Tag Archives: networking

SSH blocked on mobile phone

Does anyone know why SSH is blocked by mobile operators?

I am using Nokia N900 on French SFR mobile network and recently noticed that I can’t connect to my personal server via SSH, but only when using mobile network – everything is fine using WiFi. The error message is “Read from remote host : Connection reset by peer”. I decided to change a port number on the server, and it helped… but not for long. Now I am able to connect, but connection is interrupted after certain amount of data has been transmitted. The problem mainly affects scp, but can also be demostrated in ssh by executing ls /usr/bin a couple of times for example. How network providers recognize SSH without using a port number – I believe they must be analyzing the packets. Question is why they are doing this – is it to make it impossible to circumevent their artificial limitations?

Nokia N900 as a modem on French SFR mobile network

This is a short story about connecting my laptop to the internet using SFR mobile network. Initially I wanted to just use WiFi HotSpots, but as it was impossible, I reverted to accessing mobile internet using Nokia N900 phone as a modem.

SFR does not like my Nokia N900 – there is no mobile application for it to connect to a WiFi HotSpot. First of all, why do I need a special application, is standard username/password not enough? I know why, they do not want me to use a laptop to connect to their HotSpots, they want me to buy 3G dongle and pay monthly contact for it. I do not like this artificial limitation, because after all I am already paying a lot for mobile contract with 500MB data transfer and want to use it to the maximum.

Perhaps I should reverse-engineer their mobile app? Well, maybe next time, I do not know much about this matter and do not have too much spare time. It may also be very difficult if they use mobile network for authentication.

Instead of that I decided to use my N900 as a USB modem for my laptop to get mobile internet. I could possibly share my mobile connection using WiFi, but it is not so simple to configure and my Debian’s Network Manager is already configured for O2 network. After few tries with standard setup (Number: *99#, APN: wapsfr, Google DNS) it worked – I got an IP address. I was even able use ping, SSH and stuff. But strangely when I opened any website in my browser (Iceweasel) it loaded fine, but was completely blank.

It turned out that SFR is blocking access for most common browsers using User Agent string. All I needed to do is to change it to something else. I downloaded User Agent Switcher addon, put some ridiculous string as my browser name (“Telecomitalia” because it is my favourite company:) and voila – it worked! SFR, you will not stop me from using mobile internet with such simple tricks;)

ServletRequest.getRemoteAddr() can return IPv6 address

I was surprised that ServletRequest.getRemoteAddr() method can sometimes return IPv6 address, not only IPv4. Where have you found IPv6 address in the wild you may ask, they aren’t common after all? Well, I was also surprised that when you type localhost in your web browser on Windows 7 it uses IPv6 protocol, but when you type it uses IPv4. Hmm, it all makes sense actually and is documented behaviour…

Anyway, the conclusion is that you should not assume that ServletRequest.getRemoteAddr() will return IPv4 address. You should check the address type, for example:

Alternatively, if you only need to check for localhost, you can do that:

I am executing both getAllByName() and getLocalHost() methods in case someone has weird /etc/hosts configuration, which does not specify to be localhost.