LeakTest for Hardware Firewall

[Fatphantom]

Google search for "hardware firewall leaktest "

Hope this helps

[skiddieleet]

looking at my router config page under advanced and firewall it is set to

Allow Default LAN,* *,* IP (0),*

which I think allows all outbound traffic on all ports, which is probably what you have.
I don't know of a program to test this though. If you have something similar to what I have I'm sure you can change the settings to just allow on port 80 or whatever you are looking for.

[SDK]

Thank for all info.. I'll look into it.. A quick question for all you, I'm not a expert in network protocol but if I scan the ports X outside on a IP address like www.microsoft.com will the packet use that port X to go throw my firewall? Ex : Pinging port 7393 on microsoft.com will be outbound as port 7993 on my firewall?

What I realy want is to block all program to be block when they try to access the net from except for port 21 and 80 with my firewall. Now, I think everythink is wide open. But I want to test it and be sure!

[Tiger Shark]

SDK: You can't ping a port. Ping is an ICMP function and as such doesn't have a port, though it reports port 0.

You need a scanner such as SuperScan to attempt the three way handshake, (or some part of it), on each port to see which ports are open outbound on your firewall.

[SDK]

I have a scanner... This is what I mean! Gulp! Gonna edit my message!

[skiddieleet]

I think that the outbound traffic picks a random port to use to connect to a set port on another machine. And the only time an outbound port is open is when your connected to a host. You should just be able to set a firewall rule to only allow outbound connections to port 80 and port 21. However, it would still use some other port on your machine to connect to the set port on the other machine. For example, right now I'm connected to this site on port 80, but the local port used is 58309. I don't think any scanner would show a leak unless you were actually connected to someone using a port. Either that or it would show a leak on every port.

[SDK]

I have look at Fatphantom google address and I found nothing except software leaktest! I'll continue searching.

[S3cur|ty4ng31]

Theres no way you can do this with a scanner(NMAP or aything) your trying to test all your outbound ports. The scanner program will choose random ports on your machine and probably only a few. Having someone scan you is pointless. All this will test is your incoming ports.

Etruscan is right use netcat. With netcat you can specify your out going port.

ie.
nc -p 100 192.168.1.1 80
This will use you outbound port 100 bascially what you need is a script that does something like this

for(x=0;x<65536;x++)
nc -p <x> some_ip some_port

I would choose a machine that you can get the banner back from connecting the each time through the loops see if you get the banner. If you do that outbound port works if not then you got a probelm with that port or it may have already been in use and you should check again.

[SDK]

What do you suggest for service? I being trying a few port but I cannot get a single service to answer me and close nc alone. I always have to enter quit to quit the service.. (Mail, ftp, etc)

Edit : I found a service, the daytime service on port 13.

[SDK]

I just created myself a quick VB utilites.. Kind of sluggish but very slow but it work on calling a batch file with 2 parametters. One for the port to test and one for the file to test result. I call nc to ping a time server with a increasing outbound port. nyone interest in having it can send me a pm.