I'm trying to download Gentoo using the tracker at
http://f.scarywater.net/athlon-xp-1.4-20030731-cd1.iso.torrent
I keep getting this error:

ERROR:
Problem connecting to tracker - (113, 'No route to host')

saving: athlon-xp-1.4-20030731-cd1.iso (454.1 MB)
percent done: 0.0
time left: connecting to peers
download to: Gentoo/athlon-xp-1.4-20030731-cd1.iso
download rate: 0 kB/s
upload rate: 0 kB/s

I can ping f.scarywater.net so I know that the server can be contacted. This error happens with all torrents, even when they are on different servers. I've already confirmed that it's not my firewall. Any thoughts :confused:

The f.scarywater.net site is using port 8080 for connections. ServerBeach filters port 8080 outbound due to excessive open proxy scanning and abuse. We had no choice but to filter this port in order to enforce our AUP and limit the amount of illegal proxy activity originating from our network.

-knightfo

It'd be nice to have a list of what ports that are currently blocked, and why.

Originally posted by Tino Didriksen
It'd be nice to have a list of what ports that are currently blocked, and why. I second that. I wasn't even aware that ServerBeach blocked ports. I spent hours trying to figure out what was going wrong. I assumed that it was something on my end.

Looks like the default port 6969 is blocked too?

Originally posted by Tino Didriksen
It'd be nice to have a list of what ports that are currently blocked, and why.

We do not publish the lists of ports that we block, as it would defeat the purpose of filtering the ports in the first place. We only filter ports in order to enforce AUP and prevent the spread of malicious worms. Filtering ports is not an ideal solution, but at this time it is the only effective way to keep network abuse to a minimum. We are definitely working on new ways to prevent network abuse without affecting the entire network.

-knightfoo

So is there a process to confirm if a port is or isn't blocked? Can we email to someone or submit a support ticket?

You could run an outbound port scan against a target you know have all ports open for connections.

This is not a nice way to do it, though. Could be seen as an abuse attempt.

Blocking outbound (or inbound) ports to prevent abuse is not desirable, but unfortunately, is understandable given the current atmosphere of the 'net. I guess its something that you just have to expect to deal with nowadays, annoying as it is.

But havnig undocumented port blocks in place? That is most definitely not alright. There should be a definitve network guide to what ports, and indeed what sort of traffic of all types and layers, is blocked, even if only to authenticated SB customers via the control panel structure. I don't understand what the perceived security benefit to SB is by not publishing this data. This seems to be an example of security via obscurity at its most useless level. As mentioned above, I can just as easily nmap out this information if I wanted it bad enough, and having it unpublished is an annoyance at least, or a critical failure in documentation at worst. The only benefit I could imagine having from this would be for SB itself, who could let new customers make the fale assumption that SB doesn't block ports (being a dedicated and not a shared hosting solution)

What is the justifcation in terms of security of keeping this information pseudo-secret? Its a hassle, and has the potential to be much worse than that.

After spending hours! on trying to see what was wrong with my route configuration on my box.....:bang:

trying to debug scripts .....:confused:

Warning: file_get_contents("website on weird port"): failed to open stream: No route to host in /home/....

NOW I KNOW!!! :eek:

now that you guys are playing with the ports .. go ahead and close 80 too .... :P

Someone explain to me how publishing the list would defeat the purpose of blocking them.. I'm not following. They're going to be blocked whether the list is there or not. You can tell us 8080 is blocked, or we can spend time figuring it out on our own.. and do hat? Whether we know before hand or not doesn't seem to do anything but save us from wasting time. Not publishing seems a way to keeping new customers from knowing that a lot of stuff they may LEGITLY desire to use their server for is not possible.

To find which ports are blocked, you can scan your own server remotely with nmap to get an idea of what ports are blocked.

# nmap -sT -p 1-65535 -oS - hostname

It's easy to find which ports are blocked, so it's kind of odd to not post the list.

I found it out when I tried to use bittorrent to download some Linux ISOs. I can see the reasoning for blocking bittorrent since it is P2P and I believe that is banned by the AUP.

Anywhay, your mileage may vary.

Cheers :beer:,

Madtown