Share


Share

Share it !



share/bookmark

How to Test Your Firewall

You may have turned your PC's or Wireless Router's firewall feature on at some point, but how do you know if it's really doing its job?

The main purpose of a personal network firewall is to keep whatever is behind it safe from harm (and by harm I'm talking about hackers and malware).

If implemented correctly, a network firewall can essentially make your PC invisible to bad guys. If they can't see your computer, then they can't target you for network-based attacks.

Hackers use port scanning tools to scan for computers with open ports that might have associated vulnerabilities, providing them with backdoors into your computer. For instance, you may have installed an application on your computer that opens an FTP port. The FTP service running on that port might have a vulnerability that was just discovered. If a hacker can see that you have the port open and have the vulnerable service running, then they could exploit the vulnerability and gain access to your computer.

One of the major tenants of network security is to only allow ports and services that are absolutely necessary. The less ports open and services running on your network and/or PC, the less routes hackers have to try and attack your system. Your firewall should prevent inbound access from the internet unless you have specific applications that require it, such as a remote administration tool.

You most likely have a firewall that is part of your computer's operating system. You may also have a firewall that is part of your wireless router.

It is usually a best security practice to enable "stealth" mode on the firewall on your router. This helps to make your network and computer less conspicuous to hackers. Check your router manufacturer's website for details on how to enable the stealth mode feature.

So how do you know if your firewall is actually protecting you from the bad guys?

You should periodically test your firewall. The best way to test your firewall is from outside your network (i.e. the Internet). There are many free tools out there to help you accomplish this. One of the easiest and most useful available is ShieldsUP from the Gibson Research website. ShieldsUP will allow you to run several different ports and services scans against your network IP address which it will determine when you visit the site. There are four types of scans available for from the ShieldsUP site:

File Sharing Test

The file sharing test checks for common ports associated with vulnerable file sharing ports and services. If these ports and services are running it means that you could have a hidden file server running on your computer, possibly allowing hackers access to your file system

Common Ports Test

The common ports test examines the ports used by popular (and possibly vulnerable) services including: FTP, Telnet, NetBIOS, and many others. The test will tell you whether or not your router or computer's stealth mode is working as advertised.

All Ports and Services Test

This scan tests every single port from 0 to 1056 to see if they are open (indicated in red), closed (indicated in blue), or in stealth mode (indicated in green). If you see any ports in red you should investigate further to see what is running on those ports. Check your firewall setup to see if these ports have been added for some specific purpose.

If you don't see anything in your firewall rules list regarding these ports, it could indicate that you have malware running on your computer and it's possible that your PC may have become part of a bot net. If something seems fishy, you should use an anti-malware scanner to check your computer for hidden malware services

Messenger Spam Test

The Messenger Spam test attempts to send a Microsoft Windows Messenger test message to your computer to see if your firewall is blocking this service which can be exploited and used by spammers to send messages to you. This test is intended for Microsoft Windows users only. Mac/Linux users can skip this test.

Browser Disclosure Test

While not a firewall test, this test shows what information your browser may be revealing about you and your system.

The best results you can hope for on these tests is to be told that your computer is in "True Stealth" mode and that the scan reveals that you have no open ports on your system that are visible / accessible from the Internet. Once you have achieved this, you can sleep a little easier knowing that your computer is not holding up a big virtual sign that says "Hey! Pleas Attack Me."


View the original article here