Testing Firewalls: Accessing ports? (1 Viewer)

[JimmyM]

Sorry for the recent influx of computer related questions, but I am having zero luck with google searches, PC websites, and newsgroups. You people have been the most informative resource I have found.

This coming school year, I will have to work on a year-long science project, and for part of mine, I want to test a variety of firewalls and computers without firewalls. I have figured out how to ping a computer via a command line prompt, but I have no idea how to attempt to access system internet ports (i.e., port 80, etc.). I would like to this so that I could test how easily one can access these ports and what damage could be done by this attack.

So, my question is, if I network two or more computers, could I use one to simulate an Internet attack on another, thus testing the firewall and/or taking control of the other system? Is this even technologically possible, or is it illegal, and thus there is no software available?

 

[Tekara]

Judging by your question, I believe you would be served best by looking into a 3rd party program that will run security tests for you. There's quite a number out there for network administrators to make use of on their own networks. Look for software that will generate a good report of it's results for use in your project.

if you own the attacking computer and the defending computer there shouldn't be any legal issues. Now if you go around attacking other people's computers without their consent (like the school's computers) then you'll be causing trouble.

 

[JimmyM]

Ok, thank you!


I'm sure I can find some software by searching around, but does anyone have a good title to recommend?

 

[Andrew Pratt]

There's also some interesting online apps that you can run to test some of vunerabilities...try www.dslreports.com/scan for starters.

 

[WayneO]

Or try this: https://grc.com/x/ne.dll?bh0bkyd2

 

[Matt`G]

For Windows, an easy to use scanner is called GFI LANGuard. For Linux, you could use Nessus. Please be careful when using any vulnerability scanner, as there are risks of causing harm to the machines that you scan.

Good luck, and I can't stress enough how important it is to get permission! The last thing you need is to get expelled for breaking the computer usage policy.

 

[JimmyM]

Thanks for the links, Matt.

BTW, If I do decide to perform this project, the systems would be my own that I'd have to purchase and test on my own (I'd probably get a grant), so no risk of destroying school systems. However, I'm beginning to wonder about the overall usefulness of this project (since I don't want to waste government money, or a local professor's time). Does anyone think that this is a worthwhile venture? Got any ideas on how to extend this project? I'm not trying to get anyone to do this for me, just wondering if the data I'd compile hasn't been beaten to death by other researchers or deemed too useless for research.

 

[Stacey]

There's a neat little site called Shields Up ( https://www.grc.com/x/ne.dll?bh0bkyd2 ) where you can have your computer scanned and a nifty report displayed about the ports accessed and overall internet security.

 

[Fredster]

Nmap is one of the popular port scanners and it's free.

See http://www.insecure.org/nmap/

 

[SethH]

I don't want to burst your bubble, but I do not think this is a worthwhile venture. If you really knew how to hack then maybe, but you don't and hacking isn't something you just learn really quick. Any firewall (even the Windows firewall) is going to close off all the ports to a simple telnet or ping or SSH or HTTP or FTP request. Any available firewall should easily pass any port scan . . .otherwise it wouldn't be much of a firewall would it?