Stevie

Don't get me wrong, I wasn't knocking or mocking him. I just thought it was a really odd decision to do the video infront of the fake audience. He looked so uncomfortable at the end. The audience wasn't needed.

In all the searching I've done on this issue, this was the oddest thing I came across: http://youtu.be/B0dHDD9fFM4 Why did he ever agree to do it that way? It's embarrassing having the fake audience. It's so clear they are actors and the fake clapping at the end even worse!

Thanks. I've have a look. It's a Draytek Vigor2800VG. A business grade router with inbuilt firewall, VOIP and Vlan. I got it mainly to play with. I set OpenDNS on it manually and although on connection it briefly says my DNS is OpenDNS, it flicks back to the Cable & Wireless one that Xilo use. I think I'll speak to them about that issue, if that's their end doing it.

Think I'll try putting something on to monitor. Maybe Wireshark? Probably the only one I know a tiny amount of. Also my DNS knowledge isn't exactly good and found out last night, on the DC, in the Forwarder in DNS, it was pointing to 10.0.0.100 which is also the DC. Apparently this is wrong, hence the same DNS error showing up in the logs for ages. When I setup the DC, I was always taught that if the IP of the DC is for example 10.0.0.100 (just used the 10 range as easier to type), then the Preferred DNS in the TCP/IP settings should also be 10.0.0.100. This has worked for me in Server 2003 and when setting up the DC. Clients have been able to connect to it etc. But looks like this then put an entry in the Forwarder. I was in the forwarder last night to add the OpenDNS servers and kept getting an error about the IP being invalid. That turned out to be the 10.0.0.100 address because the DNS server can’t point to itself I think I’ve learnt. Since removing that entry and adding OpenDNS. Then flushing DNS on all machines, the redirect, at the moment, appears to have gone on all machines. But it’s early days. I’ve had it disappear before only to then suddenly come back at a later date. For all these test this time around I’ve been using esxi As mentioned, in the address field. But I can then do a random search a few days later for something that should then pull up a google search but then it will redirect. I’ll monitor it for a few days. Need to replace the Router as well. I also have two Netgear unmanaged switches that I rebooted last night (unplugged and plugged back in again), as they haven’t been rebooted for months. I assume it’s not possible for them to hold any DNS cache for some odd reason? I’m pretty sure I know the answer to that is a no, but I ask here as people here appear to be able amazingly get kit to do what it was never designed for J OpenDNS is now on the router as well as the DC. However, I did noticed when I set it on the Router, the router would connect to the ISP & for a brief couple of seconds keep the OpenDNS settings, then flip back to using the ISP DNS. Doing an NSLOOKUP on the IPs a search on the results found the DNS they are using is Cable & Wireless DNS. I’m with Xilo. They seem pretty good support wise. I think I’ll ask them why OpenDNS isn’t kicking it, and why it’s forcing it back to using their DNS. After all, it could end up being Cable & Wireless DNS causing the issue. I also now and then do sniff of the network with Cain and Abel but that’s buggered up again recently on the NIC as when you go to Config the IP is showing as 255.255.255.255 I’ve had this before and found a fix but the fix isn’t working this time as appears to be a different issue. Pretty sure that’s not related to this redirect issue as during the redirect it had been working fine, then suddenly went. It’s the only took I know to give me a list of kit that is currently on the network.

It's doing my nut in. It's not making any sense what's going on. Well maybe it is, but it just seems like it's pointing to DNS but then it only affects Firefox. However, I booted another XP machine to test, both IE and Firefox were having the issue but not Chrome. So even if it was on the router where the issue was, how comes its only affecting certain browers? Then blocking said sites via the host file and using an IP block in Comodo, neither IE or Firefox could go to the site. Then suddenly, they stopped and starting using Google search again for finds searches typed into the address bar. Now logged on to the DC. Removed Firefox and all profile info. Checked in IE and no issue. Installed Firefox fresh and clean, old Firefox profile wiped. Was doing it again, in Firefox but not IE, on the DC. Totally confused where this redirect is hiding. 3 different machines having same issue would point to DNS, but why only affecting certain browsers? Even after flushing DNS, turning of Cached DNS on the Windows 7 box. Router DNS pointing to Comodo's. This new test is me typing ESXI in the address bar. Instead of going to Google Search (my default) goes to hugedomains instead. I've even changed the default search to Bing, but makes no difference. Is anyone able to setup some VMs and do some testing? Visit the mentioned site. Then do as I've done in the video and see if it causes the same issue? Next thing is to change out the Router. I've already got a newer Draytek in, just need to install it. And I guess raise a ticket with my ISP to check its not them.

Thanks for suggestions. I did think it might be my ISP but then would assume they'd be getting lots of complaints. I've already set to the router to use Comodo's DNS. I'll try the other options and turning of DNS so it doesn't cache is a good idea. Also thinking of turning off the DC for a while, in case it is actually that.

No one?

Had to create a new account here due to forums moving and me not being here for ages. Anyway. I run into this weird issue the other day on an XP machine. No matter what site you went to in firefox, you ended up at hugedomainsDOTcom. I thought it was a HOST hijack but checked and I'd deleted the host file long ago to stop anything hijacking it. I scanned the machine, found nothing. I looked at a Process Monitor trace, nothing. Both IE and Firefox appeared to be affected pointing to some sort of possible DNS poisioning? Never tried Chrome. Rebooted. Logged back in and all now fine. Odd, maybe it was memory based. Anyway. Attempting to fix the issue I was VNCed into the machine via a Windows 7 machine. Suddenly the Windows 7 machine started to have similar issues, nowhere near as bad though. Example vid: on the Windows 7 machine it only affects Firefox, IE and Chrome are fine and only appears to happen if you do a search in the address bar. Instead of going off and searching Google, it redirects to hugedomains. Both machines are on a domain (a test domain setup at home). It's probably not a perfect Domain setup as I'm still learning and I think DNS on it really isn't that good. So I thought it might be that. I disable the NIC on the Windows 7 machine and do the search again in Firefox again and it attempts to do a Google search but obviously fails. Turn the NIC back on, do the same search and get redirected to hugedomains again. So maybe the TCP/IP stack is infected if possible? I start up a VM in VMWare of XP that has been turned off for months. It is connected to the domain, I do a test straight away, suffers the same issue in Firefox. The NIC on the VM is setup as Bridged so "Connected directly to the physical network". I roll the VM back to the last snapshot which was an old version of FF and off the domain. No longer suffers the issue. I connect it to the domain, update FF, test suffers the issue again. DC is 10.0.0.100 and the Primary DNS on the VM XP is 10.0.0.100 and the secondary is 10.0.0.1 (which is the router). I did this because I'm no expert and I think DNS is bit messed on the DC, so machines can look at the router instead. With this setup the VM XP has the issue, only in FF. I then note, if I remove the secondary 10.0.0.1 and just let it use the DNS of the DC, it no longer suffers the issue (oh and it's default gateway is the 10.0.0.1). As soon as I enable the secondary DNS again of 10.0.0.1, issue comes back. This was now pointing to the router being the issue. I remove the secondary from the Windows 7 machine, do a test in FF and the issue disappears. I renable the secondary, still issue has gone. But do the same on the VM and it was still doing it. Really weird issue that is pointing to an possible issue with the router? It's a Draytek Vigor2800VG.