[Dshield] testing a firewall

Chris Brenton cbrenton at chrisbrenton.org
Tue Dec 23 23:44:44 GMT 2003

On Tue, 2003-12-23 at 18:26, michael nancarrow wrote:
> Sorry,
> 	I'm afraid I wasn't clear. I am using nmap and superscan to
> 	test the firewall, problem is that without something on the other side
> 	of the firewall guaranteed to respond to everything how can you be sure
> 	the firewall is working correctly.
> 		nmap scanner ----> f/w -----> server exists

I obviously was not clear either because I gave you that, tcpdump or

For example, let's say you are running nmap from the IP address
On the _other side_ of your firewall, plug in a system and run the
following command (I'm assuming you are a Windows person).

windump -nn -vvv host

If windump does not see anything, life is cool. If windump logs packets,
then something is blowing through your firewall. Obviously you have to
download and install windump for this to work, but its a free utility.


More information about the list mailing list