Brandon Holland wrote:
>Our ISP blocks certain ports highly used by trojans (we can ask them to
>remove a certain rule on an individual basis) but my question is, from
>what "PORT pool" does m0n0 get the "available" ports for use?
>Because, I guess if m0n0 tries a port that has been blocked, the
>connection just dies, and it becomes a lost packet.
>I'd like to be able to manually set the list of ports it can use if the
>"default" list is unacceptable. Is that configurable?
>I wouldn't think that the firewall would think "well, this port NEVER
>responds, it needs to be marked as unusable" and even if it did, a
>reboot would "fix" that, huh?
>An interesting thought,
>Brandon Holland ( <mailto:brandon at cookssaw dot com> Brandon at Cookssaw dot com)
>Cooks Saw MFG, LLC ( <http://www.cookssaw.com> www.CooksSaw.com)
> "Leading the bandsaw Industry
> by providing tomorrow's innovation today"
>160 Ken Lane
>Newton, AL 36352 (Click for map)
> Ph: 1-800-473-4804 [ (334) 692-5074 ]
> Fax: (334) 692-3704
Does your ISP block outbound ports? I have heard of many that block
inbound ports. E.g. they won't let you run a HTTP, SMTP, or other
standard servers with your "residential" account.
If they are blocking outbound ports you really have some issues with
them... or at least should. That just isn't cool of them, no matter the
reason. Chances are more and more trojans will be using standard ports.
E.g. of some that have are like bugbear, SQL Slammer, CodeRed, etc.
They all used the standard ports for the applications they targeted. :(