Outgoing Port Redirect?

[Richter]

Looking for ideas on how to redirect an outgoing UDP port range (netbios 137-139) to a different port range to get around a firewall restriction. Seen programs that redirect incoming ports (ie Greyware Detour) but so far none for outgoing. Registry change might work?

I figure a real HIGH $$ software firewall would do this but I'm trying to avoid spending that kind of cash.

 

[n0cmonkey]

Has this been approved by your IT staff? And if the answer is yes, smack them in the head for me please. Ill wait for your answer to give you my idea

 

[geekender]

Won't the receiving end (the one you are sending to) have to be listening on the new port as well?

What kind of program are you using? Normally there are properties that will allow you to change the port when using the program.

 

[Buddha Bart]

Probably won't matter, as its the destination ports (137-139) that are probably firewalled.

I'm not sure if UDP or Netbios work differently, but tcp connection dont originate from the client on the same port as the destination service.

Like when you connect to a webserver. Its coming "out" your port 43572 (aka, some random high-number port), with the destination of port 80 on the server.

bart

 

[Evadman]

602pro will forward ports and redirect them.

 

[Yossarian451]

I am interested in this, I had considered it for a use in my lab for cisco, we wanted to bypass the firewall which was using an extremely slow filter. I suggested this to one of the gurus, and the admin, and they said it was ok, but then school, let out. I was just going to try to get a browser rewritten to use a different port then put a program on the server to use that new port, and transfers the information to the regular port and requesting from the web on the regular port. then by only distributing the rewritten borwser to that lab resolving the speed issues while maintaing the integrity of the filter (it is a monitored classroom). I suggested this idea because even when we set proxy overide, it didn't work quite right. Would this idea work??? I just came across this and it reminded me of it, pluss I goto school in a 2 days, so it will become important to me again.

 

[spidey07]

Looking for ideas on how to redirect an outgoing UDP port range (netbios 137-139) to a different port range to get around a firewall restriction.

That in itself is scary. You'd never want netbios/ip access to the internet nor would you want incoming connections to these ports. You'd have a great big bullseye on that machine for scans and you WILL be compromised. Please consult your firewall administrator if you need some rulebase changes - it is THEIR job to secure a network.

Now that being said I'll start to ramble about how you can meet your requirement and if it would work or not.

A server is listening on UDP ports 137-139 providing netbios name services (you didn't say TCP which is what you'd need to actually use SMB and what not). So even if you could change your destination port on the client machine behind a firewall the server would not know what to do with it because it is not listening on the port, nor is there any application associated with that port (let's say you changed it to UDP ) 4000.

You could change the machine your trying to communicate with destination port UDP 137-139 to say 4000-4002. that could work.

What exactly are you trying to accomplish that would need to run netbios/IP through a firewall? Are making netbios/IP requests or are other requesting from you? who is initiating the netbios session and where are they located in relationship to your firewall.

PS - if this is for work, school you can get fired, expelled depending on policy.