I, have a problem with port 80 being blocked, but my problem is of a
much wider range than most. My internet connection is through my
school (university) and it seems that almost every port is blocked to
incoming traffic. Running web servers is not mentioned in the internet
ToS, so I assume they don't consider it an issue. I used a port
scanning tool at www.grc.com and it found that out of the ports
between 0 and 1055, only two were open. The ports that were open were
22 (SSH) and 111 (SUN RPC Portmapper). I was wondering if it was safe
at all to use either of these ports? I don't know about the 111, but I
don't believe that SSH is used much by windows and there aren't many
(if any) Linux/Unix/mac boxes on the network. I wasn't able to test
the full range of ports beyond 1055, but from some random tests I
found that others in the 33000 range were also closed. I have
configured my router to forward ports 80 and 443 to the IP of my
server box, but the blocking is coming from the routers and whatnot
farther into the system, which I do not have access to. I haven't set
up any dynamic IP DNs linking or anything for my domain, as right now
I am just concerned with making the server accessible from outside my
local LAN. This is using Apache server 2.2.4 on a Windows XP Pro SP2
box. Any on this matter would be greatly appreciated. Thanks!

On 2007-02-07, NickPoenn@gmail.com <NickPoenn@gmail.com> wrote:
> school (university) and it seems that almost every port is blocked to
> incoming traffic. Running web servers is not mentioned in the internet
> ToS, so I assume they don't consider it an issue.

Then why don't you go and ask the Sysadmins of your school?

> 22 (SSH) and 111 (SUN RPC Portmapper). I was wondering if it was safe
> at all to use either of these ports?

No is not. There is probably a reason if the ports are blocked, start
dicking around with the network and you can find yourself on the wrong
end of a lawsuit.

Davide

--
Microsoft should switch to the vacuum cleaner business where people
actually want products that suck.
-- Bruno Bratti

On 7 Feb, 04:53, "NickPo...@gmail.com" <NickPo...@gmail.com> wrote:
> I, have a problem with port 80 being blocked, but my problem is of a
> much wider range than most. My internet connection is through my
> school (university) and it seems that almost every port is blocked to
> incoming traffic. Running web servers is not mentioned in the internet
> ToS, so I assume they don't consider it an issue. I used a port
> scanning tool atwww.grc.comand it found that out of the ports
> between 0 and 1055, only two were open. The ports that were open were
> 22 (SSH) and 111 (SUN RPC Portmapper). I was wondering if it was safe
> at all to use either of these ports? I don't know about the 111, but I
> don't believe that SSH is used much by windows and there aren't many
> (if any) Linux/Unix/mac boxes on the network. I wasn't able to test
> the full range of ports beyond 1055, but from some random tests I
> found that others in the 33000 range were also closed. I have
> configured my router to forward ports 80 and 443 to the IP of my
> server box, but the blocking is coming from the routers and whatnot
> farther into the system, which I do not have access to. I haven't set
> up any dynamic IP DNs linking or anything for my domain, as right now
> I am just concerned with making the server accessible from outside my
> local LAN. This is using Apache server 2.2.4 on a Windows XP Pro SP2
> box. Any on this matter would be greatly appreciated. Thanks!

The only way to do what you want is either,
1. talk to your school's admins and ask them to forward port 80/443
which they wont, my guess is they already have a server on site
probably for their website, but even if not, they wont like the idea
of you having one trust me.
2. Make a socket connection from your router to a network you do have
control over - like your mum or dads or a friend at their home,
especially one with a static IP. You will need to adjust the routers
ip tables, or have a computer running all the time to route the
packets to your school

Since 2 is by far the easier and less problematic approach that's what
I would do.

You could then run the webserver in your room, the end points of the
encrypted (ssh2 or vpn) tunnel would mean that your server was
effectively located at your friends place, (and so the bandwidth
limitations would apply as per outgoing ADSL or whatever), then the
router/computer their would route the port 80/443 packets back to your
computer. You would get passed the firewall because you will have made
the socket connection yourself. However if your school sysadmins have
got it set up correctly you might find it annoying to find a port
which you can use to make the initial socket connection.
My advice would be to try using port 22, 110, 995 for the outgoing
connection which you will use to form your side of the p2p connection.

Anyway, if all this sounds daunting, and the loss of outgoing
bandwidth sounds a disappointment and you are not up for the challenge
of getting past your sys admins, then just accept it and run the
webserver at your m&d and use ftp and ssh to control it from where you
are. Sometimes you just cant win. Besides the easier way might be to
use your knowledge of networking/web dev to offer to your school
maintain some of its web pages, and use some space while you are at
it. They probably wouldn't mind you doing that once they knew your
face, unless they have a ACL for this too. That's called the social
engineering hack!

Tools you might use are stunnel, plink/putty,ssl explorer, cygwin+ssh.