How do you test your router/firewall for security?
Chris Brenton
cbrenton at chrisbrenton.org
Fri Aug 8 20:12:37 EDT 2003
Larry Cook wrote:
> Now that I've moved to DSL, I was looking for ways to test the security
> of my router/firewall. I'm going to use ShieldsUp! (http://grc.com),
> but was wondering what other tools were available.
Tom's recommendation of having a friend poke your perimeter is probably
your best bet. Scott's site is cool, provieded you expect everything to
be be closed. If you do have any open ports its nice to have a sanity
check to verify that the listening service is secure as well.
> When using a dialup connection, I felt pretty safe because of the
> seperation of my network and the internet,
Bad idea. :(
Many Nimda, Code Red, Slammer, etc. etc. system were dial-up systems.
The record I'm aware of from a system getting plugged into a network to
getting fully rooted is 7 seconds (Geroge Bakos up at Dartmouth). If you
are plugging in, you need to stay protected.
> I guess it's more that I have
> confidence in iptables and ZoneAlarm, but this Actiontec router is a
> blackbox to me, so I don't really have much confidence in it.
You can always run Linux in bridging mode behind the router.
HTH,
C
More information about the gnhlug-discuss
mailing list