[outages] Comcast blocking ftp?

Jeremy Chadwick jdc at koitsu.org
Fri Sep 21 12:10:03 EDT 2012 

Are you talking about outbound FTP (e.g. client on Comcast trying to FTP
to a server on the Internet), or are you talking about inbound FTP (e.g.
client on the Internet trying to FTP to a server hosted on a Comcast
residential connection)?  The direction matters.

1. Comcast does not filter outbound FTP requests (Comcast->Internet)

2. Comcast does not usually filter inbound FTP requests
(Internet->Comcast), however if the customer is a residential customer
this is not permitted per TOS).  If the customer is commercial/business
then no filtering is done.

In the case of a residential customer hosting a server, if Comcast finds
this, they usually deploy filtering at the cable modem level (by pushing
out an updated cable modem config to the customer which is picked up via
TFTP + rebooting the modem remotely).

There is no way around this aside from talking to Comcast on the phone
or moving the server to another port (which is not advisable on
residential connections as Comcast would probably terminate service in
this situation).

I can confirm on residential connections that *normally* Comcast does
permit inbound FTP traffic reaching the customer.  Below is from tcpdump
on my router (on Comcast), where the client is trying to connect to my
Comcast IP on TCP port 21.  As you can see, the SYN does arrive:

09:05:49.737352 IP 209.126.140.25.57088 > 67.180.84.87.21: Flags [S], seq 31607697, win 65535, options [mss 1460,nop,wscale 6,sackOK,TS val 3722921725 ecr 0], length 0

-- 
| Jeremy Chadwick                                   jdc at koitsu.org |
| UNIX Systems Administrator                http://jdc.koitsu.org/ |
| Mountain View, CA, US                                            |
| Making life hard for others since 1977.             PGP 4BD6C0CB |

On Fri, Sep 21, 2012 at 11:48:42AM -0400, Wallace Keith wrote:
> 
> 
> From: Wallace Keith
> Sent: Friday, September 21, 2012 11:46 AM
> To: 'discussion at outages.org'
> Subject: Comcast blocking ftp?
> 
> There is an ongoing discussion in the citizens weather observer community that ftp might be being blocked by Comcast? Can anyone confirm this is really the case? Allegedly  started at 6:30am today.  Sorry I cannot provide technical examples. I do not have Comcast at my current location.
> 
> -Keith
> 
> 

> _______________________________________________
> Outages mailing list
> Outages at outages.org
> https://puck.nether.net/mailman/listinfo/outages

More information about the Outages mailing list