Jump to content

Testing Open Ports

Jamo

By Jamo
in Questions

 Share

Recommended Posts

Jamo Newbie

Jamo

Posted
Posted

Hi.

I would like to test which ports ISP is blocking. Not only ports that

i can use to connect into my house, but also which port i can connect

out. Like my ISP let's me use port 25 only for connecting to their

smtp server.

One reasons I'm doing this is that i want to do ssh tunneling and i

would like to know which ports i can use for it. 22 is not good.

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted (edited)

Why is 22 no good? Are you behind a router? If so, you need to port forward port 22 to the machine serving SSH. Either that, or the location you try to connect from blocks outgoind port 22, which could be the case in the work place or even school networks.

Most ISP's only block port 80 to a subscriber's IP from the internet. And as far as port 25 to them, I would think it works to any SMTP server. Most servers today don't use the old SMTP port 25 though. They have all started to use the alternative SMTP port (587) as well as IMAP (143).

Edited by digip
Link to comment
Share on other sites
Jamo Newbie

Jamo

Posted
  • Author
Posted
Why is 22 no good? Are you behind a router? If so, you need to port forward port 22 to the machine serving SSH. Either that, or the location you try to connect from blocks outgoind port 22, which could be the case in the work place or even school networks.

Most ISP's only block port 80 to a subscriber's IP from the internet. And as far as port 25 to them, I would think it works to any SMTP server. Most servers today don't use the old SMTP port 25 though. They have all started to use the alternative SMTP port (587) as well as IMAP (143).

Ports 80 443 22 53 are ok at home, but at school they block outgoing 22, imap, pop, smtp (at least for gmail), VPN(L2PT, PPTP, IPSec) and most of other fun ports. Thats why I have to have sshd running on port 80, and apache with ssl on port 443.

Link to comment
Share on other sites
Infiltrator Newbie

Infiltrator

Posted
Posted (edited)

If your ISP is really blocking certain ports, you might want to try using different ports.

Like if its blocking 80, and not blocking 443 you could use it instead.

Alternatively you could use Shields up to determine what ports your ISP is blocking

http://www.grc.com/intro.htm

Or this web-based application that, can tell if your ISP is blocking certain ports or not

http://www.canyouseeme.org/

Edited by Infiltrator
Link to comment
Share on other sites
Jamo Newbie

Jamo

Posted
  • Author
Posted
Or this web-based application that, can tell if your ISP is blocking certain ports or not

http://www.canyouseeme.org/

Iv been using that.

Im more interested how to check which ports I can use to connect out from school network. I could set up netcat to listen all ports and then manually try to connect to all ports, bun Im looking for app that could do it for me. Its a public WLAN so I can bring my BT4 laptop to do some testing, Or just use some windows commandline apps at school computers like netcat.

Link to comment
Share on other sites
Infiltrator Newbie

Infiltrator

Posted
Posted

A simple method to determine if your ISP, is in deed blocking ports is:

1. I would not recommend this option, but its simply for testing purposes. Place one of your computers in a DMZ.

2. Install services like, webserver, mail server, SSH server and other services.

3. When you are at your school, try accessing these services and if you are able to establish a connect to any of them, then your ISP is not blocking, however if can't then most likely your IPS is blocking.

4. First off try to determine what ports are not blocked, and any port that is unblocked, set up a SSH service and tunnel all your traffic through it.

Link to comment
Share on other sites
Jason Cooper Newbie

Jason Cooper

Posted
Posted

Why not simply use tcptraceroute (wrap it in a script if you want to do large ranges of ports). Then not only will you be able to see that specific ports are being blocked, you will see where in the path they are being blocked.

Link to comment
Share on other sites
Infiltrator Newbie

Infiltrator

Posted
Posted
Why not simply use tcptraceroute (wrap it in a script if you want to do large ranges of ports). Then not only will you be able to see that specific ports are being blocked, you will see where in the path they are being blocked.

Found something interesting: http://michael.toren.net/code/tcptraceroute/

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...