firewall port scanning

Discussion in 'Cisco' started by asj, Jul 18, 2006.

  1. asj

    asj Guest

    hello all,

    can anyone tell me what is the best way (site, software) to scan my pix
    firewall opened port.

    note that my network is very big network and we have many pix firewalls
    in differnt locations. i tried to make a port scanning though some web
    sites and the resultes was positive. but the security auditor said that
    i have many open ports! so how can i make a real deep scanning and what
    range of ports i have to apply?

    thanx in advance
     
    asj, Jul 18, 2006
    #1
    1. Advertising

  2. In article <>,
    asj <> wrote:

    >can anyone tell me what is the best way (site, software) to scan my pix
    >firewall opened port.


    >note that my network is very big network and we have many pix firewalls
    >in differnt locations. i tried to make a port scanning though some web
    >sites and the resultes was positive. but the security auditor said that
    >i have many open ports!


    If you were trying grc.com, then you would likely find it...
    of interest... to read grcsucks.com

    > so how can i make a real deep scanning and what
    >range of ports i have to apply?


    I suggest you start with nmap .

    If you are starting the nmap scans from within your own network,
    targetting a different part of your network, then you will encounter
    the issue that you probably have legitimate tunnels and exemptions in
    place between your subnetworks, and so your scan would not be a
    good reflection on what an outsider would see.

    If you have that large of a network, it might be worth bringing in
    another connection (e.g., ADSL or cable) that is completely "outside"
    your regular network, and do the scan from there. Be sure, though, to
    tell the ISP of your intentions: you don't want them turfing your
    account because they think you are attacking people. Also, when
    you are making the arrangements, you need to check what ports the
    ISP itself blocks: you do not want to be surprised by your scanner
    telling you a port is closed only to find out later that it is wide
    open and that it is your ISP that is blocking the port instead of your
    network firewalls.

    For preliminary experiments with nmap, you might be able to start from
    your home ISP connection.
     
    Walter Roberson, Jul 18, 2006
    #2
    1. Advertising

  3. asj

    asj Guest

    Walter Roberson wrote:
    > In article <>,
    > asj <> wrote:
    >
    > >can anyone tell me what is the best way (site, software) to scan my pix
    > >firewall opened port.

    >
    > >note that my network is very big network and we have many pix firewalls
    > >in differnt locations. i tried to make a port scanning though some web
    > >sites and the resultes was positive. but the security auditor said that
    > >i have many open ports!

    >
    > If you were trying grc.com, then you would likely find it...
    > of interest... to read grcsucks.com
    >
    > > so how can i make a real deep scanning and what
    > >range of ports i have to apply?

    >
    > I suggest you start with nmap .
    >
    > If you are starting the nmap scans from within your own network,
    > targetting a different part of your network, then you will encounter
    > the issue that you probably have legitimate tunnels and exemptions in
    > place between your subnetworks, and so your scan would not be a
    > good reflection on what an outsider would see.
    >
    > If you have that large of a network, it might be worth bringing in
    > another connection (e.g., ADSL or cable) that is completely "outside"
    > your regular network, and do the scan from there. Be sure, though, to
    > tell the ISP of your intentions: you don't want them turfing your
    > account because they think you are attacking people. Also, when
    > you are making the arrangements, you need to check what ports the
    > ISP itself blocks: you do not want to be surprised by your scanner
    > telling you a port is closed only to find out later that it is wide
    > open and that it is your ISP that is blocking the port instead of your
    > network firewalls.
    >
    > For preliminary experiments with nmap, you might be able to start from
    > your home ISP connection.



    thanx walter

    can i do kind of testing like following:

    connect a pc to the outside interface of my firewall directly and try
    to atack (scan) my inside interface (or network) and see what ports are
    opend? couse as i know there r some softwares like nessus can do that
    but i'm not sure if its work or not and how to achive that!

    regards
     
    asj, Jul 18, 2006
    #3
  4. In article <>,
    asj <> wrote:

    >can i do kind of testing like following:


    >connect a pc to the outside interface of my firewall directly and try
    >to atack (scan) my inside interface (or network) and see what ports are
    >opend?


    Yes, certainly.

    >couse as i know there r some softwares like nessus can do that
    >but i'm not sure if its work or not and how to achive that!


    nessus is more a vulnerability scanner:

    "We mostly focus on the developement of security checks for recent
    security holes."

    For example it might probe for a web server, check the software name,
    and check to see if the version number of that software is one that
    has any known holes.

    If you want to know which ports are open, a bulk port scanner is
    of more basic utility.
     
    Walter Roberson, Jul 18, 2006
    #4
  5. asj

    asj Guest

    Walter Roberson wrote:
    > In article <>,
    > asj <> wrote:
    >
    > >can i do kind of testing like following:

    >
    > >connect a pc to the outside interface of my firewall directly and try
    > >to atack (scan) my inside interface (or network) and see what ports are
    > >opend?

    >
    > Yes, certainly.
    >
    > >couse as i know there r some softwares like nessus can do that
    > >but i'm not sure if its work or not and how to achive that!

    >
    > nessus is more a vulnerability scanner:
    >
    > "We mostly focus on the developement of security checks for recent
    > security holes."
    >
    > For example it might probe for a web server, check the software name,
    > and check to see if the version number of that software is one that
    > has any known holes.
    >
    > If you want to know which ports are open, a bulk port scanner is
    > of more basic utility.



    thanx again Walter

    my idea is to depend on a software rather than on a web site test,
    so i want to install kind of clint/server software like (nessus), then
    put the clint in an interface and the server in the other interface.
    then try to hite from outside to in side.

    the problem is the clint/server nessus has the only unix version and
    not windows version. we just use windows!

    regards
     
    asj, Jul 18, 2006
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Phil
    Replies:
    1
    Views:
    2,139
    Walter Roberson
    Dec 11, 2004
  2. Replies:
    1
    Views:
    560
    Walter Roberson
    Jun 14, 2005
  3. Oz

    Port scanning

    Oz, Nov 21, 2003, in forum: Computer Support
    Replies:
    2
    Views:
    598
    John H. Guillory
    Nov 22, 2003
  4. Fred_McGriff

    Port "0" scanning

    Fred_McGriff, Sep 12, 2003, in forum: Computer Security
    Replies:
    5
    Views:
    879
    The Saint
    Sep 13, 2003
  5. Rick Merrill

    port scanning

    Rick Merrill, Feb 14, 2006, in forum: Computer Support
    Replies:
    9
    Views:
    549
    Rick Merrill
    Feb 17, 2006
Loading...

Share This Page