Well, in short.. I'm needing an IRC bouncer.. Just a personal one used by myself.. But reading your policy I'm seeing an arbitary no IRC.. Are there exceptions? The thing is.. my banwidth, my cpu time, my ip, my ram.. So how and why is there an arbitary restriction? Makes no sense to me

Thanks.

Port 6667 is blocked by our upstream for network stability reasons. It is an inherited policy and I cannot override it.

Ah, fine. Don't get me wrong, I'm still considering it.. But it would be handy to have IRC access =)

Just out of interest, are there any other ports that are blocked by unixshell or upstream?

-felix

nmap -P 0-65536 YOURHOST | grep 'filtered'

This will return all ports being filtered. If you aren't filtering the port through a firewall script, it's being filtered by the ISP...

You'll want to run this from somewhere other than your server...

NB: This is a port scan. Some ISPs don't appreciate such behavior...

Brett

nmap -P 0-65536 YOURHOST | grep 'filtered'

This is pre sales, so this is useless. If someone that has the service would like to do that and report back. fine,

So does anything else get blocked?

This is sounding like port 25 could go at random times.

Seems like this service may be pretty unreliable. 1/10th uptime of JVDS (they didn't meet it on one of my FreeBSD jails, so I received a substantial refund. but they have been up 99.9% so I am a little leary about the uptime.)

I am looking for a server with 8 ip addresses and maybe more. (low volume non-profits and small local campaigns that need a donate page.)

I am pricing user mode linux as FreeBSD jails with multiple ipaddresses are not available at the moment. The price of FreeBSD jails is so much cheaper than user mode linux that I am a little suprised.)

Only ports associated with DDoS clients and/or exploits are blocked for better network stability.

1/tcp filtered tcpmux
9/tcp filtered discard
11/tcp filtered systat
13/tcp filtered daytime
15/tcp filtered netstat
19/tcp filtered chargen
93/tcp filtered dcp
111/tcp filtered sunrpc
135/tcp filtered loc-srv
136/tcp filtered profile
137/tcp filtered netbios-ns
512/tcp filtered exec
514/tcp filtered shell
515/tcp filtered printer
540/tcp filtered uucp
593/tcp filtered http-rpc-epmap
707/tcp filtered unknown
1080/tcp filtered socks
1434/tcp filtered ms-sql-m
1900/tcp filtered UPnP
3128/tcp filtered squid-http
4444/tcp filtered krb524
5000/tcp filtered UPnP
6001/tcp filtered X11:1
6002/tcp filtered X11:2
6003/tcp filtered X11:3
6004/tcp filtered X11:4
6005/tcp filtered X11:5
6006/tcp filtered X11:6
6007/tcp filtered X11:7
6008/tcp filtered X11:8
6009/tcp filtered X11:9
6050/tcp filtered arcserve
6588/tcp filtered analogx
6667/tcp filtered irc
7000/tcp filtered afs3-fileserver
12345/tcp filtered NetBus
12346/tcp filtered NetBus
27665/tcp filtered Trinoo_Master
31337/tcp filtered Elite

If the reason that irc is blocked is due to upstream filtering, is it acceptable to connect to irc servers that offer alternative connection ports? Is it the whole protocol that is banned or just traffic to 6667?

IRC is blocked as policy (TOS). Port 6667 is blocked to help discourage breaking of the TOS.

OMFG. Thats a whole helluva lotta ports.

I'd like to voice that I am notably not happy about the UPnP port being blocked. There's hardly any unix based UPnP services, I cant imagine any distros shipping armed UPnP gear ready for exploit. I, on the other hand, plan on actively using UPnP at some point, seeing as how its what I'm developing for.

5000 is a heavily exploited port, due to Windows. We don't run Windows servers, but many customers of our DC do.

More info: http://my.brandeis.edu/bboard/q-and-a-fetch-msg?msg_id=0000F5