Wow. Sounds like you're dealing with some mighty unreasonable people here...
Frankly, the first thing that I'd do is look for a new ISP! (And maybe a new
employer, while I was at it.)
Assuming those aren't options:
0) Did you try port 443? That's HTTPS, which many admins seem to forget
about...
1) Maybe you can negotiate with your ISP? Do they offer different plans
(that you can afford) or a static IP w/ fewer restrictions?
2) Are they blocking *UDP* ports? There's this thing I've read about lately
called OpenVPN that uses UDP transport, which they might be a little more lax
about...
3) nmap is the (or at least *a*) tool to use (nessus may work as well.)
You'd want to use it from a remote system (preferably the one at work.) The
only problem is, you'll have to figure out some way of opening every port on
your home system--well, that and the fact that an alert admin might notice
and give you grief. Maybe xinetd, but I don't see an easy way of doing it.
Maybe that's not necessary--it might be possible to have nmap report the ports
that are closed (meaning that the target system is saying that they're
closed, which would imply that it noticed the connection attempt and politely
refused) as opposed to filtered (no response at all.) You may need to
tweak iptables, such that the default input response is REJECT, so that an
error packet is returned.
HTH,
-Jason
On Wednesday 13 August 2003 10:09 pm, João Candido Araujo Milasch Filho wrote:
Well. I got an answer to my problem. About a year ago, my adsl provider
blocked about all reserved ports, and thats why I can't use'em. Although
I told you before that they were unblocked by the ISP. Then, I fall on
another problem: The work's firewall! So, I'll need to get a list of
unblocked outbound ports. Is there any way to see what outbound ports
are unblocked? We got some sites that scan my incoming ports. Thats not
hard to make a program that scan for outgoing ports, but I kind of not
have time to do so.
If anyone knows how how to look for outgoing unblocked ports, tell me,
because the network admins dont want to just give me a port that I can
use. ;(
Thanks all for the answers.
PlugHead wrote:
On Tuesday 12 August 2003 10:56 pm, Greg Meyer wrote:
On Tuesday 12 August 2003 10:11 pm, João Candido A. Milasch Filho wrote:
Hi! I sent this message b4 to newbie list, but I got absolute no answer.
I hope someone can help me here...
SNIP
Anyone knows what can I do to figure out whats happening?
Is your isp blocking inbound traffic on port 80 to prevent web servers
from running on the network? That would be a cruel catch 22 if it is
true. Work only allows outbound on port 80, while home allows all
inbound but port 80.
Actually, it could be worse than that. You may not even have a real ip
address. Sometime an ISP will act as subnet on the internet, in order to
conserve IP addresses (much like a local router would do, but on a larger
scale.) If you're on a dial-up connection, this is most likely the case,
and may be even if you have a broadband connection. If your IP address
starts with 192. or 10., that's a dead giveaway, but there are other
reserved ranges as well that I don't know off the top of my head.
Can your friends ping your ip address? If so, this is not (probably,
unless they're really ping'ing someone else) your problem.
-Jason
=
When treading water in a circle of sharks, a wizard will always consider
other wizards to be the most immediate danger.
(The Last Continent)
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
--
=
I AM DEATH, NOT TAXES. *I* TURN UP ONLY ONCE.
(Feet of Clay)
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com