Little bit of a noob, I hope this question shows enough effort. I'm not a network engineer, just an enthusiast.
Days ago I noticed my network got very slow randomly. I run my visual trace route tool (PingPlotter) and I pinged 3 targets. Amazon, LinkedIn, and Google Drive.
All three targets were showing hop #2 (the hop right after my modem) the traffic was being routed to a mail server in Turkey. On hop 3 it went back into the Charter/Spectrum backbone, on to the following hops, then onto my final targets.
I was using a VPN at the time, using a server on the east coast. I disconnected. Re-connected to a VPN server in the midwest. Disconnected, and re-connected back again to the same server on the east coast again. All during these times of connected and disconnected to the VPN it was showing "trmail.trhosted.com" on the second hop, for all 3 targets. Eventually the routes changed and it no longer showed this on hop 2, but it would intermittently show up again on the 2nd hop for all 3 targets.
I called my ISP asking their tech support/engineering team if there would be any reason that my traffic would be routed to another country. Their answer was "it depends on your targets, it's likely the websites you were visiting aren't hosted in the US". That answer doesn't make any sense if the target websites servers were in the U.S., right? And, even while using a VPN that could route traffic to somewhere strange... those were still in the U.S. too. And, it happened while connected AND disconnected to the VPN. Additionally, it wasn't just "somewhere down the line it routes through Turkey".. but rather, after my traffic leaves my LAN it goes directly to this "mail server" THEN back to the U.S. backbone.... or so it all appears to me.
I brought this concern up to them, they said they couldn't answer my questions and referred me to their Subscriber Security (spectrum network security). After emailing them, and sending my PingPlotter data, they refer me back to Spectrum tech support.
I emailed the company that makes the network tool, PingPlotter, to confirm I wasn't reading results wrong. Being that I used to work there and know the caliber of people, technical talent, and mission to quality of customer service - they confirmed that it was extremely peculiar, and to continue to reach out to my ISP to resolve the issue.
I'm also considering drafting a letter to the FCC about the issue.
Is this a big red flag or am I being an overly-paranoid noob?
Maybe this is a big misunderstanding on my part?
Or maybe Spectrum's network has been compromised?
What do the network engineers of reddit think I should do?
I hope this post fits the criteria, and apologies if it doesn't and I missed something.
I also have all of the PingPlotter data that I can share with any of you to better explain my situation. DM me and I can share the files or links to private web pages that include the trace data, hops, etc.
Please and thank you in advance!
No comments:
Post a Comment