Re: How to test a firewall.

Thu, 17 Jan 2002 10:57:47 -0800 


hi  vishal

running a port-scanner( nmap, nessus,... )  is NOT a firewall test...
        - so what if xxx port is open....
        ( hopefully the app running on that port is patched/secured )

        -
        - if the app running on port xxx is not secured, you're dead
        - -- PATCH your server -- do it (ir)regularly...
        -

use a (linux) secure distro or better still to use FreeBSD/OpenBSD 
for your firewall...
        - too many rootkits designed to attack linux
        - openbsd has a better IP stack

download and apply all the known exploits/rootkits and see if any
of them succesfully installls itself and grants root access
to you

simple way.... pierce your own firewall ..if you can...they can too
        - power off your machine... you're now offline/dead
        ( no skills needed... a janitor at night can take you offline )

        - 80% of hacking/attacking is gonna be internally created

        - if you have telnet/ftp/pop/user accounts enabled on your
        firewall, time to go back to basics and harden the server first

Piercing your firewall...
        http://www.linuxdoc.org/HOWTO/mini/Firewall-Piercing/
        http://www.linuxdoc.org/HOWTO/mini/Term-Firewall/


http://www.insecure.org/sploits_linux.html
        - run these known exploits

http://www.Linux-Sec.net/Hacking/
        - lots more places to go and test

c ya
alvin
http://www.Linux-Sec.net

On Wed, 16 Jan 2002, Florian Hobelsberger / BlueScreen wrote:

> I didn't check all of these links,
> 
> http://security.norton.com/default.asp?productid=symhome&langid=de&venid=sym
> 
> http://www.dslreports.com/tools (quite large as far as i know)
> 
> http://scan.sygatetech.com/

...

> > On 16/01/02 14:34 +0530, Vishal Mukherjee wrote:
> 
> > > I have installed a software firewall.
> > > Any site to check how secure the firewall is.
> > > with http://grc.com it shows all the port as closed.
> > Scan your firewall from a machine outside your trusted network using
> > nmap.
> > Repeat from the trusted network.
> >
> > I suggest using lots of nmap options for thorough testing.
> >
> > Devdas Bhagat

_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls

Reply via email to