LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 11-14-2001, 08:59 PM   #1
david_xk
LQ Newbie
 
Registered: Nov 2001
Posts: 1

Rep: Reputation: 0
Unhappy RedHat Linux firewall tester



hello :
i have made a firewall by ipchains.
but now i want to test it and i must do it myself .
so i need the related documents, tools, ......
please
thanks you
your david
Nov 15,2001
 
Old 11-15-2001, 05:07 AM   #2
lsof
Member
 
Registered: Oct 2001
Distribution: red hat 7
Posts: 58

Rep: Reputation: 15
Re: RedHat Linux firewall tester

Quote:
Originally posted by david_xk
[Bi have made a firewall by ipchains. but now i want to test it and i must do it myself. [/B]
i was going 2 recommend this thread:
http://www.linuxquestions.org/questi...&threadid=8694

but seeing that u want 2 do it u'rself look for a tool called nmap.
 
Old 11-16-2001, 08:49 AM   #3
raz
Member
 
Registered: Apr 2001
Location: London
Posts: 408

Rep: Reputation: 31
I'll go along with lsof's answer.

Install nmap on a system that's external to your firewalled system.
If not it's hard to confirm your really seeing what others would get.

Then test for open ports using the following commands.

nmap -sT -d -e eth0 -S 202.34.181.234 -g 53 -P0 -n -r -T4 -p 1-10000 -O 170.23.45.1
nmap -sT -d -e eth0 -S 202.34.181.234 -g 20 -P0 -n -r -T4 -p 1-10000 -O 170.23.45.1

-e eth0 (make this your outgoing internet connection)
-S 202.34.181.234 (make this the internet of the nmap system)
O 170.23.45.1 (make this your IP address of the system your testing)
-T4 (change this to T3 then T2 if your ping rate to the system is higher then 200ms etc etc)

Don't try to scan anyone other then your firewall with these settings as it's not very stealthy, but it will find open connection for you.

Next step is to fake SYN flags and random ack numbers with the following scan.

nmap -sA -d -e eth0 -S 202.34.181.234 -g 53 -P0 -n -r -T4 -p 1-10000 -O 170.23.45.1

if you get filtered ports then they are not open, any port that doesn't respond is open but filtered with stateful filtering.

use "man nmap" for more info.

/Raz
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
firewall on redhat linux asilentmurmur Red Hat 1 08-16-2005 03:23 AM
need a firewall tester phishintrip Linux - Security 13 07-12-2003 09:16 AM
firewall in Linux RedHat 8.0 jmarsh Linux - Networking 4 03-03-2003 09:48 AM
Any good hardware tester for Linux/FreeBSD? J_Szucs Linux - Hardware 9 09-23-2002 06:44 AM
firewall security tester jackopa Linux - Security 5 11-16-2001 07:38 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 07:26 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration