We now have a Business fibre 150/150 plan which is great but they still block all the same ports as for residential internet. We had to upgrade to a static ip address in order to get 80/443 open. A list of blocked ports for business dynamic ip address accounts.
The following ports will have inbound (ingress) and in some cases outbound traffic blocked.
Security Measures - Blocked Ports
Issue Solution
TCP 21 (ftp)
Clients running an FTP server will no longer be able to have Internet users connect to their server.
Many clients' computers are used as FTP servers to store illegal files.
TCP 25 (smtp)
Clients running a SMTP mail server will no longer be able to receive e-mail requests, nor will it allow outbound traffic for mail servers external to the TELUS.NET, TELUS IDCs and Hostopia networks on port 25.
This prevents mail servers that operate as an open relay. Open relays are used without client's knowledge to send millions of pieces of Spam.
TCP 53
This port is being added to our security measure policy in response to DNS DoS attacks.
TCP 80 (www)
Clients running a Web server will no longer be able to have Internet users connect to their server.
Common exploit on old Window IIS server and Linux boxes that are not properly patched.
TCP 110 (pop3)
Clients running a POP mail server will no longer be able to have Internet users connect to the server.
Prevent mail servers that operate as an open relay. Open relays are used without a client's knowledge to send millions of pieces of Spam.
TCP 6667 (ircd)
Clients running an IRC server (Internet Relay Chat) will no longer be able to have Internet users connect to the server.
TCP/UDP 135-139 (dcom and netbios)
These ports are commonly exploited by worm viruses.
135 Windows RPC
136 PROFILE Naming System (basically unused)
137-139 Windows NetBios
TCP/UDP 443 (ssl)
Clients will not be able to accept inbound ssl connections on this port.
There is no ability to differentiate traffic and packets sent from a POS machine (rather than a server).
Client IP Point Of Sale (IP POS) devices are not blocked. No need for a Server plan for IP POS.
TCP/UDP 445 (ms-ds)
Microsoft Directory Services - Clients that allow legitimate Internet users access to their computers will lose this ability.
This allows hackers to directly connect to a Windows based computer and gain total control over the OS.
TCP/UDP 1433-1434 (ms-sql)
Microsoft SQL server - Clients running an SQL server will no longer be able to have Internet users connect to their server.
There are several worm viruses that exploit holes in SQL server
