> What would explain the following scenario With just those four tests to go on, I would start thinking that the address you are analyzing is either spoofed or no longer online. A traceroute that bounces between two hosts is usually a sign of a routing loop as a result of the destination host being down. This was more prevalent ten years ago, but I still see them today periodically. DNS information (as well as a ping -a) completely relies on the authoritative server for the address space, so I would find out who the particular network belongs to and contact them. A whois on arin.net's servers (or some other registry) ought to give you some contact information. Finally, ping timeouts... are you certain that the reply you're receiving back is actually from the host? If you increase your TTL in a traceroute, do you finally get somewhere? It could in fact be coming from one of the routers in the loops if your TTL is expiring in transit. ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon May 26 2003 - 11:50:32 PDT