Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] B Flets blocks port 25?
- Date: Mon, 02 Jun 2008 13:13:40 +0900
- From: "Stephen J. Turnbull" <stephen@example.com>
- Subject: Re: [tlug] B Flets blocks port 25?
- References: <c0f4e2b00805290150r76b45bceg423358fa120c671b@mail.gmail.com> <20080529040812.GA91216@mail.scottro.net> <20080529120715.GA10133@phb> <900ea9a0805282106o275ce03dj3e48f8965859b31d@mail.gmail.com> <78d7dd350805282131u46509543p8138803c87301664@mail.gmail.com> <78d7dd350805282056s4e60e79bx160588dea86f0f8a@mail.gmail.com> <20080529163026.GE13977@lucky.cynic.net> <78d7dd350805291911x31fda243u595d9a127397ac51@mail.gmail.com> <20080530104356.U20566@isris.pair.com> <87ve0veanw.fsf@uwakimon.sk.tsukuba.ac.jp> <20080530190920.P20566@isris.pair.com>
Joe Larabell writes: > > > > > IIRC, Usen blocks SMB and NMBD. > > > > # Joe, can you check that? > > > > > > I could if you know of some server somewhere that accepts incoming > > > connections on those ports. At the very least I could try telnetting to > > > said server and see if I can connect. > > > > tcptraceroute is the utility you want. > > But to check whether SMB is blocked by my ISP, don't I have to know the > name and/or address of some server "out there" that is listening on that > port? Ah, sorry. The short answer is "no, the firewall stops packets on channel 'SMB', not packets aimed at hosts known to be 'SMB servers'". The long answer is any host outside of your ISP's networks will do. "traceroute" is the generic name of a family of utilities that send out "shortlived" packets and report on the hosts that return expiration notices. So you send out a packet with time-to-live (TTL) = 1, that gets to your gateway, TTL is 0 so it returns it because there might be a loop in the route. Now you try TTL = 2, and it gets to your gateway's gateway, which returns it, etc. At each stage it prints out times and the node reached. Presumably you know (or can guess) the domain or IP of your ISP's firewall. So send it to Bill Gates's desktop :-) and if it's blocked by your firewall you should know within three hops or so because (a) you get a TCP "administratively denied" reply, (b) you get a route loop inside your ISP's network and it never gets out, or (c) all packets with a TTL long enough to get you out of your ISP's network are dropped with no reply. The original traceroute uses ICMP because that's what ICMP is for, figuring what's up with the network (and changingin configurations, to some extent). This doesn't work for you because your ISP is necessarily filtering selectively. So you use tcptraceroute because you can set the port to SMB and/or NMB, and it uses the TCP protocol rather than ICMP, so you can use it to pretend you're trying to get to a SMB server.
- Follow-Ups:
- Re: [tlug] B Flets blocks port 25?
- From: Curt Sampson
- Re: [tlug] B Flets blocks port 25?
- From: Joe Larabell
- Re: [tlug] B Flets blocks port 25?
- Prev by Date: Re: [tlug] government getting ready to inspect your iPod, laptop without probable cause
- Next by Date: Re: [tlug] government getting ready to inspect your iPod, laptop without probable cause [C&C, perhaps]
- Previous by thread: Re: [tlug] government getting ready to inspect your iPod, laptop without probable cause
- Next by thread: Re: [tlug] B Flets blocks port 25?
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |