LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices

Reply
 
Search this Thread
Old 01-09-2013, 05:29 AM   #1
lupusarcanus
Senior Member
 
Registered: Mar 2009
Location: USA
Distribution: Arch
Posts: 1,022
Blog Entries: 19

Rep: Reputation: 146Reputation: 146
Find out if ISP is blocking port. *Edited


So I found out my previous ISP was blocking ports.

But I moved and now have different ISP. I searched on Google and couldn't find any definitive info on if they do or don't.

What is a simple way to test if my ISP is blocking ports, and which ones they are blocking?

Hopefully this question is not too general.

EDIT: The simplest way I thought if was to actually install a mail or web server than test it externally. I was hoping for a way I could do it without having to install anything and also find out if other ports are blocked for future reference.

Last edited by lupusarcanus; 01-09-2013 at 05:48 AM.
 
Old 01-09-2013, 07:13 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,173
Blog Entries: 54

Rep: Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809
Run a nmap scan from outside your LAN and grep for "filtered" results? There's on-line nmap services if you don't have access to a remote machine.
 
Old 01-09-2013, 07:29 AM   #3
lupusarcanus
Senior Member
 
Registered: Mar 2009
Location: USA
Distribution: Arch
Posts: 1,022
Blog Entries: 19

Original Poster
Rep: Reputation: 146Reputation: 146
Quote:
Originally Posted by unSpawn View Post
Run a nmap scan from outside your LAN and grep for "filtered" results? There's on-line nmap services if you don't have access to a remote machine.
Code:
Starting Nmap 6.01 ( http://nmap.org ) at 2013-01-09 14:26 Central Europe Standard Time
Nmap scan report for xx.xx.xx.xx (xx.xx.xx.xx)
Host is up.
All 100 scanned ports on xx.xx.xx.xx (xx.xx.xx.xx) are filtered
Nmap done: 1 IP address (1 host up) scanned in 6.54 seconds
Code:
----------------------------------------------------------------------

GRC Port Authority Report created on UTC: 2013-01-09 at 13:37:24

Results from scan of ports: 0, 21-23, 25, 79, 80, 110, 113, 
                            119, 135, 139, 143, 389, 443, 445, 
                            1002, 1024-1030, 1720, 5000

    0 Ports Open
    0 Ports Closed
   26 Ports Stealth
---------------------
   26 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: PASSED - ALL tested ports were STEALTH,
                   - NO unsolicited packets were received,
                   - NO Ping reply (ICMP Echo) was received.

----------------------------------------------------------------------

Last edited by lupusarcanus; 01-09-2013 at 07:38 AM.
 
Old 01-09-2013, 08:24 AM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,173
Blog Entries: 54

Rep: Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809
BTW if you only allow --state ESTABLISHED,RELATED ingress there's now way telling where along the route stuff gets filtered.
 
Old 01-09-2013, 09:54 AM   #5
lupusarcanus
Senior Member
 
Registered: Mar 2009
Location: USA
Distribution: Arch
Posts: 1,022
Blog Entries: 19

Original Poster
Rep: Reputation: 146Reputation: 146
Well, I just setup a web server real quick. I figured that if it worked, I was going to keep it anyway. I forgot that Ubuntu makes it insanely easy to do. It does work, I can connect to it through port 80 externally. Neat!

My last ISP blocked inbound port 80 and a few more as well. Having a personal server was against the ToS. I moved and now have a new ISP. I researched and read every document and from what I gathered it's absolutely fine to run a server as long as its not for commercial/enterprise use. They don't seem to block any ports, but I am going to try the mail server now and see if that sending email back and forth.
 
Old 01-09-2013, 10:05 AM   #6
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,173
Blog Entries: 54

Rep: Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809
Quote:
Originally Posted by lupusarcanus View Post
Well, I just setup a web server real quick. I figured that if it worked, I was going to keep it anyway. I forgot that Ubuntu makes it insanely easy to do. It does work, I can connect to it through port 80 externally. Neat!
Nice. Best block traffic to TCP/80 until you've properly hardened the machine, tested the service (OpenVAS?) to satisfaction before exposing it again.


