Testing Your Firewall

Previous page
Table of content
Next page

After you have firewall software installed, it's important to test it (at least occasionally) to be sure that it provides appropriate and adequate protection for your Windows Vista system. Two primary methods are used to test firewall security:

  • Port scans. A port scan tests the inbound security of your firewall by scanning through ranges of TCP and UDP port numbers in an attempt to determine whether individual ports are open (allow incoming connections), closed (block incoming connections), or stealth (don't even appear to exist as far as Internet users are concerned). The information that a port scan provides ensures that you haven't left certain ports open by accident, and also helps you to understand how outside users see your system when it's connected to the Internet. Hackers commonly use Port scanners to determine which ports are open on a computer. For example, a hacker might perform port scans against thousands of IP addresses to see whether a particular vulnerability is installed on any computers. By testing your own firewall with a port scanner, you gain access to the same types of information used by hackers, and can then configure your firewall with appropriate settings to mitigate any potential risks to your PC. A number of web sites enable you to perform free port scans from your web browser, including Shields UP!! (http://www.grc.com/x/ne.dll?bh0bkyd2), Broadband Reports (http://www.dslreports.com/scan), AuditMyPC (http://www.auditmypc.com), and others.

  • Outbound security tests. A few different utilities are capable of testing the outbound filtering capabilities of your firewall by attempting to access your Internet connection without your knowledge. The basic idea is that you download and install such a tool, which attempts to connect to the Internet by bypassing your firewall's outbound security settings. If your firewall catches the attempt (by alerting you to the fact that a new program is attempting to access the Internet), the test has passed. If you are not alerted to the connection attempt and the tool can communicate over the Internet successfully, the outbound security test has failed. Outbound security tests are particularly important as part of ensuring that your firewall does not allow spyware programs and other threats to connect to the Internet undetected if they've found their way onto your system. Two of the more popular tools that test outbound firewall security include FireHole (available from http://www.keir.net/firehole.html) and LeakTest (available from http://www.grc.com/lt/leaktest.htm).

Follow these steps to test the security of your firewall via an online port scan:

  1. Select Start Internet Explorer, or open your preferred web browser.

  2. In the Address bar, type http://www.grc.com/x/ne.dll?bh0bkyd2 and press Enter.

  3. Read through the agreement information on the Shields UP!! web page and then click Proceed.

  4. In the Shields UP!! Services section (see Figure 7-17), click Common Ports. This option scans your system in an attempt to determine the status of ports to which Internet users commonly try to connect.

    image from book
    Figure 7-17: Testing your firewall with the Shields UP!! port scanning web site.

  5. After the scanning process is complete, a result (including a Passed or Failed message) appears, as shown in Figure 7-18.

    image from book
    Figure 7-18: The results from a Shields UP!! port scan.

Caution 

The port scan outlined in the previous example scanned common port numbers only. If you believe that other inbound connection ports on your firewall may be open, complete a scan of All Service Ports with Shields UP!! (which tests your system's first 1056 ports), or a scan of all 65,000+ ports with the Firewall test tool at http://www.auditmypc.com.

Follow these steps to test the outbound security of your firewall using the LeakTest tool:

  1. Download leaktest.exe from http://www.grc.com/lt/leaktest.htm.

  2. Double-click leaktest.exe to open the tool, and then click OK.

  3. At the Ready To Test screen (see Figure 7-19), click the Test For Leaks button.

    image from book
    Figure 7-19: LeakTest is a basic tool to test the outbound security of your firewall.

  4. Read the instructions provided on the First Time Help screen, and then click OK.

  5. If your firewall did nothing to stop LeakTest from connecting to the Internet, the Firewall Penetrated! is displayed. If your firewall alerted you to the fact that LeakTest was attempting to access the Internet and you denied the action, an Unable To Connect message is displayed, letting you know that your firewall will detect (and allow you to block, as necessary) outbound connection attempts.


Previous page
Table of content
Next page
PC Magazine Windows Vista Security Solutions
PC Magazine Windows Vista Security Solutions
ISBN: 0470046562
EAN: 2147483647
Year: 2004
Pages: 135
Authors: Dan DiNicolo
BUY ON AMAZON
Professional Java Native Interfaces with SWT/JFace (Programmer to Programmer)
Building Web Applications with UML (2nd Edition)
Managing Enterprise Systems with the Windows Script Host
An Introduction to Design Patterns in C++ with Qt 4
File System Forensic Analysis
AutoCAD 2005 and AutoCAD LT 2005. No Experience Required
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy