Since I spend the majority of every day at my school, which only has two ports open, I need to be creative with how I use them.
First, let me start off by saying my school is terrible with restricting access to anything. Yes, they block 99% of the internet on their computers and WiFi, but everything that goes through port 443 or 80(aside from blocked websites) works just fine.
These are the only ports accessible by the internet, I have more ports only available for localhost(such as
53 and 1194
I have OpenVPN configured on port 53, and port 1194 gets forwarded to port 53 via iptables. This is mainly as a backup in case SSLH crashes, as my school doesn’t block this port. However, some places throttle connections to UDP 53, which is understandable as you generally don’t do more than a few DNS queries per minute(much of the requests are cached), and UDP 53 is abused in amplification attacks. So, for the locations that don’t block UDP 1194, but throttle 53, I use 1194.
Similar to most servers, I have SSH listening on TCP 22. This is blocked at my school, so I also have SSH on other ports, but I’ll get to that in a bit. When I’m feeling too lazy to use my custom SSH ports, and port 22 isn’t blocked, it does make using SSH and SFTP a bit easier, as I don’t have to configure any options. Also, many tools that work on top of SSH only work(ok, only easily work) with the standard port(i.e.
TCP port 25 is used for what’s is designed for: SMTP. This is for sending and receiving emails, although I believe there are two other ports, but 25 is used the most. The other ports for for TLS, but STARTTLS works on 25, so that’s what I use.
Next up, is TCP port 80. I have SSH listening here as well, in case 22 is blocked and SSLH down. This has already saved me a few times, mainly when I break SSLH’s config file :) . TCP port 80 is generally used for HTTP, so it is mostly unblocked. CloudFlare redirects everything to HTTPS, so I have no need to have NGINX listening on TCP 80.
TCP port 443 is unblocked in 99.9% of places I’ve been to. I’ve only ever been to one place that prevented me from using OpenVPN over port 443. This is mainly because TCP 443 is the port used for HTTPS, and blocking it would brick the majority of the internet. I have SSLH configured to listen on this port, so I have the following services on port 443:
This is also used for email, but instead of receiving and sending, it’s for reading emails. This is for IMAPS, the secure version of IMAP.
This is additional for email, but is POP3s, another way of reading emails. This supports much less features than IMAP, and I mainly use it for Gmail’s import feature.
Why did I just reveal all these ports?
Some of you will probably think I just reduced the security of my VPS by showing which services I have on what ports, but I don’t agree. A port scan will show all standard ports, and while it will get the use wrong(i.e. say TCP 80 is for HTTP), you’ll still be able to tell what ports are open. Additionally, I have services running that will block IP addresses after brute-force attempts, and some iptables rules that will slow down attackers.
Please don’t try to hack my VPS, but if you do try, you’ll probably fail :) , and get your IP reported.