Over the past several months, I have been running an open source video
recorder, MythTV, from a Fedora Core 4 machine that resides on my home
network.  I configured the setup such that I can access this machine
through a web frontend.    In order to do this, I had to setup port
forwarding on my router so that all requests to port 80 got sent to
this machine.  Since I am the only person that needs remote access to
the web frontend, I setup the relevant directory such that once the
port forwarding was complete, the FC machine presented a un/pw
challenge in order to get access to contents.  In other words, access
to the machine was controlled at the software level.

A few weeks ago, however, I found my internet service had been
terminated by my ISP due to the fact that one of their port scans
detected the presence of my web server, something I didn?t know I
wasn?t allowed to run.  I called them and they re-activated my
service.

After I got off the phone with them, I thought about this issue some
more and am convinced that there has to be a simple work around for
this problem.  For example, shouldn?t I be able to configure my router
so that access to port 80 only gets provided following a un/password
challenge?  In other words, can?t I have this web server running in
the background, but configure the router in a manner that access to
this port is controlled at the hardware level?  Wouldn't this
basically "hide" an active port 80 from my ISP's port scan?

Nope.

A Port scan detects whether a port is open or not. If its open, its
open. In other words, setting a username and password to it (even if
you could do that through the router, which you cant) will still make
port 80 detected as open.

The port scan can tell its open, because its recieved data from it.
The data is: 'What is your username and password'

What you need is a good firewall.
By this i mean

Line in --> Modem --> PC/Hardware Firewall --> Router --> PC running server

The PC/Hardware firewall would have to filter out ICMP Packets (PINGs)
used for Port scanning.
You can also do this with a software firewall on your PC, but its less secure.

Keep in mind, the server itself my require ICMP packets to be allowed
so that it can tell that there is a remote PC still connected to it.

ITs a tricky situation, but that might be a good way around it.

Hello.

I am a computer tech of many years, and I have set up many a video
server for folks where their ISP blocks and/or forbids port 80
traffic.  Most, if not all, video servers allow you to change the port
it listens on.  For example, you can change the normal port 80 port to
5000 on your video server, or something along those lines, forward
port 5000 through your router as you did port 80, and then make the
appropriate change in your video client.  (If you log in via a web
browser, you would do it like this:  http://your_home_ip:5000  The
colon 5000 tells the browser to use port 5000 instead of port 80. 
This is a more traditional, and "acceptable" way of getting around
blocked port issues.

Hope this helps!  Good luck!!

^^

Pascal1-ga:
Yes i thought of this, however, this will not stop the ISP from seeing
that he is running servers as port 5000 will just be open to the
portscan.

allow me to ask a stupid question: how many ports exist and wouldn't
it be a huge waste of time for an ISP to search all of them?

The ISP will be scanning port 80, and POSSIBLY port 8080 (a common
alternative to port 80).  Putting something on another port, which I
used 5000 as an example, is typically fine.  The ISP disallows traffic
on port 80 because this usually means there is a web server there, and
they will want to sell you a commercial (and more expensive) internet
account for the "commercial" use.

I am but a lowly mobile computer tech, but this is what I do every
day... and I have yet to see them care about anything you do on ports
other than 21, 25, 80, and a few other common virus ports.  See below:
http://www.cox.com/sandiego/highspeedinternet/spamfaq.asp

How many ports??  Follow this link:
http://www.iana.org/assignments/port-numbers

Take care and good luck.