February 13th, 2003 07:12 AM
Linux firewall scanner
I just installed shorewall on my linux system and it seems to be working great . I got it up and running in about 15 minutes (and can be downloaded here ). Now I want to test the firewall on it to see if it is fairly secure. I downloaded SATAN but I have no idea how to use it and I'm wondering if there are any good GUI programs out there.
Only stupid choices remind you of what the smart choices are.
February 13th, 2003 09:49 AM
As far as I can see (and I am sure someone will correct me if I am wrong) you will have trouble scanning yourself to test for firewall security from your own box. The fact of the matter is the requests are not coming from outside the firewall (unless they are routed out through a proxy and back). If you want to test it I would suggest one of these methods
1) Getting another machine, building your own LAN (could just be 2 machines connected via a hub or crossover RJ45 crossover cable). If the other machine was another Linux one you could run something like Nessus ( http://www.nessus.org ) which IMHO is pretty easy to use and has a nice GUI. Step by step insturctions are available on their site if you fancy giving it a go.
2) Go to a web site that will perform a scan for you such as
that way you will be scanned from outside your firewall.
February 13th, 2003 11:26 AM
Just one little thing more. You said you got satan. Get Saint, its satan's followup. Satan is ancient as far as im aware. And also like UKnetsec said, nessus is cool too. The tests you can perfom from inside your firewall are the destination ports (if you have defined any). Point is, in a firewall to dissallow everything, then to allow only what you really need. eg.
dns - destination port 53
web - destination port 80 and 443
But thats only if you actually have defined any outgoing rules. Good luck.
Ubuntu-: Means in African : "Im too dumb to use Slackware"
February 13th, 2003 11:29 AM
You can also try NMAP. This is what I would use for simple port discovery.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
February 26th, 2003 04:05 PM
Just to elaborate a bit for you.
NMAP is a nice port scanner, that will tell you what ports are open on your firewall. Its a good start for any scan on a host.
Nessus (better then SATAN) is more a vulnerability scanner on the actual services. Don't get me wrong, Nessus picks up open ports and all, but not as extensively as what NMAP will. Nessus is more for telling you why those ports are bad for being open.
Finally, I always finish off with a Langaurd Network Scan. Its a Doze based scanner, but it is highly effictive. I have often found that NMAP will find ports that LanGaurd will not, and Vice Versa. Making them a team is often the most thorough way of scanning a host.
Just thought your might enjoy the info.
Pink ribbon scars, That never forget
I tried so hard, To cleanse these regrets
My angel wings, Were bruised and restrained
My belly stings
March 20th, 2003 12:05 AM
Offers a complete vulnerability assessment for free.
The reports are extremely detailed as well.
March 20th, 2003 12:28 PM
I think Sara is a nice tool. Its pretty friendly too. get it at insecure.org in the security tools section.
Ben Franklin said it best. \"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.\"
March 20th, 2003 02:21 PM
Try the following service from Secureworx
GOD is my CEO.
March 20th, 2003 07:25 PM
secureworx.com offers a free port scan
remoteassessment.com offers a free vulnerability assessment
hackerwhacker.com offers another free port scan
Secureworx and Remoteassessment both appear professional. Hmmmm....