Testing your firewall for open ports



For several years now I’ve used a neat tool at Gibson Research to test a clients firewall quick and easy from the web browser. They have a tool called Shields Up that does a limited port scan to determine of network ports are open, closed or “stealth”.


One of the things I usually have to explain is that even though you only have one connection to the outside world (the internet), on that connection a computer can listen for incoming requests on as many as 65,535 different “ports”, think of them as different “tv channels.” To a computer on the outside an open port means that the request was accepted by the listening computer. A closed port means the listening computer answered back that it’s not letting anyone in (kind of like saying “nobody’s here right now”.) The stealth port means that the computer doing the probe sent a request but there was no response. This is usually the ideal because 1) it takes longer for the “attacker” to get an idea of who if anyone is at a given IP address and 2) it makes it look as though there’s no machine listening at that port.

The most ambitious of his scans does the first 1056 ports (remember there are over 65,000 total). You can do custom probes specifying a list of specific ports as well.

Gibson Research is home to lot’s of other neat utilities. Spinrite is the brainchild of the sites owner Steve Gibson. One of the things that has impressed me about him is his dedication to efficient programming (assembly language guru….) This gives utilities which are small, fast and not cluttered with the cruft you usually get these days from “utilities”. He also has dedicated a lot of time to computer security. It’s a site worth reading.

I should also mention another utility before I let this one go….

Leaktest is a utility he has to test personal (software) firewall software to see if it is fooled by a program claiming to be another application. You see one of the benefits of a personal firewall is that it can prevent data from leaving your computer without your knowledge (backdoor keylogger software for instance.) Unfortunately some firewalls can be tricked say if you’ve allowed internet explorer to connect and send data out and another program decides to tell the system “I’m internet explorer”, the firewall can be fooled. Leaktest basically tests your personal firewalls abilities….

All in all www.grc.com is a VERY useful site. It’s run and maintained by a VERY sharp fellow, Steve Gibson and I think you’re just about guaranteed to LEARN something reading it. For that reason I’m adding it to the links area as well.

Related Posts

Blog Traffic Exchange Related Posts
  • I've NEVER liked UPNP.... now I have another reason.... I remember the first Windows XP vulnerability was a Upnp vulnerability. I have made one of my first visits on any new XP system a visit to grc.com to disable it on an XP workstation. But, it's the great thing - makes life so much easier for setting up network......
  • Virtual Server on Apache to listen on an alternate port In the last few days, I had to set up something a bit unusual with apache. Basically the goal was to have apache listen for connections on two different ports (the standard port 80 and an alternate port 85). The problem was that I wanted different content at each port.......
  • IPtables magic, or... Blocking Aggressive Outbound Traffic with IPtables Blocking Aggressive Outbound Traffic with IPtables. For starters, I've tested this on a test system that started out with NO iptables rules, and then moved on to an IPCop install (the vmware download from vmwarez.com...) I've detailed previously one dilemma that I had with regard to my own cable connection......
Blog Traffic Exchange Related Websites
  • Spyware Adware Removal At Free Of Cost Adware and spyware have always been a major problem of using the internet and. Because of their hostile behavior, they have turned into malware. Some people intentionally use it for identity theft purpose. Some steps can help you stay away from its hazardous behavior. Use Latest Browser Using latest and......
  • FAQ about computer security Q: The virus blocked the registry access and how to get rid of it?A: You can deal with like this: 1. Click on Start -> Run (or Start Search in Windows Vista). 2. Enter GPEdit.msc and then press Enter. 3. Navigate to the following location: User Configuration -> Administrative Templates......
  • Virgin Mobile Mess... Google Voice Saves Me $10 a Month For the last three 3 months I've been paying double for cell phone service. That was a tough sentence to type, but now that I've got it out there, it's a lot easier. Three months ago, I rushed to take advantage of Virgin Mobile's $25 Unlimited Data, Text, and 300......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site