On 11/14/10 4:56 PM, DSinc wrote: > Josh, > Understand, but the router's log file (weekly) is quite large > (220KB). If you would like a look, I can try and copy a portion into > an off-list email to you. > > The router is set for DHCP on the WAN side. And, initially used the > ISP's local dedicated DNS Servers. Since I changed the DNS selection > to "Dynamic", the DNS windows are grayed out and now show DNS servers > I trace to ATT...... > 204.194.234.200 (p) > 204.194.232.200 (s) Those are not ATT DNS servers, almost anything ATT is 12.0.0.0/8
A whois on the IP addresses: OrgName: 302 Direct Media LLC OrgId: DIREC-107 Address: 548 Market St #25810 City: San Francisco StateProv: CA PostalCode: 94104 Country: US Now, from a BGP perspective, they get transit from Level3 and ATT (http://www.robtex.com/as/as30607.html) I don't think these are coming from your ISP, read this page: http://forums.dlink.com/index.php?topic=5064.0 As to host-68-169-188-189.mapoltl.epb.com , that seems to be unrelated, it's a virtual server in a colo in LA, and has a ton of domains on it, and could be scanning you, or trying to infect you with malware, no real clue on it . Harry > Still confused, > Duncan > > > On 11/14/2010 03:02, Josh MacCraw wrote: >> Port addresses would be helpful in determining what the traffic is. >> >> You router should be in DHCP mode for the WAN which will in turn give >> you the valid DNS servers for you ISP. >> >> >> On 11/12/2010 9:27 AM, DSinc wrote: >>> I have a new ISP (epbfi.com?). They have their own DNS servers: >>> 66.18.32.2 (p) >>> 66.18.32.3 (s) >>> >>> My router is a DLink DGL4500; so I set it to point to the ISP's DNS >>> servers. >>> >>> I am trying to figure out why my router is being hammered by another >>> server of my >>> ISP. I say hammered because my router's log file fills up with >>> [info] listings of >>> blocked requests from another ISP server to my assigned IP addy. The >>> server is: >>> host-68-169-188-189.mapoltl.epb.com >>> >>> Yes, I could just deselect [info] objects from my router's log file. >>> >>> I've spoken to the tech support staff. They tell me I am getting >>> "reverse DNS >>> routing" stuff. I was told to remove my router's dedicated DNS >>> assigns and set my >>> router to "dynamic." I think I have done this. >> <snip> >>
