Thursday, June 21, 2007

Help? A Matousec Web Mystery

Hmm. Any ideas?


I depend on Matousec to provide information, reviews, and updates on the world of firewall leak-testing efficacy.

Only one problem.

I can't load

In the past month or so, I have been unable to reach their website from home.  Never had a problem before.

I seem to recall trying occasionally at work and being able to get through just fine.

However, here at home I keep getting "page not found" errors.

Here is what I know

  • I get the error in Firefox, Opera and IE7.

  • It happens on all my systems: SAMLinux, XP (laptop and desktop), and Vista.

  • I am using OpenDNS.

  • An OpenDNS cache check resolves the IP for as

  • I am unable to ping or pull up Matousec's address.

  • Adding it to my HOSTS file doesn't help.

  • DNS Traversal times for the site seem a bit it just a timeout issue?

  • A DNSstuff DNS Report for Matousec turns up what seems to be pretty good status.

  • The WhoIS information on the site seems good and was recently updated.

  • I ran a traceroute on the site, and it seems to take on average 16 hops before the final destination is reached at and the router there does not respond (along with a couple others along the way).

  • I'm running TimeWarner/Comcast home broadband.  No other problems on any other sites...and system and HOSTS files are crystal-clear-clean of malware.

  • A Wireshark packet sniff seems to find the name is DNS resolving just fine.

  • And the kicker?  If I run TorPark (now XeroBank...see BTW #2 below), the page seems to load just fine.

Any ideas or feedback on your own experiences?  I want to make sure I'm not missing something stupidly obvious before sending an email query to the Matousec website team for a downed website that is quite clearly up and running just fine, otherwise.



BTW #1

DNSstuff is a cool website to use to check Web networking things.  Highly "Valca Recommended" to bookmark this one!

BTW #2

The anonymous web-browser Torpark has been rebranded as XeroBank.

XeroBank Browser - Wikipedia, the free encyclopedia

Official website,

What happened to Torrify?

If you aren't sure what is going on now with the browser formerly known as TorPark, several alternatives exist to switch to including...OperaTor, and DemocraKey.

The previous (older) builds of TorPark I have all still seem to run just fine.


FF Extension Guru said...

Worked fine for me in Flock, Safari and Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv: Gecko/20070620 BonEcho/ ID:2007062003

Also using openDNS.

Claus said...

Thanks ff extension guru.

I'm not surprised you could see it and am wondering if it is a problem with blocking return responses to my ISP's IP range perhaps. I need a fellow Houston area TimeWarner/Comcast reader to check for me and see what they get.

I haven't dug out one of my laptops and placed it directly behind the broadband modem, just to be sure it isn't my home physical firewall/router somehow wigging things out. That is the one last "local" test I can think of before asking Matousec what they think.

Weird that it is ONLY this one site that seems to be impacted, however. That normally would lead me to suspect a DNS or IP/HOSTS file combo problem.

I'm sure I will get to the bottom of it eventually.

leland said...

I have no problem reaching from home through Comcast cable or at work with an AT&T T-1 line. However I am not using OpenDNS. I took a look at it, but it's purpose was a bit confusing so while I have an account I have not done anything with it yet. I can ping as well as visit the site at both locations in both Internet Explorer and Firefox. Please let me know if you require any additional info and I will do my best to check into it for you. Thanks for the cool blog, today is the first time I stumbled onto it while I was researching a Firefox problem.

Claus said...

Thanks leland.

I'm glad that you enjoyed the blog. It's a hobby and labor of love.

At this point I am fairly certain that eithr that a portion of the IP range my cable broadband is at is getting filter/blocked by Matousec's server or (less likely) that my ISP is blocking that server's traffic.

I can see the traffic all the way to their server, then it disappears into no response. When I try them using a proxy service, I don't have any issues.

Since I can use a proxy to get to the website, it's no big deal at this point. Just one of those weird things. It's the only one I've run into.

I really love OpenDNS. It was a breeze to configure and has been a great service. Highly recommend you use it.

Thanks for sharing your comment! It's nice to know folks are out there enjoying it!

perigee said...

I have a broadband account with in the Houston area and I cannot connect to either(time-out error). So you are not alone. If I use TorPark to connect, I have no problem. I have no suggestion for the problem. Just that we seem to be in the same boat. The common factor seems to be comcast in Houston. Hope you get a response from them..

Claus said...

Hi Perigee.

Thanks for confirming what I've suspected. Either Matousec (or their host) is blocking some Comcast IP ranges or Comcast is selectively blocking some from Matousec. I suspect the former.

Instead of using TOR, I've just gone ahead and gotten in the habit of just using one of Privax's proxy servers.

Privax free web proxy services (The Privax Network)

It's a lot faster and more convenient for daily check-ins of their website.

If I ever get an answer I'll post an update.

Thanks for taking the time to comment!

Anonymous said...

can you guys experiencing the problem supply the first octet of the IP address that you are riding? It wouldn't be a 98.x.x.x IP would it?

Claus said...

Hi Anonymous!

Hmmm. Either you have the same problem or maybe some thoughts?

Yes. (And the problem still persists..)

The first octect of my IP is indeed 98.x.x.x.

Any ideas?