How To Test Your Linux-Distro Firewall - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

What is the most important Linux security technology?

	SELinux
	grsecurity
	CIS Benchmark
	Bastille Linux
	iptables
	LIDS

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

All About Linux

DanWalsh LiveJournal

Securitydistro

Latest Newsletters

Linux Security Week: May 14th, 2012

Linux Advisory Watch: May 10th, 2012

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

How To Test Your Linux-Distro Firewall

User Rating:

How can I rate this item?

Source: How To Forge - Posted by Eric Lubow

Recently, I wrote an article about "How to scan your Linux-Distro for Root Kits". Now that the machine is... clean! I think, a good thing TO-DO, is to test my Firewall (AGAIN!) The good news are that we can use the free tool FTester. The bad news are that FTester needs to be configured right...So...Let's get to work!

The tool consists of two perl scripts, a packet injector (ftest) and the listening sniffer (ftestd). The first script injects custom packets, defined in ftest.conf, with a signature in the data part while the sniffer listens for such marked packets. The scripts both write a log file which is in the same form for both scripts. A diff of the two produced files (ftest.log and ftestd.log) shows the packets that were unable to reach the sniffer due to filtering rules if these two scripts are ran on hosts placed on two different sides of a firewall. Stateful inspection firewalls are handled with the 'connection spoofing' option. A script called freport is also available for automatically parse the log files.

Read this full article at How To Forge

Comments
	Written by Jennifer on 2006-06-15 03:58:54

Our computer is connected to the internet almost 24/7 and we can simply not use a firewall to protect ourself. At minimum, any computer connected to the Internet needs to have all current patches to its operating system and browser installed as well as personal firewall, antivirus and anti-spyware software. A more complete solution is taking a layered approach to protect your security and privacy.

A firewall prevents some communications forbidden by the security policy, analogous to the function of firewalls in building construction. A firewall is also called a Border Protection Device (BPD). A firewall has the basic task of controlling traffic between different zones of trust. Typical zones of trust include the Internet (a zone with no trust) and an internal network (a zone with high trust).

My place for free firewalls is therefore:
http://www.freespamfilter.nl/uk/firewall.htm

They always have the latest and best firewalls available and have good reviews of all firewalls.

Jennifer

system admin

Written by ravindra g wagchaure on 2006-07-03 02:05:32

i rhce completed

Only registered users can write comments.
Please login or register.