 |
|
|
|
|
|
|||||||
 |
|
|
Thread Tools | Search this Thread | Display Modes | |
|
|
||||
2011-11-22, 01:51 PM
|
#1 |
|
Rookie
Join Date: Sep 2010
Posts: 7
|
FibreOp blocking incoming connections on port 22
Hey folks,
I'm currently living in the Saint John, NB area and have had fibreop for at least 6-8 months now. So far loving it. I frequently access my home pc over port 22 (using SSH). However, since last thursday (Nov. 17, 2011), i am no longer able to connect. I've confirmed this with a few of my friends who also have FibreOp. It is affecting all of us. Wondering if any other FibreOp subscribers out there are experiencing this issue as well? I've tried calling bell-aliant technical support multiple times now and unfortunately it has gotten me no where. I've already wasted at least 3 hours with them. They continue to ask me questions about my router configuration etc. I've already ruled out the possibility that it is related to my connection. The last call to technical support results in a supervisor telling me that i should call my area manager... which i may do. Has anyone out there noticed this problem ? -DaViS |
|
| Sponsored Links | |||
Advertisement | |||
|
2011-11-22, 02:02 PM
|
#2 |
|
Join Date: Nov 2010
Location: Riverview, NB
Posts: 761
|
I just confirmed this. Configured a port forward for port 22, did an nmap, confirmed not open. Changed it to port 23, did an nmap, boom - open.
Seems like they are indeed blocking port 22... which is strange. That's a port I would never consider blocking. Port 80? Sure. Port 25? Yeah. Port 22? Why the heck would you do that? |
|
|
|
2011-11-22, 02:55 PM
|
#3 |
|
Rookie
Join Date: Sep 2010
Posts: 7
|
Yah, it's annoying. You wouldn't believe the conversations i've had with tech support. One of them told me to type "Why is port 22 blocked" into google to see why... brutal!
Anyway, my assumption is that it may have been a misconfiguration, or somethign that was meant to be temporary while troubleshooting a network issue (ie. attack etc). Either way, i can't seem to get an answer on this. After a lot of dealing with tech support, they told me there was nothign they could do and that i should contact my local area manager to take it further... not sure if this will go anywhere ... doubtful. Maybe if everyone on the forums calls ? :P |
|
|
|
2011-11-22, 02:55 PM
|
#4 |
|
Join Date: Nov 2010
Location: Riverview, NB
Posts: 761
|
Some experimentation with my Actiontec shows that the SSH server may be accessible from the internet. They probably blocked it to prevent abuse.
|
|
|
|
2011-11-22, 03:16 PM
|
#5 |
|
Rookie
Join Date: Sep 2010
Posts: 7
|
I've done some testing myself and port 22 is definitely blocked for incoming connections from the internet as well as from inside the FibreOp network.
On the other hand, port 22 incoming is NOT blocked for Bell-Aliant customers using DSL high speed internet. The fact that they have only blocked on FibreOp and not on DSL makes me think it could be a mistake. |
|
|
|
2011-11-22, 03:18 PM
|
#6 |
|
Join Date: Nov 2010
Location: Riverview, NB
Posts: 761
|
The Actiontec router is not used for DSL service so they would have no reason to block on that network since it wouldn't have the same security hole.
|
|
|
|
2011-11-22, 03:25 PM
|
#7 |
|
Rookie
Join Date: Sep 2010
Posts: 7
|
Ahhh, i have the older 2Wire router from bell-aliant. Don't think it exposes an ssh server. Maybe they've had some customers whose actiontec routers have been attacked on this port/service?
|
|
|
|
2011-11-22, 03:32 PM
|
#8 |
|
Join Date: Nov 2010
Location: Riverview, NB
Posts: 761
|
That's what I'm thinking, or it was just noticed and the quickest solution was to block port 22 until a suitable firmware update could be pushed out.
|
|
|
|
2011-11-22, 06:06 PM
|
#9 |
|
Rookie
Join Date: Nov 2011
Location: Greater Moncton Area
Posts: 7
|
Just my $.02 but may wish to use a non-standard ssh port to reduce your exposure anyway? That is of course unless the app you are using does not allow you to modify how you connect.
|
|
|
|
2011-11-22, 06:41 PM
|
#10 |
|
Rookie
Join Date: Sep 2010
Posts: 7
|
I would if I could but unfortunately the place where I most often connect to home from blocks almost all outgoing ports. Port 22 is one of the few that are open.
|
|
|
|
2011-11-23, 08:34 AM
|
#11 |
|
Join Date: Apr 2008
Posts: 77
|
They may be using port 22 internally to manage your router.
I will check once I get my non actiontec router running. |
|
|
|
2011-11-23, 08:36 AM
|
#12 |
|
Join Date: Nov 2010
Location: Riverview, NB
Posts: 761
|
TR-069 (http://en.wikipedia.org/wiki/TR-069) is what is used to manage it from their stuff.
|
|
|
|
2011-11-30, 02:19 PM
|
#13 |
|
Rookie
Join Date: Nov 2011
Posts: 2
|
I've asked around and a few of us have noticed this as well. I can ssh using a different port as well, but even after rebooting the router and the fiberOP "modem", I still can't ssh to port 22.
If anyone has numbers to call or emails to send, post it here so we can all complain together  BTW, I am in Fredericton. Last edited by newlix; 2011-11-30 at 02:20 PM. Reason: Added location |
|
|
|
2011-11-30, 02:26 PM
|
#14 |
|
Join Date: Aug 2006
Location: Fredericton, NB
Posts: 84
|
Hey chickendavis, the place that I connect to with SSH blocks all outbound ports too, what a co-incidence!
Anyway what I always did is run my SSH on port 443, since HTTP / HTTPS is unblocked it is allowed through! |
|
|
|
2011-12-01, 12:41 PM
|
#15 |
|
Rookie
Join Date: Nov 2011
Posts: 2
|
Well, brunes and chickendavis, I can't use port 80 or 443 for ssh, but I was able to use 1863 (the msn port) which is also allowed out...
But still, it just seems wrong that an ISP would block port 22 - if anyone finds someone to bug (like the people actually responsible for the firewalls at the ISP), post it here so we can all bug them 
|
|
|
|
«
Previous Thread
|
Next Thread
»
| Thread Tools | Search this Thread |
| Display Modes | |
Linear Mode
|
|
All times are GMT -4. The time now is 08:06 AM.
Search Digital Home