Jump to content
Sign in to follow this  
Bruno

Where to test your Linux Firewall ?

Recommended Posts

Bruno

Because a good firewall is essential if your computer is connected to the net, here is a good link to test it:PC FlankHas also tests for trojans and other exploits !The site : GRC Shields-up is not very suited for Linux as it does mainly windows tests. Most crackers only check for open ports on windows systems, and those won't be found on your Linux box ;)But open ports on Linux can be scanned too, so, do all 6 different tests at PC Flank ! B) Bruno

Share this post


Link to post
Share on other sites
Peachy

Interesting. Also, to be realistic, you need to put your computer outside of your firewall or in the DMZ, otherwise you're scanning your firewall for vulnerabilities (which in itself isn't a bad thing to do!)

Share this post


Link to post
Share on other sites
Guest ComputerBob

peachy, I'm confused. B) I'm on dial-up, and I currently only use a software firewall. Are you referring to putting your PC outside of a hardware firewall? If you do that, how would that allow you to test the firewall?I'm not challenging your answer - I really am confused about this. B)

Share this post


Link to post
Share on other sites
Peachy
peachy, I'm confused. B) I'm on dial-up, and I currently only use a software firewall. Are you referring to putting your PC outside of a hardware firewall? If you do that, how would that allow you to test the firewall?I'm not challenging your answer - I really am confused about this. B)
CB,If you use a hardware firewall and your PCs are sitting behind it protected, then when you run these vulnerability tests, the tests pick up your firewall's IP address and scans that IP address for open ports. If you've configured your firewall properly then the firewall would pass the test with amazing grace even though you have a web and ftp server running. If you want to test the actual PC, then you have to either take down the firewall or put it into the DMZ to make it equivalent to not being behind a firewall. Remember that consumer firewalls use Network Address Translation, forwarding requests from you to the internet by stripping off your PC's internal IP address, attaching its IP address (the one assigned to you by your ISP) and then forwarding the packet out. When data returns, the destination address is the external IP address, but the firewall knows that your PC requested data so it knows to route it to your PC.When I said put the PC outside the firewall, I mean just that, otherwise, you are only testing your firewall for vulnerabilities and not the actual PC. You can have lots of services and ports open on your PC behind your firewall, but as long as you are not forwarding those ports out through the firewall, then nobody should see. B)

Share this post


Link to post
Share on other sites
Bruno

This is exactly why you're such a good Mod Peachy ! Clear and to the point. B) Bruno

Share this post


Link to post
Share on other sites
Guest ComputerBob

Thanks, peachy! B)

Share this post


Link to post
Share on other sites
Peachy

Aww, shucks! You guys are making me blush... B)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...