Thanks John. I will try this. I will need to figure out how to only do TCP and not do UDP. -- "News Headline: Ants Take A Long Time To Cook In Microwave" --unknown /\___/\ / /\ /\ \ Phillip Pi (Ant); The Ant Farm: http://antfarm.ma.cx | |o o| | \ _ / E-mail: [EMAIL PROTECTED] or [EMAIL PROTECTED] ( )
On Fri, 27 Dec 2002, John Lampe wrote: > If all you're wanting to do is ensure that the firewall is filtering ports, > then all you'll probably need is nmap...If you're offering services behind > the firewall, and have poked holes in the firewall to accomodate these > services, then you might want to run nessus and set the ports-to-be-scanned > to 1-65535 (TCP only, for all the obvious reasons)... > > If you have "trusts" in place on your firewall (i.e. some stupid firewalls > will "trust" the local network addr), then you might want to play with the > new nmap v3.00 -sI option (very sweet)...likely hosts to spoof might be DNS > server, anti-virus servers, next-hop routers, blah, blah, blah.... > > John W. Lampe > http://f00dikator.aceryder.com/ > > ----- Original Message ----- > From: "Phillip Pi" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Thursday, December 26, 2002 3:41 PM > Subject: What's the best options to test a software firewall on Windows? > > > > Hi, > > > > Are the default settings/options and all the latest plug-ins in Nessus the > > best setup to test a Windows software firewall? Or is there something > > special that I need to do to really fully test the firewall? - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body.
