Networking – Detect what outgoing ports are bypassed by firewall

firewallnetworkingporttcp

My school has a firewall which limits most outgoing ports. There're only TCP/80, TCP/443, TCP/21 allowed. Is there's a way to find out all the outgoing port allowed by the firewall?

My current idea: open all TCP ports with nc on a remote server, then use nmap to scan which ports are accessible. But how do I do if I don't have a remote server? or is there a public server that opens all the ports for this kind of tests?

For those who are concerning that I'm breaching the school's rules, I think it's not a big deal to do that. Suppose I was establishing a service in external host and wish it to be accessible by the school network, I would be willing to know which ports I could use for this service. I was not breaking anything. I believe doing it is 100% legal.

Best Answer

You can use portquiz.net, which is exactly the kind of server you're looking for. For example, following shell script does the job:

for x in `seq 1 65535`; do

    echo -ne "$x "
    curl "http://portquiz.net:$x" \
      --connect-timeout 1 \
      -o /dev/null \
      -q >/dev/null 2>&1 \
        && echo 'open' \
        || echo 'closed'

done | tee ports.lst

Note that this is going to run for quite a long time, so if you're impatient, you can parallelize the task using GNU parallel.

Also, some ports on portquiz seem to be blocked on their end (as far as I remember they're ports for SSH and HTTPS), but other than a few special cases, all of the remaining ports should be open.

Related Question