Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 12 Sep 2007 20:19:55 -0700
From:      "Darren Spruell" <phatbuckett@gmail.com>
To:        "Reid Linnemann" <lreid@cs.okstate.edu>
Cc:        Don O'Neil <lists@lizardhill.com>, Beech Rintoul <beech@freebsd.org>, freebsd-questions@freebsd.org
Subject:   Re: Strange port 80 access problem
Message-ID:  <839aec700709122019y14369b78vca927002b1f624ca@mail.gmail.com>
In-Reply-To: <46E8162A.7090206@cs.okstate.edu>
References:  <015a01c7f54f$fbf04ec0$0700020a@mickey> <200709120814.48051.beech@freebsd.org> <46E8162A.7090206@cs.okstate.edu>

next in thread | previous in thread | raw e-mail | index | archive | help
On 9/12/07, Reid Linnemann <lreid@cs.okstate.edu> wrote:
> Written by Beech Rintoul on 09/12/07 11:14>>
> > It's very possible that your ISP is blocking port 80. It seems more
> > and more of them are doing that with home subscribers. I know someone
> > who has service with one of the large telcos and they not only block
> > port 80, but mail and ftp as well. They told him if he wanted to run
> > servers he would have to subscribe to business service at 5X the cost
> > of residential.
> >
>
> I've had a similar experience with COX Communications in the US midwest.
> They block http, https, alternate http ports like 8000 and 8080, smtp,
> and I think pop and imap/imaps. I'm sure part of the reason for this
> paranoid behavior is to protect their networks from saturation from bots
> and whatnot, but part of me thinks they just want to stick it to their
> customers whom they view as pesky annoyances rather than valuable
> consumers. I circumvent these hassles by boring ssh tunnels to the
> services I need access to on my home machines. This is a stopgap until I
> get time to fiddle with openvpn.

It might depend where  you are on their network, but there's some
inconsistencies with the blocking. Port 80 is blocked, but port 443 is
allowed. Port 25 is blocked, but 587 is allowed. 135, 137, 139, and
445 are blocked. 8080, 8081, and 10000 get through to my network. Most
"other" ports are allowed by default.

Like it or hate it, it's a control designed to support their
subscriber AUP, which states pretty plainly that customers are
forbidden to "host servers" on the home user accounts
(http://www.cox.com/policy/  #6). Business lines have such
restrictions listed and allow hosting services by policy, and puts the
burden of "security" on the customer rather than attempting to enforce
by technical means.

DS



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?839aec700709122019y14369b78vca927002b1f624ca>