Re: using nmap to scan firewall




Thanks Old Guy, I'm talking about using nmap to scan from the outside. I'll try the parameters you've suggested. My firewall has it's external interface into a 4 port router so I can plug into it and run scans from there. The firewall is in the 'dmz' of this router and the inside port plugs into another linksys wireless router running DD-WRT.

Since I've last wrote this message I've installed Thunderbird/Firefox and removed the IE shortcuts (From vista) and posted my reply from the TB-client so hopefully you won't quote my 'exploitable' headers in this reply, however I'm probably doing something else wrong so please let me know. Wish I could find how to uninstall IE from Vista... Although I could should just post this from an ubuntu VM that I have running on this machine.

Thanks again for your help.

Moe Trin wrote:
On Sun, 02 Sep 2007, in the Usenet newsgroup comp.security.firewalls, in article
<1188752206.714313.312770@xxxxxxxxxxxxxxxxxxxxxxxxxxx>, Ant wrote:

Which combination of parameters with nmap are best to test my firewall
for open ports?

From where? To find out what your firewall looks like from "outside",
you have to scan it from there - which might get you in trouble with
others, but that's besides the point. Or you could look at the
'netstat' output from the firewall device itself (netstat is a command
found in wincrap as well as most other operating systems, and this
shows what ports are OTHER THAN closed). Trying to scan your firewall
from "inside" won't show what's open/available "out there".

As for parameters to use, did you look at the rather extensive
documentation that comes with nmap? See the -sU and -p options

If all ports are closed am I 'safe'? or is that never the case.

No firewall will protect against blatant stupidity. Most users get
0wn3d because they install something that they think they want or
need, and never realize it's mal-ware.

X-HTTP-UserAgent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0;
SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506),
gzip(gfe),gzip(gfe)

Yeah, you might have a problem there. Still, almost anything is better
than Internt Exploiter.

Old guy
.