With IPTables, you can easily block traffic in a single direction, or both directions.
One would think that Shaw and Telus would have their residential accounts routed through a particular router (or set of routers) or on separate IP Subnets. They'd easily be able to block new http requests to the device/subnet, but allow requests from that subnet to go out, and established traffic to come back in. However, this would probably lead to a management overhead they probably don't want to undertake... My thoughts. Shawn -----Original Message----- From: Jon Copeland [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 14, 2003 2:18 PM To: [EMAIL PROTECTED] Subject: Re: (clug-talk) isp blocking ports when i phoned shaw last night the tech guy mentioned he was running a server from his residential account, he also mentioned that if port 80 were blocked they would be receiving alot of cals with people not being able to browse the internet, now is this true? if port 80 were blocked would that affect incoming AND outgoing or can u set it explicitly? jon ----- Original Message ----- From: "Curtis Sloan" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, October 14, 2003 2:09 PM Subject: RE: (clug-talk) isp blocking ports I had a bit of a time finding the usage policy, so I thought I'd provide a link and some documentation relevant to the discussion: https://secure.shaw.ca/policy/Use-Policy.asp "8. Users must ensure that their activity does not improperly restrict, inhibit or degrade any other customer's use of the Services, nor represent (in the sole judgement of Shaw) an unusually large burden on the network itself, such as, but not limited to, peer to peer file sharing programs, serving streaming video or audio, mail, http, ftp, irc, dhcp servers, and multi-user interactive forums. The guidelines for Bandwidth Usage/month for each business service package are the following: SOHO - 50 GigaByte; Professional - 70 GigaByte; Business - 100 GigaByte (combined download and upload). The guidelines for acceptable web site traffic include 300 MegaByte/month for Professional and 500 MegaByte/month for Business hosting packages. Residential services do not have specific guidelines of this nature as the Service is not intended for business applications. Shaw reserves the right to set specific limits for Bandwidth Usage and charge for excessive Bandwidth Usage for residential Services at any time. In addition, users must ensure that their activity does not improperly restrict, disrupt, inhibit, degrade or impede Shaw's ability to deliver the Services and monitor the Services, backbone, network nodes, and/or other network services." and... "The residential Shaw Services are designed for personal Internet use. You may not use the residential Shaw Services for commercial purposes. You may not run a server in connection with the Shaw Services nor may you provide network services to others via the Shaw Services. Examples of prohibited servers and services include, but are not limited to, mail, http, ftp, irc, dhcp servers, and multi-user interactive forums. Some Business services may be exempt from these limitations." HTH, Curtis -----Original Message----- From: todd almond [mailto:[EMAIL PROTECTED] Sent: October 14, 2003 12:03 PM To: [EMAIL PROTECTED] Subject: Re: (clug-talk) isp blocking ports The occasional game server probably wouldn't even be detected, but as far as pop/imap goes the Acceptable Use Policy cops are sticklers for the letter of the law. Curtis Sloan wrote: >My definition of "service" is defined as busy, anonymous public or organized >access (not necessarily "business" or "corporate"). For example, I wouldn't >feel bad about running a game server on weekends, but running a DS 24/7 >would break the spirit of the law. Same would go for an e-mail server (for >example) -- I would feel okay forwarding my own DNS domain account and >running POP3/IMAP, but hosting a bunch of busy mailboxes would break the >spirit of the thing. > >Is this how Shaw sees things too? > >Curtis > >-----Original Message----- >From: todd almond [mailto:[EMAIL PROTECTED] >Sent: October 14, 2003 10:39 AM >To: [EMAIL PROTECTED] >Subject: Re: (clug-talk) isp blocking ports > > >If it is suspected that someone with a residential or SOHO account (no >servers allowed) is running a service then a port scan will be done. >Usually high bandwidth usage is a clue. > >Curtis Sloan wrote: > > > >>Do they also do the odd port scan, or only if there is suspicious bandwidth >>usage? >> >>Curtis >> >>-----Original Message----- >>From: todd almond [mailto:[EMAIL PROTECTED] >>Sent: October 13, 2003 10:56 AM >>To: [EMAIL PROTECTED] >>Subject: Re: (clug-talk) isp blocking ports >> >> >>Nope, no port blocking. Except for a brief period when the blaster worm >>was out, port 135 was shut-off. >>(I'm a TSR there...) >> >>Jon Copeland wrote: >> >> >> >> >> >>>does anyone know if shaw blocks, among other things, port 80? >>>and if they are is there a way around this? im looking at hosting a LOW >>>TRAFFIC picture gallery for my family around the world and i'd like to >>>accomplish this using my existing infrastructure and not incur any >>>additional costs. >>> >>>jon >>> >>> >>> >>> >>> >>> >>> >>> >>> >> >> >> >> > > > >
