US Cable Support > Comcast HSI > FAQ # 10778 Blocked Ports

FAQ # 10778 Blocked Ports

I don't know, open up those ports on your firewall and let me telnet to em :P

I only have a Comcast e-mail account. Comcast is not my ISP yet. Maybe someone else would be so kind to try this.
--
Write me up for 125.......I Can't Drive 55 »redrocker.com/ »cabowabo.com/

reply to Johkal
I just tested and all that seems to be blocked in my area are 135-139, and 445. I think it is somewhat region dependant however.
--
Asking those who disagree with you to find support of your arguements is like asking an assailant if you can borrow his gun.

reply to Johkal
From what I know, the ports 53, 55, 77, 135 - 139 and 445 are blocked and no others. I do not know about 1080. I'll have to look into that one.

reply to Johkal
if I knew of any other way to test, I would. the only way I know of is to open those ports on another box within comcast's network and try to connect to it

reply to Johkal
I could be wrong,but i think all the info in this FAQ is still good.

reply to Johkal
I only tested the the ports mentioned in this thread and found that 135-139, 445, and 1080 were blocked. I'm in Augusta, GA, so YMMV.

reply to Johkal
So far it's been verified that these ports are blocked:
135-139
445
1080

Still need to verify:
67
68
520

Per MrChupacabra ; these ports may be blocked.
Need to verify:
53 Not Blocked (per NetFixer )
55
77
--
Write me up for 125.......I Can't Drive 55 »redrocker.com/ »cabowabo.com/

I just temporarily disabled the software firewall on a Windows server and placed it in the DMZ on my Comcast router.

I can verify that Comcast is not blocking TCP port 53.

Ports 53, 67, 68 and 520 are usually associated with UDP rather than TCP, and UDP blocking is a bit more difficult to detect with an external passive port scanner. I suspect however, that Comcast and most ISP's who use DHCP for their clients would be blocking UDP ports 67 and 68 since otherwise a client's DHCP server could interfere with the ISP's network. Blocking port 520 UDP (RIP) is also difficult to detect, but it would make sense for an ISP to block it to prevent interference with their own routers.
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.
Test your firewall.

reply to Johkal
Some of these are probably blocked in the .config file as well.

For this to be successful, we need to establish some kind of common testing methodology instead of having everybody fend for themselves and create their own impromptu tests, otherwise we might be putting the validity of our results in question.

Also, the source of the information in the FAQ was Qumahlin , an extremely reputable Comcast network engineer.
--
"Some people never see the light till it shines thru bullet holes." -Bruce Cockburn

I'm testing Gmail's spam filters: Broadbandreports1@gmail.com
Spam: 12900+ messages currently using 406 MB.

reply to Nerdtalker

said by Nerdtalker:

Also, the source of the information in the FAQ was Qumahlin , an extremely reputable Comcast network engineer.

He's not the only one that has been absent.
We seemed to have lost alot of our top helpers.
I won't name names you guys know who they are.

reply to Johkal

reply to Johkal
Ok, after digging around at work before I left tonight I can't find any updated information on the blocked port list we have. That information hasn't been updated in 2 years or so. Its still considered the official comcast list of blocked ports though. Now as to whats blocked (tcp/udp/ect) I don't know.
--
Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius -- and a lot of courage -- to move in the opposite direction. --Albert Einstein

reply to Nerdtalker

reply to Johkal
Anyone else interested in verifying these ports?