Sign in with
Sign up | Sign in
Your question

2 minutes after modem restart, port 80 appears to be blocked except for google and facebook (?!)

Last response: in Networking
December 16, 2013 4:37:10 PM

Something really odd is going on. All computers on my home network are getting "webpage unavailable" except for google and facebook. When I restart my modem, all websites work for about two minutes. Then nothing except google and facebook. My roommate found that if he uses a Chinese proxy server, he can magically browse all websites. Ping always works, even by website name. Here are things I've tried:

1. Calling Comcast. They said "hmm, your downstream signal is way out of range" and scheduled a technician. The technician found a bad filter and splitter on the telephone pole, and fixed them. My internet started working again, and 20 Mbit faster than before!! Two hours later, it's back to the same initial problem.

2. Switching routers. I replaced my Netgear WNDR300 with a Time Capsule, but it didn't help.

3. Switching DNS servers. I switched from (comcast) to (google), but no luck.

4. Browsing to an IP instead of a website name. Didn't work.

I haven't tried buying a new modem yet, because I'm really hoping there's a solution out there. Any ideas, tech people?

Many thanks!!
December 16, 2013 5:32:40 PM

This sound similar to a post a while back but I can't find it. That one someone had installed a vpn/proxy software that did not uninstall correctly. Make sure there are no proxy settings in the browser and delete the HOSTS file. You should also disable the firewall completely on the PC for a while to test and make sure it is not the firewall.

These type are very hard to find because the machine lies to you.
December 16, 2013 8:05:43 PM

Thanks for your reply. This affects all 7 Mac and Windows computers and all 6 iphones that use my network, so I don't think it's that. But just to be sure, I checked my hosts file, but there's nothing suspicious. I also just checked my firewall and it's been off the entire time. I have no proxy settings either.

Best solution

December 17, 2013 6:28:29 AM

Since you have already replaced your router there is not a lot left but the ISP having some issue.. There is a very rare chance you have a device in your network doing a ARP poison man in the middle attack but this is generally something that is intentionally done and not found in home networks.....unless you have a hacker living with you.

If you could open web pages by IP address I would suspect of them intercepting DNS but that does not appear to be the case.

This sounds like there is a transparent proxy in the path and they are intercepting web traffic. Can you get https to work. They likely intercept that one too but it works a little different.

There is almost no way to detect a transparent proxy except when it causes you problems. You can detect is to a point by comparing the ping latency to the ACK time for certain packets but I will not explain how to do that here. Still even if you are sure there is a proxy or other filter device and it is being done intentionally not much you can do. We do this all the time in the corporate world to filter internet access.

The only way to get past this is some form of VPN or proxy. Tends to be a pain to setup when you have lots of devices. You will end up either using a router based vpn or build your own transparent proxy intercept thing that forces the traffic into a vpn.
December 17, 2013 9:24:30 AM

Wow, thank you for the info. I didn't know about transparent proxies. How could there be one between my cable modem and Comcast?! Crazy. But https works just fine, rock solid. Last night I looked up a list of free proxy servers and found a US one that uses port 8080, and now I can browse normally except for a second or two lag before anything happens. I was also on the the phone with four different Comcast people and kept getting transferred to nowhere and disconnected every time they put me on hold (grrr), but I think I will eventually be able to get an answer from them. In the meantime I will try configuring a router-level proxy setting so that all my devices can browse. Thanks again for your help.