I just moved to a new complex, and the ISP apparently blocks incoming ports (and I'm not sure if it is a static ip).
So I was wondering if there were programs that exist that would allow me to access services remotely. I would need to use things like remote desktop, ssh, cvs (over ssh) and possibly web servers. I am not looking into using my home network as a production webserver, but I do need some remote access to those services.
Would something like a Virtual VPN, or some other similar tool work? And if so could people point me to come good (preferably free) software?
Exposing Ports on a Personal Computer
Moderator: Thanas
If your ISP is actively blocking incoming ports on your end, then you may be out of luck. At that point, even opening the needed ports on your router/PC firewall wouldn't do you any good as you don't have access to the "head-end" firewall.
If that's the case, then your only real option is to use a remote connection program where the PC you wish to connect to opens up a connection on it's own. This is the way XP remote assistance works. There are no ports needed to open (as long as all outgoing ports are open, which they should be), because your PC is initiating the connection.
Other than that, you can always call your ISP and ask them to open the ports. If that fails, you may need to find a new ISP.
If that's the case, then your only real option is to use a remote connection program where the PC you wish to connect to opens up a connection on it's own. This is the way XP remote assistance works. There are no ports needed to open (as long as all outgoing ports are open, which they should be), because your PC is initiating the connection.
Other than that, you can always call your ISP and ask them to open the ports. If that fails, you may need to find a new ISP.
Use a reverse SSH tunnel.
Set up this script on your home computer to run every 5 or 10minutes via a cron daemon:
From your laptop run "ssh -p 5000 localhost" to connect.
This will work if the IP of the remote system is static, doesn't matter whether your home pc's IP is static. If the IP of your laptop or w/e is dynamic or you won't always be on the same network, you could set it up so you can email your home PC your laptops current IP address. (there is simpler ways, such as throwing it on a web host somewhere, but my inner-blackhat twirls his handlebar mustache thinking about that, so don't.) I really don't feel like writing script to do that, I'm sure you can do it (maybe use checkmail or something) since your a linux users and that implies some competency.
As for port 80/a webserver, I'm not sure how you would do that with all your ports locked down, never run into that situation before.
Set up this script on your home computer to run every 5 or 10minutes via a cron daemon:
Code: Select all
#!/bin/sh
# $REMOTE_HOST is the name of the remote system
REMOTE_HOST=my.laptop.somewhere
# $REMOTE_PORT is the remote port number that will be used to tunnel
# back to this system
REMOTE_PORT=5000
# $COMMAND is the command used to create the reverse ssh tunnel
COMMAND="ssh -q -N -R $REMOTE_PORT:localhost:22 $REMOTE_HOST"
# Is the tunnel up? Perform two tests:
# 1. Check for relevant process ($COMMAND)
pgrep -f -x "$COMMAND" > /dev/null 2>&1 || $COMMAND
# 2. Test tunnel by looking at "netstat" output on $REMOTE_HOST
ssh $REMOTE_HOST netstat -an | egrep "tcp.*:$REMOTE_PORT.*LISTEN" \
> /dev/null 2>&1
if [ $? -ne 0 ] ; then
pkill -f -x "$COMMAND"
$COMMAND
fiThis will work if the IP of the remote system is static, doesn't matter whether your home pc's IP is static. If the IP of your laptop or w/e is dynamic or you won't always be on the same network, you could set it up so you can email your home PC your laptops current IP address. (there is simpler ways, such as throwing it on a web host somewhere, but my inner-blackhat twirls his handlebar mustache thinking about that, so don't.) I really don't feel like writing script to do that, I'm sure you can do it (maybe use checkmail or something) since your a linux users and that implies some competency.
As for port 80/a webserver, I'm not sure how you would do that with all your ports locked down, never run into that situation before.
“Most people are other people. Their thoughts are someone else's opinions, their lives a mimicry, their passions a quotation.” - Oscar Wilde.
