|
I need a good program to test my firewall(s)
I need a good program to test my firewall(s) - In & Out, hardware (router) & software.
I am not an expert! I googled and some programs claim that they should be used only by an IT-security expert. http://tooleaky.zensoft.com/ "To demonstrate how outbound filtering is a joke, I am providing here a small executable file (3KB), along with its C++ source code. In this example, if Internet Explorer is a "trusted" application by your firewall, you'll find that this drills right through. In essence, by giving "trust" to Internet Explorer, you are implicitly trusting every other software application on your PC. Now, a brief warning: Who should download this software? Quite likely not you. This software is targeted for security professionals. Unless you have a thorough understanding of software firewalls, outbound filtering methods, and the details of this exploit, there is no need to download this program. It's not going to do anything other than frustrate you. However, that said, it can be lots of fun to demonstrate to your friends how you can get right through their firewall if it trusts Internet Explorer." |
Both tests are probably easier than you might think.
For inbound, use a port scanner like sheldsup at GRC.com (issues with Gibson aside). That will tell you if you have any open ports. For outbound, try to connect to servers outside your network on blocked ports. IF you are blocking telnet, for instance, google a free/open telnet server and try to telnet that box. If you are blocking SMTP (port 25 for mail) then you can actually try and telnet to SMTP server and specify port 25. In fact, I'd think testing the outbound would be fairly easy- if you know what you are blocking. Now, if this is a software based outbound firewall, you're never going to be 100% sure, since a clever virus could disable the firewall or open the ports it needs. But if you are talking about a hardware outbound firewall, just try to connect to services on ports you are blocking. Your comment above sounds like you have some combination of the two. I'm guessing hardware inbound and software outbound? Have you considered hardware that will do both (even just a hacked Linksys)? Finally, your best tests are going to be on machines outside of your network. By virtue of running any software to test things on your desktop, you've changed the test environment. |
SpaceBass:
Thanks. .... sheldsup at GRC.com seems to be gone!?! And yes, I would like to test my two PCs from outside...see, if everything is OK. It looks you are an expert ... I can not perform those tests you are explaining. I have a D-Link DI-524 AirPlus G High Speed 2.4GHz Wireless Router, 802.11b, g .... and it looks like the firewall is off, but I am reluctant to put it on .... had lots of problems with McAffee firewall some time ago. I also run Zone Alarm, Windows Defender, AVG, Ewido, Spybot and Ad-Aware.... |
Originally Posted by USAFAN
SpaceBass:
.... sheldsup at GRC.com seems to be gone!?! |
|
Thanks a lot your link worked fine. Did all tests. All is OK (safe) but this: Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation. with the cable-modem connection. Thanks again. |
Originally Posted by USAFAN
dw8146:
Thanks a lot your link worked fine. Did all tests. All is OK (safe) but this: Actually, I was aware of this. Comcast once pinged me when I had trouble with the cable-modem connection. Thanks again. For external port scanners- IE if you want to test from outside your home network, check out nmap (http://insecure.org/nmap/) there are versions for most major operating systems. I hate to say this, but I'm pretty anti software firewalls. I just don't see the need. If you have NAT protecting you up front and observe some sense of safe surfing habits, then software firewalls do little more than provide annoying pop-ups and burn memory/speed on your PC. I'm not, however, opposed to hardware firewalls, but that's another topic :D |
Originally Posted by SpaceBass
For external port scanners- IE if you want to test from outside your home network, check out nmap (http://insecure.org/nmap/) there are versions for most major operating systems.
|
I made some tests ... all are fine ^ |
Originally Posted by SpaceBass
The ping thing is not much of a concern. Some people would argue that being 100% stealth is a great thing...its like if your home IP address was your house, and ports are the doors and windows...if you didn't even respond to pings it would be like your house was totally invisible from the street. Personally I trust NAT routers enough AND I like ping as a diagnostic tool so I'm willing to trade the possible insecurity.
For external port scanners- IE if you want to test from outside your home network, check out nmap (http://insecure.org/nmap/) there are versions for most major operating systems. I hate to say this, but I'm pretty anti software firewalls. I just don't see the need. If you have NAT protecting you up front and observe some sense of safe surfing habits, then software firewalls do little more than provide annoying pop-ups and burn memory/speed on your PC. I'm not, however, opposed to hardware firewalls, but that's another topic :D I bookmarked http://insecure.org/nmap/ however, I am not ready to do this test. As said before, I am not an expert ... and my common sense tells me, not to use such tests (without assistance of an expert). Thanks again! |
| All times are GMT -6. The time now is 7:27 am. |
This site is owned, operated, and maintained by MH Sub I, LLC dba Internet Brands. Copyright © 2026 MH Sub I, LLC dba Internet Brands. All rights reserved. Designated trademarks are the property of their respective owners.