THD Training

Manikandan.A
Noc Team
Contents…
Specific Site Not Working

Email Issues
Basic Troubleshooting
Check with Multiple browsers and PCs.
Check whether the domain really exist by trying with another ISP or
using www.isup.me. (http://)
Clear browser cache, Cookies and browser history.
Check Windows firewall settings.
Check for any parental control software is there in PC or router.
Reset the browser to default settings.
Remove malwares, spywares, adwares etc
DNS Updation
• If the DNS resolution is not taking place ,there are two possibilities
1. The domain name is wrong.
2. Our DNS issue.
The first troubleshooting which we can do in that case is assigning
google global DNS manually .
Which is 8.8.8.8 and 4.4.2.2 (Which will be having all DNS entries)
DNS lookup
• Check whether the domain is getting resolved using nslookup.
Eg : enter “nslookup www.google.com”
Troubleshooting's Based on Errors
• SSL errors.
Change the time and date of PC.
• Proxy errors.
Disable all manually assigned proxy and give automatically.
• If getting white blank screen.
Install malware bytes do a complete scan ,remove the detected
objects and restart the PC.
• DNS errors
Assign google DNS manually (8.8.8.8)
Scenario 1

If customer is hosting a site ,he have done some changes to the site but
in our network customer is getting the same old site.

In this case refreshing page or clearing browser cache may not work.
we want to override the cache.
For Windows/Linux : “Ctrl+Shift+R”
For Mac : “Command+Shift+R”
Scenario 2

The website is getting resolved in nslookup still not opening.

Do a traceroute for the site
Command is “tracert www.domainname.com” (Ex: tracert
www.facebook.com)
Tracert command will do traceroute to the domain destination where the
website is hosted.
Errors

1)IP blacklist in webserver.

2)That HOP have an ACL and our IP is not allowed in that.

Client errors (400–499)
400 Bad Request
In valid Syntax
401 Unauthorized
Although the HTTP standard specifies "unauthorized", semantically this response means
"unauthenticated".
403 Forbidden
The client does not have access rights to the content; that is, it is unauthorized.
404 Not Found
The server can not find the requested resource.
408 Request Timeout
This response is sent on an idle connection by some servers, even without any previous
request by the client. It means that the server shut down unused connection.

Incase of server end errors will get the range of (500–599).

How Mail Works????
• Mail User Agent (MUA)
• Mail Delivery Agent (MDA).
• mail transfer agent(MTA)
Email Ports
IMAP - 995 (En), 110 (Un)

POP3 – 993 (En) , 143 (Un)

SMTP – 25,587,2525 (Un) , 465 (En)

What is port 25 and why is it blocked?
• Port 25 is the default port used to transport or communicate email
across the Internet using the SMTP protocol.

• Many ISPs and broadband / cable providers now block or restrict SMTP
connections on port 25 (the default port for SMTP ), the main reason for
this is because when a computer gets infected by a virus it can be
hijacked by the virus writers to send out thousands, if not millions of
spam emails - the ISPs have to prevent this from happening and
blocking the port is the only real solution.
To check if port 25 is blocked by an ISP:
• If you are using Windows, open up your command prompt. If you are
using a Mac, open up your Terminal. And, if you are using Linux, open up
your Terminal emulator.
• Type the following command: telnet examplemailserver.com 25
• If port 25 is not blocked, you should receive a message like this one:
Why PTR records are important?
• An email travels across the servers (MTAs) on the way to the recipient’s
email client. Before it’s delivered to an inbox, most email providers will
enforce one simple test. They’ll run a DNS lookup simultaneously with a
Reverse DNS lookup and will compare whether the results match. If
they don’t or a PTR record simply doesn’t exist, an email is likely to be
sent to spam or even discarded.

• PTR Records are a defense used by servers against spammers,

especially those using fraudulent domain names (let’s say, mailtrop.io).
If the records are configured for mailtrap.ip, resolving an IP address
with a PTR lookup (Reverse DNS lookup) won’t point to a real domain.
This, as a result, will send up a red flag for an MTA and will likely lead to
an email being discarded.
DNS CHECK:

• can quickly understand that the https://mailtrap.io address actually

represents the 3.215.223.38 IP address. This result is called an ‘A
Record’. 
• PTR records (short for Pointer Records) are used to perform a Reverse
DNS lookup.