questions for people using openvpn clients

[mike70sk]

Hi i had a question for people using vpn's with open vpn clients. I have been using bolehvpn for a few weeks, a prior to that i tested mullvad for a 2 hours.

The speeds are generally good. Im using bolehvpn client. The problem is when i run a port scan at grc my port 22 is wide open! i tried everything in several firewalls and routers and even removed my router and just used the cable modems, nothing will close this port. occasionally on one of the servers it can be closed, but most of them port 22 is always open. I also checked performance manager in windows 7 but could not find port 22 listening or connection. when the vpn is not on the port is stealth!

can you tell me if you run a port scan at grc if your port 22 is open?
https://www.grc.com/x/ne.dll?bh0bkyd2

thanks

[PaulyDefran]

I believe you are testing your VPN's exit node at GRC, if you are doing it through the VPN. You can do a netstat on your box to see if 22 is open, and check your router to see if you have forwarded 22, but I really think that it is the VPN's 22 that you are seeing.

PD

[n8chavez]

That is true. In the same way, if you were to do an IP test here, you would see their IP, not yours It's their machines you are testing, not yours.

I also use BolehVPN, and it's great!

[CasperFace]

Yes, if you run an online port scan while connected to the VPN, then you are only probing the VPN server itself - NOT your own ports. Next time you run the Shields UP! test, pay close attention to the IP address that is displayed on the test page. If it's not your real IP address, then those are not your ports... so you have absolutely nothing to worry about.

[mike70sk]

Hey guys thanks for the response, hey n8chavez since your using bolehvpn as well, would you mind using the usastreamingtcp server and scan grc on the above link?

I would really like to isolate the open port 22 to just me or not, so if you can run a scan i would really like to know if yours is open too?

I do realize that i am scanning the vpn's ip and ports but in another thread mirimir pointed out to me that if grc can scan the ip and find the open port theoretically a hacker could scan ip's and brute force attack the opening port (depending on what it is listening to , but i haven't found it yet but i'm working on it)

as far as the router and firewalls 22 is not forwarded, and is closed on the router and software firewall.

cheers

[CasperFace]

All BolehVPN clients using the US-SurfingStreaming TCP server are going to see port 22 open when they run the GRC port scan. The issue is not isolated to you. If you are still concerned as to why BolehVPN chose to keep this port open on their server, your best option would probably be to contact BolehVPN support directly for an explanation. However, I really see no legitimate reason why you should be worried about this, as it is strictly a server-side issue. Even in the hypothetical situation you described, if an attacker were to brute-force port 22 directly, it would be impossible for those scans to reach YOUR machine since that port is not actually being forwarded to you.

[mike70sk]

hey thanks for the answer, is that also true for the fully routed servers as well?
I just wanted to make sure that i tried everything on my end before contacting them.

[n8chavez]

Quote:

Originally Posted by mike70sk

hey thanks for the answer, is that also true for the fully routed servers as well?
I just wanted to make sure that i tried everything on my end before contacting them.

Any connection from your system to another system, whether it's via OpenVPN (proxied or full-routed), or SSH, or whatever, means that the ports you are scanning are on the remote system, eg, not yours. As long as that connection, in some form, exists your local computer is safe from port scans.

[mirimir]

While using VPN services, GRC's ShieldsUP! is obviously scanning VPN exit servers. Those servers may open ports (such as OpenVPN default ports 443 and 1194) for internal purposes, that would never be routed to clients.

However, if providers permit, clients may also forward open ports to their exit servers. But those would be high ports. For example, let's say that you wanted to serve a website through the VPN. From your client, you'd execute:

Code:

ssh -R 8080:localhost:80 user@vpn.exit.node.ip

For that to work, the server must be configured properly: 1) user's key in ~/.ssh/authorized_keys; 2) user has sufficient rights; and 3) GatewayPorts enabled.

[mike70sk]

Hey guys i am quite a vpn novice, so thanks for clearing the matter up for me!

I agree with n8chavez BolehVPN is a great service! and very good pricing too!