Jump to content

Where to test your Linux Firewall ?

Bruno

By Bruno
in Bruno's All Things Linux

 Share

Recommended Posts

Bruno

Bruno

Posted
Posted

Because a good firewall is essential if your computer is connected to the net, here is a good link to test it:PC FlankHas also tests for trojans and other exploits !The site : GRC Shields-up is not very suited for Linux as it does mainly windows tests. Most crackers only check for open ports on windows systems, and those won't be found on your Linux box ;)But open ports on Linux can be scanned too, so, do all 6 different tests at PC Flank ! B) Bruno

Link to comment
Share on other sites
Peachy

Peachy

Posted
Posted

Interesting. Also, to be realistic, you need to put your computer outside of your firewall or in the DMZ, otherwise you're scanning your firewall for vulnerabilities (which in itself isn't a bad thing to do!)

Link to comment
Share on other sites
Guest ComputerBob

Guest ComputerBob

Posted
Posted

peachy, I'm confused. B) I'm on dial-up, and I currently only use a software firewall. Are you referring to putting your PC outside of a hardware firewall? If you do that, how would that allow you to test the firewall?I'm not challenging your answer - I really am confused about this. B)

Link to comment
Share on other sites
Peachy

Peachy

Posted
Posted
peachy, I'm confused. B) I'm on dial-up, and I currently only use a software firewall. Are you referring to putting your PC outside of a hardware firewall? If you do that, how would that allow you to test the firewall?I'm not challenging your answer - I really am confused about this. B)
CB,If you use a hardware firewall and your PCs are sitting behind it protected, then when you run these vulnerability tests, the tests pick up your firewall's IP address and scans that IP address for open ports. If you've configured your firewall properly then the firewall would pass the test with amazing grace even though you have a web and ftp server running. If you want to test the actual PC, then you have to either take down the firewall or put it into the DMZ to make it equivalent to not being behind a firewall. Remember that consumer firewalls use Network Address Translation, forwarding requests from you to the internet by stripping off your PC's internal IP address, attaching its IP address (the one assigned to you by your ISP) and then forwarding the packet out. When data returns, the destination address is the external IP address, but the firewall knows that your PC requested data so it knows to route it to your PC.When I said put the PC outside the firewall, I mean just that, otherwise, you are only testing your firewall for vulnerabilities and not the actual PC. You can have lots of services and ports open on your PC behind your firewall, but as long as you are not forwarding those ports out through the firewall, then nobody should see. B)
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...