Testing Firewalls: Accessing ports?

JimmyM

Grip
Joined
Jul 6, 2004
Messages
22
Sorry for the recent influx of computer related questions, but I am having zero luck with google searches, PC websites, and newsgroups. You people have been the most informative resource I have found.

This coming school year, I will have to work on a year-long science project, and for part of mine, I want to test a variety of firewalls and computers without firewalls. I have figured out how to ping a computer via a command line prompt, but I have no idea how to attempt to access system internet ports (i.e., port 80, etc.). I would like to this so that I could test how easily one can access these ports and what damage could be done by this attack.

So, my question is, if I network two or more computers, could I use one to simulate an Internet attack on another, thus testing the firewall and/or taking control of the other system? Is this even technologically possible, or is it illegal, and thus there is no software available?
 

Tekara

Supporting Actor
Joined
Jan 8, 2003
Messages
783
Real Name
Robert
Judging by your question, I believe you would be served best by looking into a 3rd party program that will run security tests for you. There's quite a number out there for network administrators to make use of on their own networks. Look for software that will generate a good report of it's results for use in your project.

if you own the attacking computer and the defending computer there shouldn't be any legal issues. Now if you go around attacking other people's computers without their consent (like the school's computers) then you'll be causing trouble.
 

JimmyM

Grip
Joined
Jul 6, 2004
Messages
22
Ok, thank you!


I'm sure I can find some software by searching around, but does anyone have a good title to recommend?
 

Matt`G

Agent
Joined
Aug 18, 2003
Messages
36
For Windows, an easy to use scanner is called GFI LANGuard. For Linux, you could use Nessus. Please be careful when using any vulnerability scanner, as there are risks of causing harm to the machines that you scan.

Good luck, and I can't stress enough how important it is to get permission! The last thing you need is to get expelled for breaking the computer usage policy.
 

JimmyM

Grip
Joined
Jul 6, 2004
Messages
22
Thanks for the links, Matt.

BTW, If I do decide to perform this project, the systems would be my own that I'd have to purchase and test on my own (I'd probably get a grant), so no risk of destroying school systems. However, I'm beginning to wonder about the overall usefulness of this project (since I don't want to waste government money, or a local professor's time). Does anyone think that this is a worthwhile venture? Got any ideas on how to extend this project? I'm not trying to get anyone to do this for me, just wondering if the data I'd compile hasn't been beaten to death by other researchers or deemed too useless for research.
 

SethH

Senior HTF Member
Joined
Dec 17, 2003
Messages
2,867


I don't want to burst your bubble, but I do not think this is a worthwhile venture. If you really knew how to hack then maybe, but you don't and hacking isn't something you just learn really quick. Any firewall (even the Windows firewall) is going to close off all the ports to a simple telnet or ping or SSH or HTTP or FTP request. Any available firewall should easily pass any port scan . . .otherwise it wouldn't be much of a firewall would it?
 

Forum Sponsors

Forum statistics

Threads
345,205
Messages
4,734,017
Members
141,407
Latest member
An Elvis Fan