Network stuff is not my strong suit, and apparently it’s not for our IT guy either. He just stopped by asking me (a software engineer) if I knew of any good utilities for testing firewalls.
:picard:
So what do you guys who have to keep firewalls locked up for a living use to test your security?
personal computer firewalls… or network firewalls…
Small business stuff, generally these:
http://www.sonicwall.com/us/products/TZ_Series.html
No web hosting, FTP or anything like that. Basically just keeping the office internet secure.
post the IP on IRC and say you know there’s nudes of a random celebrity in there. you’ll know in 5 minutes if its secure.
Already told him in AIM but for the rest, probably best option with respects to cost is Nessus.
If you ant to test outside in egress you need to get a box on the interest that you can run Nessus from (hell run from your home network). For internal scans we use Nessus at sitel and for external we use Trustwave.
nm
Just try nessus
I wouldn’t use Nessus for the only means of testing…I also wouldn’t trust a firewall to be your only network security…
I am sure it does a great job of inbound…not to mention you guys use NAT…A lot of people don’t setup proper egress filtering…
QFT
Encryption, Anti-Virus, blah blah blah…
Testing enterprise firewalls I have a lot of fun tools. Just setup a full Juniper multi site network in rochester that included 20 firewalls all together.
What specifically are you looking to check? Just inbound ports you can see or try to actually hack the firewall and see if it flags it?
How big is the business?
I’d hire 3rd party.
3rd party to test a cheap sonicewall :mamoru:
sudo nmap -P0 -sS -p0-65535 -O -oN OUTPUT -sV <ip address>
Usually works pretty well for me