Almost all ports appear blocked on Bell Sympatico

[Guest]

Almost all ports appear blocked on Bell Sympatico

I am completely at a loss to explain why all ports except 3389 and the
MSN Messenger ports appear blocked on our daughter's Sympatico DSL
service. I have spent more time than I should working on this and am
getting nowhere-even with the help of Sympatico "level-2" service
personnel. Has anyone got any idea what is going on?

First, Sympatico personnel claim they are not blocking any ports except
ports like 21, 25, and 80 that are specific to heavy-use server
applications. Nonetheless, three different scanners all show
everything as closed or "connection refused."

Our daughter is using a Speedstream 6520 supplied by Bell.

Here is what I have tried to date:

1. Removing the Linksys router she normally uses. Normally she uses
the Bell modem-router in "bridge mode." In that mode, the firewall
in the Bell modem-router is theoretically disabled.
2. Checking repeatedly to ensure that both the XP firewall and the
anti-virus firewall are disabled.
3. A different machine with a different anti-virus service.
4. Completely removing anti-virus service temporarily.
5. Static-ip connection to Bell modem-router.
6. Connecting with the Bell modem-router and DMZing the test computer
(direct
Ethernet-cable connection). All other ports still show closed.
7. Connecting with the Bell modem-router and TCP port-forwarding common
gaming ports (e.g., "Battle-Net's" ports: 6112-6119). In this
case all other ports except the forwarded ports timeout (scan takes
much longer than without port forwarding-without everything gets
reported as "closed" very quickly). The forwarded ports are
reported closed.
8. Getting a replacement Speedstream 6520 from Bell. Nothing changes.
9. Disabling all startup apps with msconfig. Nothing changes.
10. Getting frustrated. Nothing changes.

I did some searching on the web for discussion of blocked-port problems
with Sympatico and found almost nothing which leads me to believe they
are not, as a matter of general policy, blocking everything, or nearly
everything.

I am completely stumped at this point. Does anyone have any ideas
about what might be going on here?

Thanks in advance!

 

[Bob]

Ports are only open if you have something running on them.
What do you expect to see open?

 

[Kurt]

An ISP wouldn't be able to do much business if they blocked all the ports.
Where are you scanning from? What are you scanning? Even a port scan will
only show open ports. What ports are you listening on? Or, better, what
exactly are you trying to accomplish? Maybe the good proctors and peasants
in the group can make a few suggestions on how to get it to happen.

....kurt

 

[Daphne Foldes]

Hello

Do you have ZA installed or another like Kerio?

 

[Don McCallum]

In very simple terms ....

Ports are open if a service is running and can answer a request.
Ports are closed if the system answers rather than a service.
Ports are stealth if no answer is received.

Try a port check from this URL

https://www.grc.com/x/ne.dll?bh0bkyd2

Don

 

[Guest]

First, my sincere thanks to all the thoughtful reponses to my initial
message!

What started this quest was an attempt to connect to a
password-protected ftp site on my main home machine (yes, I am aware of
the risks of ftp's unencrypted password mechanism and only turn the ftp
site on when I know someone is going to use it) using a non-standard
port (Sympatico does block port 21). Given the way FTP works and given
that passive mode fails, my idea was to identify the FTP data-return
port with the well-known P1 X 256 + P2 formula, open that port, and
hopefully this would work. This led to using several well-known
scanners (e.g., canyouseeme and whatsmyip.org) and my shock at finding
that even ports like 443 (SSL) which definitely should be open on our
daughter's machines, I think, weren't.

Our daughter uses Norton AntiVirus. As I mentioned in the initial
post, I disabled it and eventually removed it entirely temporarily as
part of testing. She is not using Zone Alarm or Kerio.

I hope this helps.

BTW, I've been unable to get a VPN service to work on the home machine
(XP Pro, SP2). The setup seems to go fine. Port 1732 is open there.
But authentication from a remote computer never works--hence attempt at
FTP solution.

Again, thanks for any help!

 

[Guest]

Thanks--I actually went to this site earlier and for some reason didn't
use its scanner. I will do so, however, and report back to the group
since it seems much more thorough than the others.

 

[Guest]

Ran a ShieldsUp scan with everything disabled and came back with the
following.

Results from scan of ports: 0-1055

1 Ports Open
1049 Ports Closed
6 Ports Stealth
---------------------
1056 Ports Tested

The port found to be OPEN was: 135

Ports found to be STEALTH were: 25, 136, 137, 138, 139, 445

Other than what is listed above, all ports are CLOSED.

So I gather this means all problems are router/NAT related.

Thanks again to those who replied. I will report back on my
success--or lack thereof.

 

[Dan]

Ran a ShieldsUp scan with everything disabled and came back with the
following.

