LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   ISP Port Blocking - What are the options?? (http://www.linuxquestions.org/questions/linux-networking-3/isp-port-blocking-what-are-the-options-488308/)

studioq 09-30-2006 03:41 PM

ISP Port Blocking - What are the options??
 
Below is a list from my ISP (Cox HighSpeed) detailing what they say they block. So now my new Linux server will make a nice paperweight.

All I want to do is be able to access it from the outside via FTP or SSH. I have given up on the idea of hosting my webpages.. I configured it to send mail today and the mail was never delivered so I am figuring that the ISP is dropping anything fired off by sendmail.

25 TCP SMTP Both* SMTP Relays
80 TCP HTTP Inbound Web servers, worms
135 UDP NetBios Both Net Send Spam/Pop-ups, Worms
136-139 UDP, TCP NetBios Both Worms, Network Neighborhood
445 TCP MS-DS/ NetBios Both Worms, Network Neighhood
1433 TCP MS-SQL Inbound Worms, Trojans
1434 UDP MS-SQL Inbound Worms, SQLslammer
1900 UDP MS-DS/ NetBios Both Worms, Network Neighborhood
TCP Subseven Both SubSeven Trojan

uselpa 09-30-2006 03:49 PM

SSH uses port 22, which doesn't seem to be blocked, so it should work. You could also host your webpages by telling the http server to listen to a port other than the default 80 (such as 8080) and using http://yourname:8080 to access it. This is true for every service you want to run - just use a port number that isn't blocked by your ISP.

studioq 09-30-2006 04:10 PM

Would this only require an adjustment to the httpd.conf in Apache or are there other things that will need to be configured?
Thanks..
Studioq

studioq 09-30-2006 04:46 PM

I guess the other thing I dont really understand is how would I log onto this server if to the outside world it doesn't exist?
Using a normal ftp client, how do I figure the correct host address if te server's ip is one inside my internal network?

I know I have a lot of questions.. Just a byproduct of being new..
Thanks.

uselpa 09-30-2006 04:59 PM

Quote:

Originally Posted by studioq
Would this only require an adjustment to the httpd.conf in Apache or are there other things that will need to be configured?

Just add "Listen 8080" to httpd.conf.

uselpa 09-30-2006 05:00 PM

Quote:

Originally Posted by studioq
I guess the other thing I dont really understand is how would I log onto this server if to the outside world it doesn't exist?
Using a normal ftp client, how do I figure the correct host address if te server's ip is one inside my internal network?

How are you connected to the internet? Via a router or a simple modem?

studioq 09-30-2006 05:17 PM

I use a D-Link router that I have allready configured to pass along the most common ports only to find that many of them are blocked by the ISP. What I dont know are the correct settings for anything that might be custom; and after making those settings how to determine the correct host to try to log in to..

uselpa 09-30-2006 05:58 PM

In that case, what you do is:
- router: configure that port 8080 is to be forwarded to the IP address of your PC (something like 192.168.x.y probably), port 80.
- PC: assign a static IP address to your PC and do not use DHCP. Use Apache without any changes on port 80.

If you are on the internet, you need to know the IP address of your router. If you don't have a fixed IP address, use a dynamic IP service such as dyndns. Some routers can be configured to update dyndns automatically; check your doc.

Now your web server can be accessed with http://your-IP-address:8080 or http://your-dyndns-name:8080 and your router will forward this to http://your-PC-address.

studioq 09-30-2006 06:02 PM

I will get on that right now.. Can you help at all with how to log into this server from the outside i.e. what information to enter into the ftp client as far as hostname and such.. A few hints might be helpful.. Thanks..

uselpa 09-30-2006 06:06 PM

As I said... basically you need to know the IP address which your router got from your ISP. You should find that in your routers web interface. Be aware that it changes every time your router logs in so that you should use dyndns or similar to have a name instead of an IP address.

studioq 09-30-2006 06:19 PM

I appreciate it. Sorry to seem so helpless but that seems to be the case. I'm trying to configure the router right now but I'm not so sure I'm having any luck. As far as I can tell I have to create the port, or at least let the router know it exists. Currently the 8080 doesn't exist..

uselpa 09-30-2006 06:23 PM

No problem at all, we've all started from where you are now. It's quite likely that 8080 does not exist in your router's config, just define it.

studioq 09-30-2006 06:31 PM

I tried to configure it but it has a default setting on that port for remote management. Can I just bump it up to 8090?
I also have an account at Dydns and the updater but who knows if have entered all the information in there correctly either. I dont understand Hops and MX and everything else. I currently have a support ticket open with them hopping someone there an tell me what to enter.

studioq 09-30-2006 08:41 PM

Ok.. Through much adoo and fuss, I managed to get someone else out in internet land to see my server.. So this is a plus.... A victory for me.. There are still a lot of things I dont understand like setting up MX stuff.. But If I made it this far, maybe I'll get there.. Thanks again for you help..

uselpa 10-01-2006 02:53 AM

Quote:

Originally Posted by studioq
Ok.. Through much adoo and fuss, I managed to get someone else out in internet land to see my server..

What i did in that case is ssh into a server in internet land and from there connect back to my own server.

Quote:

Originally Posted by studioq
There are still a lot of things I dont understand like setting up MX stuff.. But If I made it this far, maybe I'll get there.. Thanks again for you help..

MX is about email delivery. If you don't run a mail server, don't worry at this point.


All times are GMT -5. The time now is 09:25 AM.