Bruno Posted April 26, 2003 Share Posted April 26, 2003 Because a good firewall is essential if your computer is connected to the net, here is a good link to test it:PC FlankHas also tests for trojans and other exploits !The site : GRC Shields-up is not very suited for Linux as it does mainly windows tests. Most crackers only check for open ports on windows systems, and those won't be found on your Linux box ;)But open ports on Linux can be scanned too, so, do all 6 different tests at PC Flank ! Bruno Quote Link to comment Share on other sites More sharing options...
Peachy Posted April 26, 2003 Share Posted April 26, 2003 Interesting. Also, to be realistic, you need to put your computer outside of your firewall or in the DMZ, otherwise you're scanning your firewall for vulnerabilities (which in itself isn't a bad thing to do!) Quote Link to comment Share on other sites More sharing options...
Guest ComputerBob Posted April 26, 2003 Share Posted April 26, 2003 peachy, I'm confused. I'm on dial-up, and I currently only use a software firewall. Are you referring to putting your PC outside of a hardware firewall? If you do that, how would that allow you to test the firewall?I'm not challenging your answer - I really am confused about this. Quote Link to comment Share on other sites More sharing options...
Peachy Posted April 26, 2003 Share Posted April 26, 2003 peachy, I'm confused. I'm on dial-up, and I currently only use a software firewall. Are you referring to putting your PC outside of a hardware firewall? If you do that, how would that allow you to test the firewall?I'm not challenging your answer - I really am confused about this. CB,If you use a hardware firewall and your PCs are sitting behind it protected, then when you run these vulnerability tests, the tests pick up your firewall's IP address and scans that IP address for open ports. If you've configured your firewall properly then the firewall would pass the test with amazing grace even though you have a web and ftp server running. If you want to test the actual PC, then you have to either take down the firewall or put it into the DMZ to make it equivalent to not being behind a firewall. Remember that consumer firewalls use Network Address Translation, forwarding requests from you to the internet by stripping off your PC's internal IP address, attaching its IP address (the one assigned to you by your ISP) and then forwarding the packet out. When data returns, the destination address is the external IP address, but the firewall knows that your PC requested data so it knows to route it to your PC.When I said put the PC outside the firewall, I mean just that, otherwise, you are only testing your firewall for vulnerabilities and not the actual PC. You can have lots of services and ports open on your PC behind your firewall, but as long as you are not forwarding those ports out through the firewall, then nobody should see. Quote Link to comment Share on other sites More sharing options...
Bruno Posted April 26, 2003 Author Share Posted April 26, 2003 This is exactly why you're such a good Mod Peachy ! Clear and to the point. Bruno Quote Link to comment Share on other sites More sharing options...
Guest ComputerBob Posted April 26, 2003 Share Posted April 26, 2003 Thanks, peachy! Quote Link to comment Share on other sites More sharing options...
Peachy Posted April 27, 2003 Share Posted April 27, 2003 Aww, shucks! You guys are making me blush... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.