From: "David"
| I'm a new residential Verizon DSL Customer hoping to play with a Web | Server on my home computer, but it seems my computer is invisible from | the outside world on all ports -- not just port 80. | | I've heard others discuss that Verizon blocks inbound Port 80 in some | markets, but I see that all inbound ports are blocked. I have my | Westell Modem/Router set to Single Static IP, with all of my firewalls | disabled, and a "Shields Up" report from
formatting link
shows that | the first 1056 TCP ports are stealthed: | | "Your system has achieved a perfect 'TruStealth' rating. Not a single | packet - solicited or otherwise - was received from your system as | a result of our security probing tests. Your system ignored and refused | to reply to repeated Pings (ICMP Echo Requests). From the standpoint of | the passing probes of any hacker, this machine does not exist on the | Internet." I did this same test with my computer connected to the | Internet via my dialup ISP, and I see that the ports are all visible | but closed. What is Verizon doing? | | Has anybody else experienced the same thing? If I believe what I am | seeing, then I'd think it would be impossible for any Verizon DSL | customer to run any P2P software, instant messaging apps, or anything | that has a TCP socket server. | | David
David:
First let me suggest the Verizon private News Group...
news://news.verizon.net/0.verizon.adsl
In the former BellAtlantic regions incoming port 80 is blocked. In former GTE regions, it may not be. Based upon your posting IP address, you are most likely a former BellAtlantic customer. However, hosting a web server on Verizon is a violation of the Authorized Use Policy (AUP) so I suggest you read it before you decide to host a server on your residential Verizon DSL account.
When you are using a Router or a Router/modem combo than it uses Network Address Translation (NAT) and that will block non-specific TCP/IP requests. You stated "...refused to reply to repeated Pings (ICMP Echo Requests)." That is usually a Router setting that can be enabled or disabled depending upon vendor and model. I use a Linksys BEFSR81 and specifically; enable "Block WAN Request", disable "Remote Management", disable "Remote Upgrade" and enable "Filter IDENT(port 113)". This helps to make my SOHO LAN behind the Router more secure and the Router and LAN less likely to be the target of a hacker.
You "can" host a server through a Router (including P2P software) if you know what TCP/UDP ports are being used and you "port forward" to a LAN IP address.
Many VOL users host web servers on Verizon by not using TCP port 80 but by using TCP port
8080 or other TCP port. Then they configure their http Daemon to host using that port. Then you access the server via a URL such as http://host_IP:8080/ The other problem that comes into play is the dynamic host addressing of residential DSL. What was your IP address Yesterday, may not be the same IP address Today. Thus one has to use the services of DynamicDNS ($$).
Now let's say that you host is on IP address 192.168.1.42 using TCP port 8080. You would have to configure the Router to forward TCP port 8080 requests on the WAN side to go to
192.168.1.42 on the LAN side.
The other option is to place the host in the DMZ. That is you would have to configure the Router's DMZ address to be 192.168.1.42.