Mailing List Archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] B Flets blocks port 25?



Joe Larabell writes:
 > 
 > > > > IIRC, Usen blocks SMB and NMBD.
 > > > > # Joe, can you check that?
 > > >
 > > > I could if you know of some server somewhere that accepts incoming
 > > > connections on those ports. At the very least I could try telnetting to
 > > > said server and see if I can connect.
 > >
 > > tcptraceroute is the utility you want.
 > 
 > But to check whether SMB is blocked by my ISP, don't I have to know the 
 > name and/or address of some server "out there" that is listening on that 
 > port?

Ah, sorry.  The short answer is "no, the firewall stops packets on
channel 'SMB', not packets aimed at hosts known to be 'SMB servers'".

The long answer is any host outside of your ISP's networks will do.
"traceroute" is the generic name of a family of utilities that send
out "shortlived" packets and report on the hosts that return
expiration notices.  So you send out a packet with time-to-live (TTL)
= 1, that gets to your gateway, TTL is 0 so it returns it because
there might be a loop in the route.  Now you try TTL = 2, and it gets
to your gateway's gateway, which returns it, etc.  At each stage it
prints out times and the node reached.

Presumably you know (or can guess) the domain or IP of your ISP's
firewall.  So send it to Bill Gates's desktop :-) and if it's blocked
by your firewall you should know within three hops or so because (a)
you get a TCP "administratively denied" reply, (b) you get a route
loop inside your ISP's network and it never gets out, or (c) all
packets with a TTL long enough to get you out of your ISP's network
are dropped with no reply.

The original traceroute uses ICMP because that's what ICMP is for,
figuring what's up with the network (and changingin configurations, to
some extent).  This doesn't work for you because your ISP is
necessarily filtering selectively.

So you use tcptraceroute because you can set the port to SMB and/or
NMB, and it uses the TCP protocol rather than ICMP, so you can use it
to pretend you're trying to get to a SMB server.


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links