[SATLUG] Blocked ports on college campus
j at jvpappas.net
Tue Oct 21 14:35:06 CDT 2008
On Tue, Oct 21, 2008 at 13:14, Samuel Leon <satlug at net153.net> wrote:
> Just recently St. Phillips only allows outgoing connections to destination
> ports 80 and 443 on their public wifi. So that means no irc, no instant
> messaging, no email, and no SSH. This can't be! To my knowledge I only
> have 2 options, ssh or vpn. I do have one remote server that has a free
> port 80 open so I can get ssh listening on that (to connect with ssh -D) or
> some kind of vpn software. I am not sure which would be easier. If I use
> vpn I would like to use ipsec but I don't have to. I am also afraid that
> with vpn it would have to be tied in with the ip address on my laptop which
> might change subnets depending on which access point I am connected to at
This may not completely address your issue, but you could use Ulteo or
g.ho.st (http://g.ho.st/?language=en) for an online desktop via http/s
ports, then surf/email/etc from those systems.
I am not surprised that they block SSH. That port makes it nearly trival to
bypass any perimeter security. I use it all the time to tunnel to my
personal squid proxy so that I can have unfettered/unmonitored web access.
I usually do not need the other ports, as I try to keep all my services
web-accessible. If I do need other things, I use SSH to tunnel NX to my
systems, then use the apps from there.
There are several SSL VPNs that could probably limit traffic to 80/443. For
example, OpenVPN can use a HTTP proxy for its work, so that would limit
"last-mile" ports to 80/443.
More information about the SATLUG