Jamo Posted November 18, 2010 Share Posted November 18, 2010 Hi. I would like to test which ports ISP is blocking. Not only ports that i can use to connect into my house, but also which port i can connect out. Like my ISP let's me use port 25 only for connecting to their smtp server. One reasons I'm doing this is that i want to do ssh tunneling and i would like to know which ports i can use for it. 22 is not good. Quote Link to comment Share on other sites More sharing options...
digip Posted November 18, 2010 Share Posted November 18, 2010 (edited) Why is 22 no good? Are you behind a router? If so, you need to port forward port 22 to the machine serving SSH. Either that, or the location you try to connect from blocks outgoind port 22, which could be the case in the work place or even school networks. Most ISP's only block port 80 to a subscriber's IP from the internet. And as far as port 25 to them, I would think it works to any SMTP server. Most servers today don't use the old SMTP port 25 though. They have all started to use the alternative SMTP port (587) as well as IMAP (143). Edited November 18, 2010 by digip Quote Link to comment Share on other sites More sharing options...
theSuperman Posted November 18, 2010 Share Posted November 18, 2010 Yeah incoming port 80 connections are blocked for me. You can try running nmap on your IP address to see whats blocked. Quote Link to comment Share on other sites More sharing options...
Jamo Posted November 18, 2010 Author Share Posted November 18, 2010 Why is 22 no good? Are you behind a router? If so, you need to port forward port 22 to the machine serving SSH. Either that, or the location you try to connect from blocks outgoind port 22, which could be the case in the work place or even school networks. Most ISP's only block port 80 to a subscriber's IP from the internet. And as far as port 25 to them, I would think it works to any SMTP server. Most servers today don't use the old SMTP port 25 though. They have all started to use the alternative SMTP port (587) as well as IMAP (143). Ports 80 443 22 53 are ok at home, but at school they block outgoing 22, imap, pop, smtp (at least for gmail), VPN(L2PT, PPTP, IPSec) and most of other fun ports. Thats why I have to have sshd running on port 80, and apache with ssl on port 443. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted November 19, 2010 Share Posted November 19, 2010 (edited) If your ISP is really blocking certain ports, you might want to try using different ports. Like if its blocking 80, and not blocking 443 you could use it instead. Alternatively you could use Shields up to determine what ports your ISP is blocking http://www.grc.com/intro.htm Or this web-based application that, can tell if your ISP is blocking certain ports or not http://www.canyouseeme.org/ Edited November 19, 2010 by Infiltrator Quote Link to comment Share on other sites More sharing options...
Jamo Posted November 20, 2010 Author Share Posted November 20, 2010 Or this web-based application that, can tell if your ISP is blocking certain ports or not http://www.canyouseeme.org/ Iv been using that. Im more interested how to check which ports I can use to connect out from school network. I could set up netcat to listen all ports and then manually try to connect to all ports, bun Im looking for app that could do it for me. Its a public WLAN so I can bring my BT4 laptop to do some testing, Or just use some windows commandline apps at school computers like netcat. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted November 27, 2010 Share Posted November 27, 2010 A simple method to determine if your ISP, is in deed blocking ports is: 1. I would not recommend this option, but its simply for testing purposes. Place one of your computers in a DMZ. 2. Install services like, webserver, mail server, SSH server and other services. 3. When you are at your school, try accessing these services and if you are able to establish a connect to any of them, then your ISP is not blocking, however if can't then most likely your IPS is blocking. 4. First off try to determine what ports are not blocked, and any port that is unblocked, set up a SSH service and tunnel all your traffic through it. Quote Link to comment Share on other sites More sharing options...
Jason Cooper Posted November 27, 2010 Share Posted November 27, 2010 Why not simply use tcptraceroute (wrap it in a script if you want to do large ranges of ports). Then not only will you be able to see that specific ports are being blocked, you will see where in the path they are being blocked. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted November 27, 2010 Share Posted November 27, 2010 Why not simply use tcptraceroute (wrap it in a script if you want to do large ranges of ports). Then not only will you be able to see that specific ports are being blocked, you will see where in the path they are being blocked. Found something interesting: http://michael.toren.net/code/tcptraceroute/ Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.