hello all,
can anyone tell me what is the best way (site, software) to scan my pix firewall opened port.
note that my network is very big network and we have many pix firewalls in differnt locations. i tried to make a port scanning though some web sites and the resultes was positive. but the security auditor said that i have many open ports! so how can i make a real deep scanning and what range of ports i have to apply?
thanx in advance
If you were trying grc.com, then you would likely find it... of interest... to read grcsucks.com
I suggest you start with nmap .
If you are starting the nmap scans from within your own network, targetting a different part of your network, then you will encounter the issue that you probably have legitimate tunnels and exemptions in place between your subnetworks, and so your scan would not be a good reflection on what an outsider would see.
If you have that large of a network, it might be worth bringing in another connection (e.g., ADSL or cable) that is completely "outside" your regular network, and do the scan from there. Be sure, though, to tell the ISP of your intentions: you don't want them turfing your account because they think you are attacking people. Also, when you are making the arrangements, you need to check what ports the ISP itself blocks: you do not want to be surprised by your scanner telling you a port is closed only to find out later that it is wide open and that it is your ISP that is blocking the port instead of your network firewalls.
For preliminary experiments with nmap, you might be able to start from your home ISP connection.
thanx walter
can i do kind of testing like following:
connect a pc to the outside interface of my firewall directly and try to atack (scan) my inside interface (or network) and see what ports are opend? couse as i know there r some softwares like nessus can do that but i'm not sure if its work or not and how to achive that!
regards
Yes, certainly.
nessus is more a vulnerability scanner:
"We mostly focus on the developement of security checks for recent security holes."
For example it might probe for a web server, check the software name, and check to see if the version number of that software is one that has any known holes.
If you want to know which ports are open, a bulk port scanner is of more basic utility.
thanx again Walter
my idea is to depend on a software rather than on a web site test, so i want to install kind of clint/server software like (nessus), then put the clint in an interface and the server in the other interface. then try to hite from outside to in side.
the problem is the clint/server nessus has the only unix version and not windows version. we just use windows!
regards
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.