What is the best port to use to bypass a firewall

00squeaky · - Joined: 11 May 2004 Posts: 60

Had any luck with this?
i cant find a port THAT WORKS that will let me get by my firewall, nd router.
i need it to accept both incoming AND outgoing connections.
_________________
Languages mastered:
HTML,GML,C,PHP,MYSQL (not really a language, but wtf)

iNaNimAtE · Posted: Tue May 11, 2004 4:04 am Post subject:

21208.
_________________
Bienvenidos!

Anonymoose · - Joined: 09 Sep 2003 Posts: 2192

There is no port that will magically bypass a firewall. They wouldn't be very good firewalls if that was true...

You may be able to get traffic going on some ports, however, there is no 'best' port. There are worst ports - any that a known service runs on that ISPs may block, e.g 22 - SSH, 25 - SMTP, 80 - HTTP, 110 - POP3 etc. Basically, anything under 1024 is a no-no. The upper limit is 65335. For a full list of known ports, try this :

http://www.graffiti.com/services

However... When you say you need a port to get you by *your* firewall and *your* router, you should be able to use any port - since you control the firewall and the router, you can control what ports are open. Any decent firewall will prevent traffic passing through on *all* unauthorised ports, and any unconfigured router will just drop unexpected inbound traffic.

If you are behind a corporate firewall or other firewall you do not control, there may be ports on which you can manage to sneak out outbound traffic (port 53, DNS, may work) and some IM services actually listen on these ports to allow you to 'bypass' the firewall. For example, you can connect to the ICQ network on port 53 if you reconfigure your client. However, you will not find *any* port that works for inbound traffic to your machine without some reconfiguration being done to the firewall by the administrator, unless you already have a public IP and the firewall is lax. If you have a private IP (ie you are on a NAT'd connection) you will not be able to get inbound traffic without reconfiguration of the firewall if it is set to block unauthorised traffic.

00squeaky · - Joined: 11 May 2004 Posts: 60

thanks anonymoose.
i was looking for a site like that. but, does ANYone know how to configure abyss so it could get by your firewall?
_________________
Languages mastered:
HTML,GML,C,PHP,MYSQL (not really a language, but wtf)

Anonymoose · - Joined: 09 Sep 2003 Posts: 2192

All you can do is change the port Abyss is running on and hope you find one that is not blocked by your ISP. As I said above, on a corporate level, if you have been given a private IP address and Abyss isn't working, there's no way you'll be able to serve unless your administrator makes changes to the routing/firewall for you. There's simply no other options available to adjust.

Any good IDS will be able to detect that the traffic from Abyss is HTTP and block/log it. Any good personal firewall will have checksums for the applications which have been given permission to access the internet - renaming Abyss.exe to say IExplore.exe won't work. You can't just change the port and expect to get access to the internet if it has been blocked by a firewall.

TRUSTAbyss · - Joined: 29 Oct 2003 Posts: 3752 Location: USA, GA

Hey Anonymouse , did you get my private message ?

Anonymoose · - Joined: 09 Sep 2003 Posts: 2192

I did. As soon as I get chance to write it up I will, but as I said before, I basically just followed the tutorial I already gave a link to.

TRUSTAbyss · - Joined: 29 Oct 2003 Posts: 3752 Location: USA, GA

Ok , I will try and install it on my
own but it would be nice to see a
good tutorial on STunnel !