[Netalyzr] (no subject)

LenLynch lenlynch at pobox.com
Sat Oct 21 09:46:50 PDT 2017

Thank you for providing Netalyzr !!

I did a google site search against the list archive site and it didn't
turn-up any hits for this topic.  Sorry if I've overlooked it in advance.

I use your tool from when I need a point of comparison between different
networks that I regularly frequent, and on my home network as I make
changes to it, or I detect that my ISP maybe making changes to the service.

I'm going to supply some information in the hope of getting this clarified
and answered not only for myself, but other practitioners that may
experience the same or similar results.

I haven't run it for several months, and I'm seeing a new warning message:


Quoting the warning section:

2 popular names have a significant anomaly. The ownership suggested by the
reverse name lookup does not match our understanding of the original name.
This could be caused by an error somewhere in the domain information,
deliberate blocking or redirection of a site using DNS, or it could be that
your ISP's DNS Server is acting as a DNS "Man-in-the-Middle".

We attempted to download HTTP content from the IP addresses that your ISP's
DNS server returned to you for these names. Where the download succeeded,
you can click on the IP address in the table below to download a compressed
file containing an HTTP session transcript.

*Note!* The session content is potentially harmful to your computer when
viewed in a browser, so use caution when examining it.
Name IP Address Reverse Name/SOA

I agree that there are missing reverse DNS records for these DNS names.
But the IP address ranges are under the control of the company.  So this
would appear to be a false positive being reported.  Proof is supplied.

$ whois


NetRange: -
NetName:        JMC
NetHandle:      NET-159-53-0-0-1
Parent:         NET159 (NET-159-0-0-0-0)
NetType:        Direct Assignment
Organization:   JPMorgan Chase & Co. (JMC-39)
RegDate:        1992-03-06
Updated:        2012-02-24
Ref:            https://whois.arin.net/rest/net/NET-159-53-0-0-1

OrgName:        JPMorgan Chase & Co.
OrgId:          JMC-39
Address:        120 Broadway
City:           New York
StateProv:      NY
PostalCode:     10271-1999
Country:        US
RegDate:        2006-11-21
Updated:        2017-10-19
Ref:            https://whois.arin.net/rest/org/JMC-39

I appreciate the depth of the tests and I applaud the checks for DNS
functionality.  They provide real value to the tester.

If any variation in forward/reverse lookup will cause this warning, maybe
this should be a tunable feature of the tool?

If there is more to this warning that should be investigated supplying a
pointer to better and more complete information should be provided in the

Thanks in advance for responding,

Realizes:  "Culture eats technology for breakfast..."  -Russ White
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/netalyzr/attachments/20171021/c2d43abb/attachment.html 

More information about the Netalyzr mailing list