dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
3213
share rss forum feed

Puremin0rez

join:2012-02-22

Port 4444 - Can we get an unblock?

Some services I need/want to use are using port 4444 - Apparently WOW blocks this port because of some worm from awhile ago.

Is there any chance this port can be unblocked? It's a little obscure to be blocking ports like that.



aes128

join:2003-12-19
Saint Clair Shores, MI

said by Puremin0rez:

Some services I need/want to use are using port 4444 - Apparently WOW blocks this port because of some worm from awhile ago.

Is there any chance this port can be unblocked? It's a little obscure to be blocking ports like that.

This is interesting. I have a Linux box on WOW so I tried a telnet to it on 4443, 4444, and 4445 and 4443 and 4445 got through as I was doing a tcpdump at the time and saw the traffic. As for port 4444, nothing so yes it seems blocked for inbound. 445 is also blocked inbound it seems but who would want that open?

Still I personally would allow all inbound, I mean WOW is not your firewall but I do not have a big deal with them blocking 445 but 4444? Really?

I do this for a living (security) and I would lift the 4444 block. Sometimes at Chrysler we put in a block for some virus outbreak but usually we remember to take it out later.

So Dan...

What's the deal with 4444?


mix

join:2002-03-19
Utica, MI

A conclusive list of blocked ports (whether they be inbound or outbound) might be useful.



aes128

join:2003-12-19
Saint Clair Shores, MI

said by mix:

A conclusive list of blocked ports (whether they be inbound or outbound) might be useful.

This would be nice really....

What inbound ports does WOW block?

Puremin0rez

join:2012-02-22
reply to Puremin0rez

Yes this block also completely blew me away because I really thought it was one of my home firewalls or something. It took hours until I came across a post here on DSL about someone complaining about the block back in 2006 and the only response was pretty much saying yeah it's blocked, oh well.

No offense to WOW but I do not think they should block obscure ports like that. I have no problem with 80, etc. but why is a port that was used by malware in the early 2000s still blocked?

Apparently the worm that used this was called Win32.Wormblaster or something.

Anyways Dan I hope you can chime in and possibly forward an appeal for this port to someone of better power.

Although it does make me wonder what other ports are blocked... I know Time Warner used to block 1337 because of malware once again - but at least they undid the port after the "outbreak" was done.



Bill_MI
Bill In Michigan
Premium,MVM
join:2001-01-03
Royal Oak, MI
kudos:2
Reviews:
·WOW Internet and..
reply to aes128

said by aes128:

What's the deal with 4444?

I was wondering the same. Seems it's used by the Blaster worm and others:
»www.speedguide.net/port.php?port=4444


aes128

join:2003-12-19
Saint Clair Shores, MI

I suppose I could have grc.com do a full scan of my Linux PC and then watch the logs since it has it's own firewall. If I see a local drop then it's not blocked and if I do not see the port at all it's a WOW block. I know they do not block 22 since I use this often for remote access.



Bill_MI
Bill In Michigan
Premium,MVM
join:2001-01-03
Royal Oak, MI
kudos:2
Reviews:
·WOW Internet and..

1 edit

GRC is one way to do a range but it won't do more than 64 consecutive ports. It would have to be run 1024 times.

Years ago I used nmap but you need to run it from a remote host.

EDIT: GRC's "All Service Ports" does the first 1056 (0-1055) but that doesn't help much.



mix

join:2002-03-19
Utica, MI

I scanned all 65535 service ports of my OpenWRT router connected to my WOW cable modem using nmap and the tcp ack scan (from my linux vps). Here are the results:

PORT STATE SERVICE
37/tcp filtered time
53/tcp filtered domain
87/tcp filtered priv-term-l
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds
593/tcp filtered http-rpc-epmap
2745/tcp filtered unknown
3127/tcp filtered unknown
4444/tcp filtered krb524

A UDP scan would take much longer... Anyone care to confirm these inbound ports are also being filtered for themselves?



WOW_Dan
Premium
join:2011-03-24
Naperville, IL
kudos:31

Long story short, TCP port 4444 is still blocked. This is only blocked from the internet towards your modem, not from your modem towards the internet. This port is not able to be unblocked.


adymax

join:2012-03-14
Rolling Meadows, IL

Why? You told me 2 month ago WOW doesn’t block any ports.


Puremin0rez

join:2012-02-22

1 edit
reply to WOW_Dan

said by WOW_Dan:

Long story short, TCP port 4444 is still blocked. This is only blocked from the internet towards your modem, not from your modem towards the internet. This port is not able to be unblocked.

Why is it not able to be unblocked? I'm trying to access a game server and cannot do so because of this block... I mean, I'll live.... but I just think it's pretty crappy that I can't play a game with my best friends because of WOW acting like my firewall - I just don't like the fact that its forcibly blocked and there is no way to open it on a person by person basis.

Don't get me wrong, I love WOW and am rarely disappointed - I've always bragged about having no caps and the ability to mess with almost every setting on my modem without being locked down... but this is one of those times where I see my friends on different providers having fun and because of a limt on my ISP, I cannot also enjoy the fun - it just sucks, you know?


WOW_Dan
Premium
join:2011-03-24
Naperville, IL
kudos:31

said by Puremin0rez:

said by WOW_Dan:

Long story short, TCP port 4444 is still blocked. This is only blocked from the internet towards your modem, not from your modem towards the internet. This port is not able to be unblocked.

Why is it not able to be unblocked? I'm trying to access a game server and cannot do so because of this block... I mean, I'll live.... but I just think it's pretty crappy that I can't play a game with my best friends because of WOW acting like my firewall - I just don't like the fact that its forcibly blocked and there is no way to open it on a person by person basis.

Don't get me wrong, I love WOW and am rarely disappointed - I've always bragged about having no caps and the ability to mess with almost every setting on my modem without being locked down... but this is one of those times where I see my friends on different providers having fun and because of a limt on my ISP, I cannot also enjoy the fun - it just sucks, you know?

It was blocked due to multiple worms/trojans that use that port. I brought this issue up today and upon further investigation, they're is still traffic attempting to get to our users via the internet on this port, meaning there is still cases of these worms/trojans out there. This traffic also used to eat up a lot of bandwidth and cause issues on the network, so even if you're not infected, other infected customers could in turn degrade your service. I can followup on this on Monday, but as it stands, TCP port 4444 will be blocked from the internet to our users.
--
Dan Della Terza
WOW! Internet, Cable & Phone
Network Operations Center

Puremin0rez

join:2012-02-22

said by WOW_Dan:

It was blocked due to multiple worms/trojans that use that port. I brought this issue up today and upon further investigation, they're is still traffic attempting to get to our users via the internet on this port, meaning there is still cases of these worms/trojans out there. This traffic also used to eat up a lot of bandwidth and cause issues on the network, so even if you're not infected, other infected customers could in turn degrade your service. I can followup on this on Monday, but as it stands, TCP port 4444 will be blocked from the internet to our users.

Okay, thanks for at least looking into it.