strange hostname being assigned

The DNS configuration in the Actiontec comes automatically from CenturyLink, so I don't know how to set it up so that it proxies my ISP's DNS. I would assume it already is, but I confess I don't understand what this even means. I know what DNS does. The ISP populates the DNS addresses into my modem/router (all in one), and then my device has DNS set to go first to 192.168.0.1 (the modem/router) and second to the primary DNS address the ISP has served to my modem/router. The secondary address listed in the modem/router's configuration isn't showing up on my devices DNS prefs. Should I drop the first hit at the router and just manually enter the Primary and Secondary numbers from the router into my device network prefs? or add a third, if it will let me? I haven't tried Open or Google DNS, and from what I've read on the web, am not sure CenturyLink won't simply repopulate the DNS fields with what they want. Man, do I ever hate to call them. If this problem isn't a security issue or coming from some kind of breech in security that's already occurred, I may just leave it alone and go back to ignoring messages until something stops working right. I know the DNS stinks, but I only know it by looking at the logs. Once when I tried "stealth mode" in the firewall, I was spammed by "stealth mode attempts" all the time when browsing, as packets asked for came too late, but I wasn't aware of any of it while browsing. I may try to set up static DNS and use Google or Open DNS, if the ISP will allow it, but I would assume, if the ISP is doing what's best for the consumer (yeah right), that their DNS servers assigned to me would be closer and faster, but I really don't know enough about this stuff to make speculations. The issue doesn't appear "solved," but everyone has been most helpful. Linc Davis is almost certainly correct concerning the DNS configuration, but I don't know what to do with that, how to do anything with it. Thanks, mates.

Okay, I've gotten some good advice here, and I appreciate it. Linc Davis, I will investigate and invest in, what you suggest. I've emphasized my worry over the hostname coming back as a .com, worrying a bit that it might be something more than merely misconfiguration, but something potentially malicious picked up or put in somehow by someone or something other than me or my ISP. No one has addressed that concern, so I'll assume that it isn't a reasonable concern, based on these logs and the hostname. I'm leaving this conversation thinking my problem is using what my ISP thinks is a "good enough" all-in-one modem/router with DNS issues, and that, even though it is mine (not rented), the ISP is able to override any changes I make to it, that my problem isn't likely to be a hacker or malware infiltrator who is getting to my machine or network. If I seem a bit paranoid, it is because both my wife and I have had to have our credit cards replaced twice in a little more than a year, though I'm quite sure the information was never ripped from our our computers or network... just using the card at a couple of stores with issues, and once at an ATM that someone had been skimming. This and more have made me want to be more cautious with my own network and devices and I may be prone lately to see a boogeyman where there isn't one, or probably isn't one. I still think a lot of this sounds weird... the .com hostname, the only effecting one machine, the temporary modem reboot fix... but none of it triggered any reaction on here but DNS issues, so I'll settle with that gladly.

I'm going leave this open a bit longer, and if I hear nothing else from those who are at levels showing they know a lot more than me about this stuff, I'll consider it resolved with Linc's last bit of "if I were you" advice, which I intend to follow with the help of a friend who is far more sophisticated than I am in home networking, but who I typically prefer not to bother with such things, as he can be a condescending ***.

Thanks for the friendly and helpful replies.

J

This is still happening, and it's always "internalcheck.apple.com" being assigned as hostname... but not initially. As can be seen by the log sample I provided earlier, it first goes to the proper .local hostname, and then seconds or minutes later, is changed to the .com name. A reboot of the modem fixes it. I haven't tried attempting to configure a new DNS path with the ActionTec.. afraid I'll get no connection at all and I think, but don't know, that CenturyLink likes things a certain way and will change it back or it won't connect unless I do. I was automatically opted in for the "webhelp" which runs the DNS through the CL servers to Yahoo servers, I believe, to get the ads page when a bad URL is entered, and I've opted out of that, hoping that the extra DNS step would be eliminated and I'd see new CL DNS numbers populating the modem/router and thus my MB Pro (set to pull DNS automatically from the ActionTek), but the numbers are the same. It causes no issues I'm aware of, but is still baffling. With a bit money and a bit of tech help, I'll try bridging the modem to a new router and see if that helps, and I may stop being chicken and try configuring new DNS addresses myself. I assume it's on the modem/router web interface that I make the changes, and that simply doing it on the device, turning off "automatic" would just kill the the ability to resolve anything and connect. I could call CL, but that is always a headache that ends up being useless, but maybe not concerning this. I wonder why it's always that hostname, internalcheck.apple.com. I thought a device hostname in my small home situation in which only a couple of devices talk to a modem/router at the center, and through it to the ISP, would always come back as something .local. The Pro is occasionally hooked via USB to an Epson Printer. It also connects three times per week to another network, a campus network. But neither of these things seem to be related to when the change of hostname starts happening. I've had this modem for three years. There could be many more strange things happening that I'm not aware of relating to a modem that is need of replacing. If it's the ISP, why would it be assigning an apple.com hostname? Anyway, weird. I need to realize that nothing in the console messages is going to help me because I don't understand them, and it wasn't made for me to understand it. I'll try some of the suggestions mentioned here. I didn't know who to acknowledge as having solved my issue... not solved really until it stops happening... Link provided two great pieces of advice and information, but I'm too computer illiterate to move forward with them. Thanks again.

I did look at it. My firmware is very different, as is the web interface. I'm not sure what the 169.254... is, but am assuming those are the local IP addresses assigned by the ActionTec through Verizon? Mine are 192.168.0. 2 - ? I have used DHCP reservations so that a specific device interface (MAC) gets a specific local IP. For example, the new MB Pro, which, may even have the same host name as the previous Pro and is assigned the same IP, is always locally .2. I've thought about changing that, making the ethernet MAC .2 and reserving a different 192.168.0 for the wifi and see if it is a matter of that one local IP and the name. I'm not handy with Wireshark, or with anything much beyond what a typical user does... I mean I'm a tad above average in knowing, for example, to change the default modem log-in information, changing the default WPA pass code, etc... and many people don't even do this much... but I'm far from being an IT guy. I do enough, like changing defaults and enabling MAC filtering on the wifi, to make the casual drive-by network mooch find something simpler to piggy-back on, but aside from taking minor security steps such as these, I'm pretty dumb about this stuff. I want to use the stuff, but not spend all my time learning about it.. which means, I'd do better to avoid looking at console messages. I'm going to first change the DHCP reservation and see if anything changes. Then, I'll call CL and see what I can do without causing trouble for myself or with them concerning the DNA addresses they send me, and if possible stay with a Quest DNS server, but without any Yahoo bounces and such, or go to Google or Open DNS, if allowed. I may just buy a new modem. Ideally, when I can afford it, I'd like to have a new modem through CL, and bridge it into a separate router. My main worry, as is common when neophytes of IT see what looks like "suspicious" messages in Console, is security. Would the hostname switch mean there is some breach in security or privacy... that is my main concern. Otherwise, I'd treat it like I do other Console messages and say, "the message isn't for me, and the computer works."