[PLUG] Web Site Access: Route Broken

wes plug at the-wes.com
Sat Sep 22 21:37:22 UTC 2012


On Sat, Sep 22, 2012 at 1:54 PM, Rich Shepard <rshepard at appl-ecosys.com>wrote:

>    For the past couple of days I've not been able to connect to my bank's
> web
> site. Running traceroute shows me that once I get to an AT&T server in San
> Francisco nothing more happens:
>
>
unfortunately traceroute does not give a reliable indication of the
existence or non-existence of a problem. many routers and other network
devices are configured to drop or otherwise mangle ping and traceroute
traffic. see if your distro's package repository includes a utility named
tcptraceroute, which will more closely resemble the real traffic your web
browser generates and be more likely to represent the path that traffic
takes.


> 13  cr1.sffca.ip.att.net (12.122.86.198)  118.554 ms  74.705 ms  108.925
> ms
> 14  cr1.sc1ca.ip.att.net (12.122.30.121)  77.138 ms  79.549 ms  74.979 ms
> 15  cr2.sc1ca.ip.att.net (12.122.30.126)  77.261 ms  74.054 ms  79.671 ms
> 16  cr2.slkut.ip.att.net (12.122.30.114)  81.892 ms  82.523 ms  88.599 ms
> 17  12.122.81.137 (12.122.81.137)  78.268 ms  77.561 ms  73.155 ms
> 18  * * *
> 19  * * *
>

12.122.81.137 is also an AT&T IP, so there's no real useful data here. this
would be more useful if compared to a traceroute from a working machine. if
you provided the bank's URL, more of us could try it and see how our
results compare to yours.


> and the attempt stops at 30 hops.
>

typical.


>
>    Is there a way to force the connection to take a different route? I
> wrote
> to all the e-mail addresses at att.net that whois provides. Of course I
> can
> wait for Monday and see if the company plugs in the next step but I'd like
> to see if a client wired a payment yesterday.
>

force? short of changing ISPs, no. there are tricks people can do to
"suggest" a router behave differently. these work about as well as voodoo
and hocus pocus. try running a continuous ping to the bank's web server.
try changing the packet sizes larger and smaller.

in my experience AT&T is very unlikely to respond. you may also try
contacting your ISP's support. also unlikely to help.


one other possible idea would be to proxy your traffic through somewhere
else. there are many anonymizing proxies available out there. the downside
of this approach is that the owners of such proxies would then be privy to
your banking info. if you know how, you can proxy through your own server
if you have one. I have a virtual server at SliceHost and use it for this
purpose when needed.

-wes



More information about the PLUG mailing list