delivery Network. Show all names. 2 popular names have a mild anomaly: we are unable to find a reverse name associated with the IP address provided by your ISP's DNS server. This is most likely due to a slow responding DNS server or misconfiguration on the part of the domain owner. Show all names. DNS external proxy (?): OK+ DNS results wildcarding (?): OK+ DNS-level redirection of specific sites (?): Danger– Your ISP appears to be using DNS to redirect traffic for one or more websites to third-party servers. The affected sites are: www.google.com. Direct probing of DNS roots (?):+ IPv6 Tests+ – DNS support for IPv6 (?): OK+ IPv4, IPv6, and your web browser (?): IPv6 connectivity problem+ IPv6 connectivity (?): No IPv6 support+ Host Properties+ – System clock accuracy (?): OK+ Browser properties (?): OK+ Uploaded data (?): OK+ Feedback+ – User-provided feedback+