Why is ISP blocking port 5000 for "security reasons"

[jimnms]

A friend of mine emailed me because the voice conference thing on her Yahoo messenger quit working. Everything I could think of didn't fix it. She called her ISP and someone came out and to look at it, and told her it was because they are blocking port 5000 for "security" reasons. WTF? The only thing I'm aware of that port 5000 is used for is UPnP.

According to Yahoo, the Yahoo IM uses ports 80 and 5050. I suggested switching ISP's, but she's in the same situation as I am, a small town with only one high speed provider. I'm not even sure what she has, all she knows is it's "wireless highspeed."

 

[jimnms]

Ok, I just found out Yahoo IM does use port 5000-5010 for the voice chat. Hmm.

http://v2.vc.scd.yahoo.com/

 

[MiXdNuTs]

I have been having a similar problem with the Audio on MSN messenger videoconfrencing. The audio won't connect, but video works great.
Then again, I am connecting to a user in china, so the communist firewall around the country probably has more to do with it.

 

[jimnms]

She has tried MSN Messenger too, and it doesn't work either. She forwarded me the email she got from her ISP.

Port 5000 is blocked and has been for about a year now. This would not
allow the voice to work if that is a port that it requires. You might ask
if Yahoo has another version that uses a different port than 5000 there are
65,000 ports available for them to use.

Thanks

 

[kleptophobiac]

Just blocking one port is pretty useless... as the ISP just now demonstrated. I'm of the opinion that if you don't protect yourself that you're retarded and deserve whatever you get.

 

[jimnms]

Just blocking one port is pretty useless... as the ISP just now demonstrated. I'm of the opinion that if you don't protect yourself that you're retarded and deserve whatever you get.

That's what I always say, just not in those exact words.

The only thing I can think they'd be blocking only port 5000 for is from that exploit of UPnP back in 2001.

 

[bigstusexy]

I think the exact number of ports is different but anyway there aren't 65,000 ports to choose from (in their words) because they just blocked one (that they are telling you)


I'd call the ISP and ask (or if you have to) demad that they open the port, I don't think that you have any legal base to speak of but eh.

if none of this works for you, look for a project called speak freely on sourceforge it works on port 2075 I think but you can make it work on any port you want. Although it isn't yahoo voice it may just work in a pinch.

 

[ashbourn12]

Here on Long Island OptOnline aka Cablevision is blocking the POP3 port, what is it 110? This is a big problem for me, I can't get e-mail from work or school anymore. Called them up and told me I have to switch to a service that is $30 more a month to get it unblocked. DSL is not a option yet so I have to get dialup just to get my mail.

 

[jimnms]

That's just rediculous. It seems like blocking port 110 you could find some legal ground to stand on. Sounds anti-competitive to me not allowing you to use other mail services.

I though my cable co. was bad. They're the only high speed option where I live, and they know it. I have a friend who lives in a larger city 30 miles East that gets 3Mbps Road Runner for less than I pay for 512Mps cable here. At least they aren't blocking any ports.

 

[XOR != OR]

I'm confused about port 110. Why block that? Or 5000. *shrug*

What ISPs should do is block certain ports outgoing/incoming by default ( 25 springs to mind ), and if you call, they can open them up, free of charge.

This would cut down on viruses spreading, and those of us who need it can still run our servers. Wouldn't that be something if all the isps all over america started blocking incoming and outgoing 25 by default, excepting their own SMTP servers? Suddenly, half my spam problem would evaporate.

 

[weasel2htm]

You mentioned SPAM, check out this website I found.

http://www.dsbl.org

 

[jimnms]

After she called them, their excuse for blocking port 5000 is because "port 5000 is flooded with viruses," so they blocked it and will not unblock it.

 

[XOR != OR]

After she called them, their excuse for blocking port 5000 is because "port 5000 is flooded with viruses," so they blocked it and will not unblock it.

Oh. Viruses. Ok.

Yeah.

Call back and ask them when they are going to start blocking outgoing port 25.

 

[jimnms]

Better not, then they might start blocking more than just 5000.

 

[kleptophobiac]

It is not the ISP's job to protect you from viruses.

 

[XOR != OR]

It is not the ISP's job to protect you from viruses.

No, but they are responsible for the crap that is spewed out of their networks. Just like I am responsible for the clients on my network.

They need to limit ports by default, but open them up on request. That's the best way to make life better on all of us.

 

[TekieB]

My ISP blocks 80 and 21 outgoing, I haven't had any other blocked. But they are just affraid of people having zombie spammer machines on thier netowrks (unintentionally of course) and stuff like that

 

[ashbourn12]

My ISP blocks 80 and 21 outgoing, I haven't had any other blocked. But they are just affraid of people having zombie spammer machines on thier netowrks (unintentionally of course) and stuff like that

The told me they blocked port 110 because some people were abusing it. This cable company here is crazy and lazy they could just block the people abusing it. They also blocked a dozen other ports file sharing programs used. They also just cut your speed if they think you are using too much.

 

[kleptophobiac]

Who do you have for an ISP? They sound like asshats!

 

[GlobalFear]

Opt Online oulled the spped cut crap here, too. I gorget what I was uploading, 'I think it was the latest dc full to an ftp for friends. The cut my speed to 50k both ways. I called up an bitched, threatening to sue for false advertising and they uncapped it.

 

[ashbourn12]

Who do you have for an ISP? They sound like asshats!

I got OptOnline

 

[knucklebusted]

You mentioned SPAM, check out this website I found.

http://www.dsbl.org

I use them and www.ordb.org as well to block spam. Mail-abuse.org is better but they charge now.

Also, Optonline's entire netblock(s) are in my personal blacklist due to the HIGH volume of spam my users were getting.

ISPs don't do anything until someone threatens to lighten their wallets, like Savvis just now cutting off the spammers, a year too late.

I don't understand the abuse of 110. You send on 25, spam happens on 25, not 110. That is lame.

 

[jimnms]

Maybe it's time to start an ISP blacklist. Maybe once they see their name on there and the reasons why, they'll straighten up.

 

[ashbourn12]

Maybe it's time to start an ISP blacklist. Maybe once they see their name on there and the reasons why, they'll straighten up.

Thats not a bad idea with the backing of some sites like [H]ard it might get noticed.

 

[MechWarrior]

My ISP friggin blocked my outgoing port 25. They wouldnt open it for any reason, took me 3 weeks to get a straight answer that it wont be opened except for the "offical" email. Now i have to bounce my outgoing email through their server which I hate because reverse DNS lookups will now fail!

 

[Niartov]

You can go to DSL Reports . You can leave reviews of any Broadband provider there.