Telecom/Spark now blocking port 53?

Forums › Spark New Zealand › Telecom/Spark now blocking port 53?

ElectronicFerret

118 posts

Master Geek
+1 received by user: 9

Topic # 151861 8-Sep-2014 11:12

Sometime over the weekend, Spark started blocking me from connecting to my home router on port 53.

I used to (it worked on Friday) SSH over port 53 (to get around a work firewall) but back at work this morning it no longer works. I also can't connect from other locations (including another Spark connection) so it appears that they've started blocking port 53.

Anyone else notice this? I've had to change to SSH over port 443 instead.

cbrpilot

685 posts

Ultimate Geek
+1 received by user: 230

Trusted

Spark NZ

Reply # 1124151 8-Sep-2014 11:17

2 people support this post

Yes, we are now blocking incoming port 53.
If you need it unblocked, give us a call. Just ask to unblock port 25 and that will unblock 53 as well.
Normally we would provide more in advance communications of a change like this, but I'm sure you understand how quickly we had to move over the weekend.

My views are my own, and may not necessarily represent those of my employer.

ElectronicFerret

118 posts

Master Geek
+1 received by user: 9

Reply # 1124158 8-Sep-2014 11:22

cbrpilot: Yes, we are now blocking incoming port 53.
If you need it unblocked, give us a call. Just ask to unblock port 25 and that will unblock 53 as well.

Thanks. Is there any particular number, email address or contact form I should use to expedite the unblocking?

sidefx

3222 posts

Uber Geek
+1 received by user: 923

Trusted

Reply # 1124159 8-Sep-2014 11:23

Probably this one:

https://www.spark.co.nz/form/1,6849,5664,00.html

(I had to do this for a relative a little while ago)

ElectronicFerret

118 posts

Master Geek
+1 received by user: 9

Reply # 1124170 8-Sep-2014 11:34

sidefx: Probably this one:

https://www.spark.co.nz/form/1,6849,5664,00.html

(I had to do this for a relative a little while ago)

Thanks. Just filled it in.

Who writes this stuff? - "Please remember to restart your modem or router for the port 25 changes to take affect."

cbrpilot

685 posts

Ultimate Geek
+1 received by user: 230

Trusted

Spark NZ

Reply # 1124173 8-Sep-2014 11:37

You have two options:
1) You can fill out our official form at: https://www.spark.co.nz/form/1,6849,5664,00.html
Not sure of the official turnaround time on that one.
2) You can PM me your details. Please include:
Your Spark account number
The line# that you want the port 25/53 filtering disabled on
Hopefully I can get that done relatively quickly.

Please bear in mind the following that by opting out you agree to the terms and conditions listed on the form (linked above). E.g.
o I agree to maintain up to date anti-virus and firewall software.
o I have read and agree to the Spark terms and conditions.
o In accordance with the above terms Spark reserve the right to filter port 25 for all customers at any time and without any additional notice.

My views are my own, and may not necessarily represent those of my employer.

OnlyJoe

10 posts

Wannabe Geek
+1 received by user: 9

Reply # 1124175 8-Sep-2014 11:42

ElectronicFerret: Sometime over the weekend, Spark started blocking me from connecting to my home router on port 53.

I used to (it worked on Friday) SSH over port 53 (to get around a work firewall) but back at work this morning it no longer works. I also can't connect from other locations (including another Spark connection) so it appears that they've started blocking port 53.

Anyone else notice this? I've had to change to SSH over port 443 instead.

Port 53 is the DNS port. If you have that open and a DNS running on your router, others can use your router to relay packets to Sparks DNS server as part of a DNS amplification attack. So it makes total sense for them to block it.

Zeon

3421 posts

Uber Geek
+1 received by user: 410

Trusted

Reply # 1124203 8-Sep-2014 12:31

What dodgy CPE has that running?

cbrpilot

685 posts

Ultimate Geek
+1 received by user: 230

Trusted

Spark NZ

Reply # 1124216 8-Sep-2014 12:45

It's not usually the CPE itself that is broken, it is that it gets hacked, and then the hackers open up that relay.

My views are my own, and may not necessarily represent those of my employer.

ElectronicFerret

118 posts

Master Geek
+1 received by user: 9

Reply # 1124252 8-Sep-2014 13:05

Zeon: What dodgy CPE has that running?

I'm doing a port forward from public TCP 53 to 22 on an internal linux box.

It's far from dodgy, it's simply running SSH on a non standard port.

chevrolux

3678 posts

Uber Geek
+1 received by user: 1389

Subscriber

Reply # 1124542 8-Sep-2014 17:12

ElectronicFerret:
Zeon: What dodgy CPE has that running?

I'm doing a port forward from public TCP 53 to 22 on an internal linux box.

It's far from dodgy, it's simply running SSH on a non standard port.

So why not go right out of the standard service ports? 8022 might be good easy one to remember for SSH.

slingynz

152 posts

Master Geek
+1 received by user: 49

Reply # 1124565 8-Sep-2014 17:31

One person supports this post

chevrolux:
ElectronicFerret:
Zeon: What dodgy CPE has that running?

I'm doing a port forward from public TCP 53 to 22 on an internal linux box.

It's far from dodgy, it's simply running SSH on a non standard port.

So why not go right out of the standard service ports? 8022 might be good easy one to remember for SSH.

"To get around work firewall"

cbrpilot

685 posts

Ultimate Geek
+1 received by user: 230

Trusted

Spark NZ

Reply # 1124589 8-Sep-2014 17:51

Let me know how you get on with that online form.
I don't want to circumvent the normal processes, but if you're not getting any joy fast enough there, let me know and I can look into where those forms go, and see what I can do to hurry it along.

My views are my own, and may not necessarily represent those of my employer.