Is there a website or a piece of software out there than can check which ports I can access the outside world on?

The Internet connection at my new workplace is shockingly slow but also restricted port wise I think. I can't even remote desktop into my server. SSH ports seem blocked outwards too.

I would like to know which ports are open so I can at least put one of my SSH machines on that port.

Is running a port scan from inside the company you've only just joined really a good idea? Either way, 80 or 443 would be good starting points, probably.

After doing some reading I've come to the same conclusion. Any attempts across a range of ports will most likely be logged, I'd prefer not to have that happen!

I might just open 443 at home and forward it somewhere useful.

Steve Gibson's site will scan from the outside and tell you what's open.  It's more for safety than anything but it might be worth a go.  The site is pretty ugly but Steve is a smart dude.

I'd also highly recommend his podcast, Security Now.  He's the guy who actually guessed how the NSA was collecting all the info without needing access to each companies equipment. I look forward to it every week.

I'll have a look at those.

Certainly makes a change from having a PC at my old job that had a public IP and all ports in and out accessible! One of the many benefits of working at a university.

No doubt, I'd imagine it's a little shock to your system! 

Considering the only thing stopping my Internet connection not being more than 100/100Mbps was the LAN speed!

Wow!

http://portquiz.net/

This seems pretty useful. You can stick any port on the end to check if you can access out.

Next question.

My Sky router doesn't do port forwarding/translation properly. You can only open a port and send the connection out of that port.

I know previous routers gave me the option to define an in and out port.

So data coming in on port X get sent to port Y on IPAddress.

Is it possible to do something similar within the network?

So for example, I'll open a port that I can access out from work on, let's say 123. Forward 123 to a system on my network, probably a Linux VM which in turn then sends all that data to 456 on another system.

Do I need to play with IPtables?

It seems I do and it looks fairly simple.

Sorted, I now have remote desktop and ssh.

(cheer)

Remote Desktop on an open port? You're brave.

(Unless you're doing port forwarding over SSH)

I'm not, but it is something I know I should be doing and will look into setting up.

Its really easy, you don't need to configure anything on the server*, its all in the client (PuTTY) configuration.

* If server is Linux, You can make it easier by installing winbind and modifying /etc/resolve.conf so the server can resolve Windows hostnames on your network.

Didn't realise it was so easy. Just done it now.

Last week someone at work mentioned our IT guy checking up on what sites people are accessing over the net, as if it is a regular thing, so the warning was be careful what you browse at work.

This has lead me to add a Socks v5 proxy tunnel to the SSH session I was using to RDP home. Am I right in thinking whatever now goes through the SSH tunnel can't be seen?

It was easy to setup and my IP in Chrome is now showing as my home IP (we use Firefox for work related stuff).

This may be worth a read:

http://blather.michaelwlucas.com/archives/945