bergman on 16 Apr 2008 13:01:33 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] wifi in phillie

In the message dated: Wed, 16 Apr 2008 15:19:46 EDT,
The pithy ruminations from brent saner on 
<Re: [PLUG] wifi in phillie> were:
=> Hash: RIPEMD160
=> Daniel W. Ottey wrote:
=> | Sad that they might be blocking outbound port 22.  If this is a home
=> | server you're connecting to (or at least one you can hop through),
=> | you could try running your home SSH server on port 443 (or some
=> | other more common port?) as well.  That is how I get around port 22
=> | outbound being blocked at my company.
=> |
=> | -- Dan
=> or set up a VPN, ideally. more secure AND it guarantees you'll get
=> access to all your ports.

Huh? Assuming that Cosi was actually blocking ssh, they could just as easily be 
blocking ports & protocols that your VPN relies upon.

If you really want "universal" remote access, I'd suggest (in rough order of
ease of administration vrs. personal hassle vrs. chance that your traffic will
be filtered):

	run the service on port 443 on the remote machine (BTDT)

	run the service on port 80 on the remote machine (BTDT)

	run the service on port 53 on the remote machine

	connect to the service via a tunnel to port 53 on the remote machine
	connect to the service via an ICMP tunnel to the remote machine

See: (note the date!)
for some of the many examples.
=> this isn't saying anything against you, ugarit, but i am skeptical
=> that port 22 was blocked as i've yet to find a SoHo-type AP that does

It's not the AP...most are perfectly capable of blocking's the 
configuration...and most are not configured to block anything.

=> this. what sort of symptoms did you see that led you to think it is
=> blocked? did you try to telnet to it?

One thing to remember about Cosi...and many that after you get 
an IP from their AP, all non-port-80 traffic* is blocked and port 80 traffic is 
proxied to their website where you must agree to their terms of service. Once 
you agree, the IP filtering is turned off. Perhaps the original poster 
established an OSI Layer 4 (TCP/IP) connection, but never connected to the Cosi 

	* yes, other ports & protocols pass unfiltered before you agree to the
		ToS, but most (all?) non-port-80 TCP/IP traffic is filtered,
		meaning that the connection is pretty useless unless you have
		configured a tunnel in advance

=> - --
=> Brent Saner
=> 215.264.0112(cell)
=> 215.362.7696(residence)
=> Bill Gates is to hacking as Sid Vicious was to the Sex Pistols: no
=> talent, everyone hates him, and he's just in it for the fame and money.
=> pub   1024D/832D950A 2008-01-26
=> uid                  Brent Timothy Saner <>
=> uid                  Brent Timothy Saner (ACE Technology Group,
=> <>
=> sub   4096g/1C18F61D 2008-01-26
=> (
=> 91EC 3B91 17E3 84E8 662A
=> 9911 F2ED 9987 832D 950A
=> Version: GnuPG v1.4.3 (GNU/Linux)
=> iD8DBQFIBlFR8u2Zh4MtlQoRA4UjAJwOdwI2oDqUpa6hfgy1XUxsxWCf9gCfRcdb
=> 9XM5Q6Wv33dmq7PAK5bfmmc=
=> =JE9y
=> -----END PGP SIGNATURE-----
=> ___________________________________________________________________________
=> Philadelphia Linux Users Group         --
=> Announcements -
=> General Discussion  --

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --