Looking at firewall testing methods

After installing a firewall, connectivity between internal networks and the outside world is likely to be tested extensively. It may not seem like a good idea to try to hack the fruits of your hard labor, the firewall you just built and installed, but testing it for intrusion resistance is a key component of being certain that the new device is properly hardened and resistant to attack from outside the corporate network.

Most enterprise class firewall installations are tested by hiring someone to personally try to violate the security in place on the network. This can be limited to just the firewall, or can cover all aspects of security, including phishing of passwords through bogus emails to internal users. Assuming the attacks are limited to the firewall, a trained security person will play the role of the hacker and probe the firewall for common ways in, looking to exploit weaknesses. Ports will be scanned seeking openings that will allow outside access in to servers and computers on the network, and then access is attempted on any computer that has an open port that is directed to it.

A paid attack is not cheap, and it might not be for everyone depending on how critical security needs are and the size of the network in question. A small office or home office probably would not be hiring for such services. Instead, a far more basic but effective attack can be initiated by a web page that can be browsed to, and in most cases for free, offer you the choice to scan the network your computer is visiting from. The web page will kick off a script of different scans and provide a report informing you of any open and vulnerable ports or services. While not as thorough as a professional firewall test, performing a simple check like that can be the difference between business as usual and an all out crisis.

Leave a Reply

Your email address will not be published.

RSS
Follow by Email