Linux firewall scanner

Printable View

February 13th, 2003, 08:12 AM
antiman

Linux firewall scanner

I just installed shorewall on my linux system and it seems to be working great :bigsmile: :bigsmile: . I got it up and running in about 15 minutes (and can be downloaded here ). Now I want to test the firewall on it to see if it is fairly secure. I downloaded SATAN but I have no idea how to use it and I'm wondering if there are any good GUI programs out there.
February 13th, 2003, 10:49 AM
UKnetSec

As far as I can see (and I am sure someone will correct me if I am wrong) you will have trouble scanning yourself to test for firewall security from your own box. The fact of the matter is the requests are not coming from outside the firewall (unless they are routed out through a proxy and back). If you want to test it I would suggest one of these methods

1) Getting another machine, building your own LAN (could just be 2 machines connected via a hub or crossover RJ45 crossover cable). If the other machine was another Linux one you could run something like Nessus ( http://www.nessus.org ) which IMHO is pretty easy to use and has a nice GUI. Step by step insturctions are available on their site if you fancy giving it a go.

2) Go to a web site that will perform a scan for you such as

http://www.symantec.com/securitycheck/

that way you will be scanned from outside your firewall.

Cheers
February 13th, 2003, 12:26 PM
instronics

Just one little thing more. You said you got satan. Get Saint, its satan's followup. Satan is ancient as far as im aware. And also like UKnetsec said, nessus is cool too. The tests you can perfom from inside your firewall are the destination ports (if you have defined any). Point is, in a firewall to dissallow everything, then to allow only what you really need. eg.

dns - destination port 53

web - destination port 80 and 443

etc....

But thats only if you actually have defined any outgoing rules. Good luck.

Cheers.
February 13th, 2003, 12:29 PM
thehorse13

You can also try NMAP. This is what I would use for simple port discovery.

Good luck!
February 26th, 2003, 05:05 PM
DalamarArgent

The difference

Hi there,

Just to elaborate a bit for you.

NMAP is a nice port scanner, that will tell you what ports are open on your firewall. Its a good start for any scan on a host.

Nessus (better then SATAN) is more a vulnerability scanner on the actual services. Don't get me wrong, Nessus picks up open ports and all, but not as extensively as what NMAP will. Nessus is more for telling you why those ports are bad for being open.

Finally, I always finish off with a Langaurd Network Scan. Its a Doze based scanner, but it is highly effictive. I have often found that NMAP will find ports that LanGaurd will not, and Vice Versa. Making them a team is often the most thorough way of scanning a host.

Anyway,
Just thought your might enjoy the info.

;)
March 20th, 2003, 01:05 AM
lmoses

Offers a complete vulnerability assessment for free.

http://www.remoteassessment.com

The reports are extremely detailed as well.
March 20th, 2003, 01:28 PM
EaseZE

I think Sara is a nice tool. Its pretty friendly too. get it at insecure.org in the security tools section.
March 20th, 2003, 03:21 PM
Meerkat

Try the following service from Secureworx
March 20th, 2003, 08:25 PM
lmoses

secureworx.com offers a free port scan
remoteassessment.com offers a free vulnerability assessment
hackerwhacker.com offers another free port scan

Secureworx and Remoteassessment both appear professional. Hmmmm....