[ale] www.starbucks.com

matty91 at bellsouth.net matty91 at bellsouth.net
Sun Nov 30 10:43:40 EST 2003 

On Sun, 30 Nov 2003, Jim Popovitch wrote:

> This is sooo freaking weird it has been driving me crazy.  Mozilla 1.4
> hangs and ultimately timesout.  You would think that I had an iptables
> entries blocking it.  Very weird.  I have checked /etc/hosts, iptables
> --list, monitored firewall connections, tracerouted, and nothing
> indicates a problem on my side.
>
> Here is the traceroute from my home... but I see similar results from
> other locations (including tmobile enabled Starbucks sites)
>
> root at blue~$ traceroute www.starbucks.com
> traceroute to starbucks.com (64.14.140.210), 30 hops max, 38 byte
> packets
>  1  10.238.10.1 (10.238.10.1)  11.589 ms  11.965 ms  11.955 ms
>  2  66.56.22.66 (66.56.22.66)  12.333 ms  12.890 ms  13.813 ms
>  3  66.56.22.70 (66.56.22.70)  12.148 ms  11.879 ms  13.204 ms
>  4  c-66-56-23-38.atl.client2.attbi.com (66.56.23.38)  14.820 ms  11.852
> ms  11.875 ms
>  5  12.244.72.89 (12.244.72.89)  14.625 ms  11.813 ms  13.120 ms
>  6  gbr2-p70.attga.ip.att.net (12.123.21.6)  14.590 ms  13.046 ms
> 17.017 ms
>  7  tbr1-p013602.attga.ip.att.net (12.122.12.17)  14.296 ms  14.782 ms
> 14.541 ms
>  8  ggr1-p340.attga.ip.att.net (12.122.12.30)  13.075 ms  12.700 ms
> 13.035 ms
>  9  192.205.32.118 (192.205.32.118)  12.387 ms  25.403 ms  12.693 ms
> 10  acr2-loopback.Seattle.cw.net (208.172.82.62)  107.341 ms  84.462 ms
> 86.579 ms
> 11  bhr2-pos-0-0.Tukwilase2.cw.net (208.172.81.222)  84.775 ms  86.348
> ms  88.499 ms
> 12  csr2-ve241.Tukwilase2.cw.net (216.34.64.107)  163.966 ms  85.543 ms
> 85.154 ms
> 13  * * *
> 14  * * *
> 15  * * *
>
>
> also a telnet:
> telnet www.starbucks.com 80
> Trying 64.14.140.210...

Take a look at tcptracertoute. It decrements the TTL similar to traceroute,
but utilizes the port field in the TCP header to "port hop":

oscar# tcptraceroute -S -n -F www.starbucks.com 80
Selected device tun0, address 68.19.1.90, port 2142 for outgoing packets
Tracing the path to www.starbucks.com (64.14.140.210) on TCP port 80, 30
hops max
 1  68.19.1.1 (68.19.1.1)  14.993 ms  14.976 ms  15.284 ms
 2  209.149.96.65 (209.149.96.65)  15.293 ms  15.533 ms  15.261 ms
 3  209.149.96.158 (209.149.96.158)  151.048 ms  16.802 ms  17.739 ms
 4  209.149.96.246 (209.149.96.246)  14.546 ms  15.507 ms  15.525 ms
 5  65.83.237.2 (65.83.237.2)  15.288 ms  25.239 ms  15.538 ms
 6  65.83.236.0 (65.83.236.0)  15.890 ms  16.525 ms  15.270 ms
 7  67.72.8.41 (67.72.8.41)  15.991 ms  16.643 ms  15.790 ms
 8  209.247.9.161 (209.247.9.161)  16.977 ms  16.618 ms  17.266 ms
 9  209.247.11.225 (209.247.11.225)  24.626 ms  17.568 ms  17.260 ms
10  64.159.0.230 (64.159.0.230)  29.579 ms  29.669 ms  28.599 ms
11  209.244.11.14 (209.244.11.14)  29.313 ms  30.150 ms  30.322 ms
12  208.173.52.73 (208.173.52.73)  30.079 ms  30.159 ms  29.837 ms
13  206.24.227.61 (206.24.227.61)  28.829 ms  30.172 ms  30.328 ms
14  206.24.238.217 (206.24.238.217)  31.410 ms  31.516 ms  30.316 ms
15  208.172.82.62 (208.172.82.62)  82.567 ms  82.402 ms  83.511 ms
16  208.172.81.222 (208.172.81.222)  84.022 ms  83.365 ms  82.803 ms
17  216.34.64.122 (216.34.64.122)  83.771 ms  82.657 ms  83.531 ms
18  64.14.140.210 (64.14.140.210) [open]  84.766 ms [unknown, ACK]  84.431
ms  83.597 ms

I love this utility for detecting hidden firewalls. It might also be
beneficial to capture the traffic with tcpdump and look for abrupt RSTs.
This is usually (I configure my firewalls not to send RSTs when it drops
connections, but most firewall admins do) one indication that a firewall
is putting the kabosh on your traffic.

>
>
> -Jim P.
>
>
> On Sat, 2003-11-29 at 23:52, Jim Seymour wrote:
> > On Sat, Nov 29, 2003 at 11:13:30PM -0500, Jim Popovitch wrote:
> > >
> > > Can anyone get to www.starbucks.com with Mozilla?
> > >
> > > I can't.
> >
> > Just tried it with Mozilla 1.0.0 under Debian Sarge.  Seemed to work
> > fine here.
> >
> > Later,
> >
> > Jim Seymour
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://www.ale.org/mailman/listinfo/ale
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
>

Ryan Matteson - UNIX Administrator | GPG ID: 92D5DFFF
Public Key: http://www.daemons.net/~matty/public_key.txt
Fingerprint = 4BEC 6145 30A6 BCE6 5602 FF11 4954 165D 92D5 DFFF

More information about the Ale mailing list