|
-
October 14th, 2003, 04:31 PM
#1
LeakTest for Hardware Firewall
I'm looking for a program that will test my outbound connection for every port. I'm running a Nat Firewall and I pretty sure all outbound connection pass without problem but I want to be sure. I know their a few leak test out there but they test software firewall. I need one who test hardware firewall. Thank you.
-
October 14th, 2003, 05:55 PM
#2
Let someone Nmap you 
-
October 15th, 2003, 04:40 PM
#3
I don't need someone to test my inbound firewall. I need a program to test my OUTBOUND firewall..
-
October 15th, 2003, 04:57 PM
#4
Member
I'm thinking your ACL's will give you a good idea as to what is blocked and what's not. Most firewalls by default allow everything out, nothing in. Using Nmap from the inside my give you what you want.
- Boyam
-
October 15th, 2003, 05:39 PM
#5
-
October 15th, 2003, 06:10 PM
#6
grc leaktest sucks arse and it doen't work. There is a program called firehole (I think) that works better.
find someone on the outside that will let you nmap them...that will work just as well.
\"Ignorance is bliss....
but only for your enemy\"
-- souleman
-
October 15th, 2003, 06:51 PM
#7
I dont think NMAP will work in this case if I userstand what the problem is.
NMAP will scan all the ports on the target computer but the client will still only use a few ports on the host machine and not test all outbound ports like he wants.
That which does not kill me makes me stronger -- Friedrich Nietzche
-
October 15th, 2003, 10:27 PM
#8
well, does he want to test if it will connect to a certain outbound port, or if it will connect from a certain internal port? I guess thats the real question. If he is looking to outbound ports, nmap will work. If he is looking from certain internal ports...then I really have no idea unless you write your own program to do it.
\"Ignorance is bliss....
but only for your enemy\"
-- souleman
-
October 15th, 2003, 11:11 PM
#9
SDK: I think you need someone to help you determine what ports your firewall will allow you internal machines to connect to on a remote machine.... Your firewall's egress rules..... It'll probably be a lot.....
What you need to do is have someone with a good firewall, well logged, that will allow you to use a scanner that can be configured to scan every port available, there's a million of those out there..... Then that person can send you the log of the scan and you can see what went out. The scan should be a plain SYN scan so the remote will definitely pick it up.
Another option is to give someone your IP address that you will appear to scan from that runs a Snort box outside the firewall and have then implement a rule as follows:-
alert tcp xxx.xxx.xxx.xxx any -> any any (msg; "Bills test": flags; S; classtype: bad-unknown:)
Where the xxx.xxx.xxx.xxx is your IP address.
The second option will actually work better IMO, since the logging on some firewalls will ignore a whole bunch of stuff unless the work is put in to log it.
Hope this helps
Don\'t SYN us.... We\'ll SYN you..... 
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
October 15th, 2003, 11:41 PM
#10
Senior Member
scrip it w/ netcat ... if you want help pm me
i\'m the guy who bitched out a girl about writting poems in General Chat... Now everyone thinks I hate women and that I\'m gay ... live and learn ... hehe
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
