Linux: Testing your iptables firewall

I have an old Pentium II running Debian Testing to protect my internal network from the Internet. Yesterday, I decided to test this firewall using a site that performs a portscan. I came accross http://www.testmyfirewall.com/ that did exactly what I wanted. This site claimed my internal address (the address of the computer sitting behind the firewall) was exposed to the outside. Yeah, right. After some digging I came accross this post from a guy having the same "problem". It seems that testmyfirewall starts an applet displaying the address of the computer running the applet, which is indeed the one sitting behind the firewall.
So this site does not test your firewall, it only tests your browser which is a different thing.
Just be aware of sites that claim to test your firewall, they're not allways right.

Comments

Alex said…
To really test your firewall:

https://www.grc.com/x/ne.dll?bh0bkyd2

http://www.grc.com is furthermore a very nice supplier of information and tools regarding network security...

(dit even in het engels, wellicht dat er anderen hier bij gebaat zijn ;-). Azalin.)
2:41 PM
Post a Comment

Popular posts from this blog

Remove copy protection from PDF documents

This is probably illegal, so use it at your own risk. Some PDFs on the internet have a copy protection to make sure you cannot copy-paste any content from the PDF into a document you're writing. To circumvent this protection there are several tools available on the internet. I haven't tried any of them, because they're not free ;) There is however a procedure that will enable you to circumvent the copy protection using free tools. The trick is to convert the PDF to a PS (PostScript) document first and then convert it back into a PDF. So, download Ghostview en Ghostscript from: http://www.cs.wisc.edu/~ghost/ . Next, open your PDF in Ghostview. Next, from the "File" menu, select "Convert" (a dialog will pop up) Press "Ok" Fill in the name of the "converted" file. Press "Save" Tada, you can now copy content from your newly created PDF ;)
Read more

The story of the Cobalt Qube

Image
The other week, a friendly colleague of mine brought me a small present. He gave me one of his Cobalt Qube s (for free!) which was collecting dust at his home. He was certain that I could give it a better use. I think I can still remember the days these things hit the market (somewhere in the late 90's). This was a home / office server appliance way before the people of Microsoft thought up their Windows Home Server . It was running some modified version of Linux RedHat, featuring a web interface for all administrative tasks. It also had 2 network cards, so you could easily turn it into a gateway / firewall. The RedHat version running on the Qube was known to be notoriously insecure. It was also running an older 2.0.x kernel which was outdated, even at that time. The Qube 2700 and Qube 2 were both equipped with a MIPS processor. Later models had an i386 architecture. Mine was a Qube 2. Getting the serial connection to work The Qube does not have any VGA adapter, so if you want to s
Read more

Jori Hulkkonen feat. Jerry Valuri - Lo-Fiction

If someone would ask me to compile a list of 10 personal favorites, Lo-Fiction would definitely be ranked very high. I don't think anyone would disagree with this statement. P.S. If someone is able to find the lyrics for this song, please be so kind to post a link. Even though it's English I don't always understand what he's singing about :(
Read more