scenario of wifi : i'm using wifi in hostel which having cyberoam firewall and all the computer which uses that access point. that access point have following configuration
here, when i try to open a website the cyberoam firewall redirects the page to a login page (with correct login information, we can browse internet else not), and also website access and bandwidth limitations.
once i've heard about pd-proxy which finds open port and tunnels through a port ( usually udp 53). using pd-proxy with UDP 53 port, i can browse internet without login, even bandwidth limit is bypassed !!!
and another software called openvpn with connecting openvpn server through udp port 53 i can browse internet without even login into the cyberoam.
The most likely cause is that one of the PC's on your network, not the router, is infected with a virus and it is generating this traffic, now, since the ISP is not able to see inside of your network, they are pointing to the gateway to your location which is the router. You don't need to block port 53 on your router, but you do need to spot which one of your computers is generating this traffic. Port scan > UDP 53 open. Port 53 is still open from the LAN side and the router can query port 53 of the ISP DNS server. Fix CIA Hacking Notepad++ Issue URGENT!!! My ISP has informed me that we have been hacked and that we need to close port 53. ISP is trying to hack you. UDP 53 port is open in Tikona network. If you have a tikona modem then use any VPN that supports 53 port. UDP 53 VPN HACK FOR TIKONA WIBRO; AIRTEL. Inside the Russian hack. Allow Both TCP and UDP Port 53 to Your DNS Servers. I cannot figure out how to block port 53 on my TP-Link TD-W8980 v1. I have the OpenDNS servers configured, but the users on my network can bypass the DNS if they know how to manually configure their network settings on their computers.
Dns Unlocker Version 1.4
both of softwares uses port 53, specially openvpn with port 53, now i've a VPS server in which i can install openvpn server and connect through the VPS server to browse internet.
i know why that is happening because with pinging on some website(eb. google.com) it returns it's ip address that means it allows dns queries without login.
Port 1024
but the problem is there is already DNS service is running on the VPS server on port 53. and i can only use 53 port to bypass the limitations as i think. and i can not run openvpn service on my VPS server on port 53.
so how to scan the wifi for vulnerable ports like 53 so that i can figure out the magic port and start a openvpn service on VPS on the same port. ( i want to scan similar vulnerable ports like 53 on cyberoam in which the traffic can be tunneled, not want to scan services running on ports).
improvement of the question with retags and edits are always welcomed...
Another Question
i'ave made simple client server application in which a external computer acts as server running on UDP port 53 and client running inside the wifi; will connnect to that out side server that is running on UDP port 53. problem is it can't connect that server application.what should be the reason, why client inside wifi can't connect outside server running on UDP port 53 ?
NOTE : all these are for Educational purpose only, i'm curious about network related knowledge.....
2 Answers
To identify the magic port, you can use nmap while inside the wifi network, and scan the IP address of your VPS for all UDP and TCP ports:
The idea here is that the firewall at the wifi end is blocking packets leaving the local network, but any that get through, must be via open ports. So on the VPS side, you run
You will need to work out the public address by going to http://whatismyip.com
We are not interested in the results that nmap comes back with, we want to see what tcpdump sees - any packet that makes it to the VPS will have passed through the firewall, so the destination port of the packet will tell us which ports are open:
The above fragment shows that a packet arrived on the ssh port, which is 22, which must be permitted through the firewall.
Note that while you are able to do DNS queries, it does not follow that port 53 is open to the internet. The usual case is that you are permitted contact to controlled DNS servers, and it is those that can forward DNS requests out to the internet - much like in a domestic setting you often set your router to be the DNS server for the network, and it is the router that resolves queries.
If it is the case that port 53 is open only to specific DNS server, then you can get around it using an IP over DNS tunnel. If you have a VPS running a DNS server and you have a domain name you can can control, you could use iodine which allows you to tunnel IP over DNS queries, and so removes the need for OpenVPN (though running OpenVPN inside the tunnel will ensure your packets are protected. You could also do the same with ssh).
Paul