Quote:
Originally Posted by lupusarcanus View Post
I am going to try the mail server now and see if that sending email back and forth.
I'd argue against running a public MTA unless you need remote web mail or something like that. (Should I mentioning hardening again?) BTW RBLs often flag domestic IP ranges as suspect so you would need to "smarthost" via an acceptable conduit anyway.

Last edited by unSpawn; 01-09-2013 at 10:08 AM.
 
Old 01-09-2013, 10:41 AM   #7
lupusarcanus
Senior Member
 
Registered: Mar 2009
Location: USA
Distribution: Arch
Posts: 1,022
Blog Entries: 19

Original Poster
Rep: Reputation: 146Reputation: 146
Quote:
Originally Posted by unSpawn View Post
I'd argue against running a public MTA unless you need remote web mail or something like that. (Should I mentioning hardening again?) BTW RBLs often flag domestic IP ranges as suspect so you would need to "smarthost" via an acceptable conduit anyway.
I'm going to be the only one using the email. I was thinking about using Roundcube web mail for remote access. If I am flagged as suspect, I could just dump the mail server idea and go back to Gmail without consequences?

Also, how do I mark a thread as solved? I swear that I used to just go to thread tools. I haven't logged in for a year and some change, was this changed?

Oh and as always, thanks. I'll try to give you some more rep if I can if you care for it.
 
Old 01-09-2013, 11:25 AM   #8
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,173
Blog Entries: 54

Rep: Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809
Quote:
Originally Posted by lupusarcanus View Post
I'm going to be the only one using the email. I was thinking about using Roundcube web mail for remote access. If I am flagged as suspect, I could just dump the mail server idea and go back to Gmail without consequences?
If your email gets rejected just try routing it through your ISPs MTA first.


Quote:
Originally Posted by lupusarcanus View Post
Also, how do I mark a thread as solved? I swear that I used to just go to thread tools.
Yes, either thread tools or see the top of this page, just above your first post on the left it should read "Please Mark this thread as solved if you feel a solution has been provided.".


Quote:
Originally Posted by lupusarcanus View Post
Oh and as always, thanks. I'll try to give you some more rep if I can if you care for it.
NP. IMHO rep should be given freely, not asked for, influenced or agreed upon. Not that it should matter to you but I personally favor meaningful reputation comments over rep itself.
 
Old 01-09-2013, 12:09 PM   #9
lupusarcanus
Senior Member
 
Registered: Mar 2009
Location: USA
Distribution: Arch
Posts: 1,022
Blog Entries: 19

Original Poster
Rep: Reputation: 146Reputation: 146
Quote:
Originally Posted by unSpawn View Post
Yes, either thread tools or see the top of this page, just above your first post on the left it should read "Please Mark this thread as solved if you feel a solution has been provided.".
screenshot.PNG

I'm just not seeing it. I clicked your link and it said it was marking the thread as solved, but didn't update the thread title with the little [SOLVED] prefix.
 
Old 01-09-2013, 12:21 PM   #10
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,173
Blog Entries: 54

Rep: Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809Reputation: 2809
Yeah, forgot. Threads in /General can't be marked [SOLVED].
Kind of makes sense with all those threads about religion, politics and Microsoft Windows :-]
 
Old 01-09-2013, 07:02 PM   #11
TheIndependentAquarius
Senior Member
 
Registered: Dec 2008
Posts: 4,622
Blog Entries: 29

Rep: Reputation: 896Reputation: 896Reputation: 896Reputation: 896Reputation: 896Reputation: 896Reputation: 896
[deleted] // Huh, couldn't see that it had already been realized that it was /General.
Sorry. [First time I responded before reading further ]

Last edited by TheIndependentAquarius; 01-11-2013 at 12:58 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
port blocking by ISP dpballey Linux - Networking 1 03-01-2008 03:24 AM
ISP Port Blocking - What are the options?? studioq Linux - Networking 14 10-01-2006 02:53 AM
ISP blocking smb port trixar Linux - Networking 1 11-22-2005 06:37 AM
ISP Blocking port 25, how can I get around? kofrad Linux - Networking 1 09-10-2004 02:26 PM
Isp blocking port 25 terek Linux - Networking 4 09-05-2003 07:38 PM


All times are GMT -5. The time now is 02:32 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration