What ports do normal broadband providers block?

Just wondering what normal broadband providers block. I know for a fact port 80 is being blocked, and I've also heard the SMTP is sometimes blocked, but are POP and IMAP usually blocked as well?

Btw if you've got specific info regarding Comcast cable modem service in the Los Angeles area that would be the most relevant.

-b

I know Charter cable service in Cookeville, TN didn't block port 80. Amazing the crap that comes up in apache's log when you run expossed there.

I'm in Chattanooga, TN on Comcast cable now, and have never tried port 80. Since I'm yet to learn unix or a clone, and will be damned before misleading myself into "securing" a windows server, I rely on obscure high-order ports to run my services Takes that extra client-config step, but most of the time it's me, or someone who's at least that competent accessing it. It does keep most of the 1337 evils out of my box, though.

just ssh to an outside box and run nmap against your ip address and you'll see everything open.

Thanks, I'll check it out. One quick question, since my server is behind a router (with the correct ports being forwarded to the right box) should this still work?
-b

WARNING!! DANGER WILL ROBINSON!!!

ISPs get pissed off when you port scan something on their network... even if you're port scanning yourself... it only takes one time for them to happen to notice it, decide you're a "troublemaker", and kick you off their service. If you keep doing it, the odds jack up that they notice. Stupid as it is, it's their network, and if they want to kick you off of it, they can - they don't have to be "fair" or "use common sense". If you're going to nmap yourself you might want to get approval (written) before-hand to do so...

presumably, but I don't know for sure.

if you decide to get approval though, then you can just ask what ports are blocked.

Thanks for the input guys. Yeah I wanted to do it without my ISP's intervention just because it sucks dealing with them and I don't want to draw attention to myself so they can say we don't want you to do that, thanks for letting us know and then restricting me even more.

Unrelated, but this reminded me of a time when a buddy sysadmin was working at a startup during its early beginnings and he was complaining to PacBell about downtime for their DSL and he made the mistake of saying, "This is my business, we're paying for business class DSL and we expect a certain amount of uptime..." to which the operator he was working with replied, "actually, I'm showing your account to be a home account (even though it wasn't in a residential area) business cost $$ more..." That kinda shut my buddy up and he promptly hung up and resumed waiting for the DSL line to come back up...


-b