Results from scan of ports: 0-1055

1 Ports Open
1049 Ports Closed
6 Ports Stealth
---------------------
1056 Ports Tested

The port found to be OPEN was: 135

Ports found to be STEALTH were: 25, 136, 137, 138, 139, 445

Other than what is listed above, all ports are CLOSED.

So I gather this means all problems are router/NAT related.

Thanks again to those who replied. I will report back on my
success--or lack thereof.

I warn you that your machine is not safe from hackers and port scanning.
I urge you to increase your security ASAP. In this scan, my machine
comes back with a notice that all my ports are stealthed and I pass the
test which is ideal.

http://www.grc.com/port_135.htm

I use Zone Alarm Pro. for my software firewall, have a hardware firewall
in my router and disable unneeded services to increase my Internet
security. A multi-layered approach is essential and critical for
security for all users in this day and age. Even home users especially
those with broadband (aka DSL Cable Satellite etc.) are targeted to be
used by hackers for spamming or more nefarious purposes. I would be
careful about having any personnel information on my computer even with
strong 256 bit encryption because there can always be a backdoor into a
computer that you may not know about.

 

[Guest]

I would never leave a machine unprotected by a firewall for more than a
momentary test. These results were simply to try to get my head around
what is happening.

Here is the final surprising state of play on all of this which I still
can't explain even in light of the very helpful messages I have
received.

Using shields up and momentarily DMZing my main home machine I
discovered that Sympatico is NOT blocking port 21 so I reset my FTP
service on that machine to the standard port 21. It works fine with
another test client but our daughter's machine--even with firewall
disabled and a known, working DNS server explicitly in the tcp-ip
setup, can't find my server on ftp (no problem to my web site on the
same machine--I have DDNS).

Any ideas on why her machine, even with all firewalling off and a known
functioning DNS server explicitly entered in tcp-ip configuration can't
find my ftp server while another client has no problem doing so???

Again, thanks to all for the help!!!

 

[Guest]

One final note on security. I never place any financial or other
strictly "personal" information on any computer beyond the very
occasional transitory SSL transaction so I presume I am secure in that
respect but I appreciate the concern.

 

[Dan]

One final note on security. I never place any financial or other
strictly "personal" information on any computer beyond the very
occasional transitory SSL transaction so I presume I am secure in that
respect but I appreciate the concern.

You are most welcome. I am glad you appreciate the concern because we
all need to be really careful what with increasing identity theft and
other problems in our society. I wonder if spyware or malware are
causing problems on the machine. Have you checked for viruses, malware,
spyware, rootkits, etc. and what tools have you used?

 

[Guest]

My daughter has the full Norton suite. I've also tested her connection
with my laptop which has the full Trend suite. I haven't gone looking
for rootkits, however.

 

[Dan]

My daughter has the full Norton suite. I've also tested her connection
with my laptop which has the full Trend suite. I haven't gone looking
for rootkits, however.

Ah, you mention Norton. A number of posters have had trouble with
Norton products and there may be something in Norton that is causing
your problem but I also would try to make sure the machine is fully safe
too.

 

[Guest]

I think the finger is probably pointing in the direction of Norton.
Does anyone know if Norton blocks FTP in some way.

I have now set up "port triggering" for ftp on ports 20 and 21 on our
daughter's router (a Linksys) and forwarded ports 20 and 21. FTP to my
home site is working perfectly on my laptop (Trend) but I keep getting
a DNS error in Internet Explorer. I can ping the ftp address on her
machine and I get a DNS error from Internet Explorer even if I type in
the ip number currently assigned at home (I have DDNS and my main
machine is on a static local ip).

Any ideas--I've tried disabling Norton to no avail!

 

[Guest]

I tried disabling all Symantec-related apps and services in msconfig
and rebooting on our daughter's main computer. Still no luck--IE
produces a DNS error trying to go to my FTP site. It works fine,
however, with Micosoft's ftp site so it's something specific to my
site.

We've now tried two computers on the same home network and both can now
access my site with no problem??????????

 

[Guest]

I tried disabling all Symantec-related apps and services in msconfig
and rebooting on our daughter's main computer. Still no luck--IE
produces a DNS error trying to go to my FTP site. It works fine,
however, with Micosoft's ftp site so it's something specific to my
site.

We've now tried two computers on the same home network and both can now
access my site with no problem??????????

 

[Guest]

Found the last remaining problem--a configuration problem with IE. It
was not configured to display folders.

Many thanks again to all of you who responded. I've learned a lot this
morning and solved a vexing problem thanks to you!

 

[Guest]

Found the last remaining problem--a configuration problem with IE. It
was not configured to display folders.

Many thanks again to all of you who responded. I've learned a lot this
morning and solved a vexing problem thanks to you!

 

[Guest]

Found the last remaining problem--a configuration problem with IE. It
was not configured to display folders.

Many thanks again to all of you who responded. I've learned a lot this
morning and solved a vexing problem thanks to you!