Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Outbound Firewall Port Scanner

Status
Not open for further replies.
Roadki11

Roadki11

MIS
Mar 23, 2005
1,097
US
Does a utility exist to scan open outbound firewall ports on my firewall? I know many exist to scan for open inbound ports but i want to verify my outbound firewall policy.

Thanks,

RoadKi11
 
Sort by date Sort by votes
I've just run the same utility from inside the firewall.
 
Upvote 0 Downvote
You would need a target host outside the firewall that would react in predictable ways to determine if your outbound policy is working correctly. It would be hard to determine if a random ephemeral port, like 46622 is responding as closed because the firewall blocked the connection, or if the port was actually closed on the remote host.

For something like this, I would probably resort to netcat and do some scripting. Or maybe a tool like Firewalk, which can test lots of permutations but is EXTREMELY slow.

Normally outbound rulesets are so sparse that a manual approch is not unreasonable.


pansophic
 
Upvote 0 Downvote
pansophic said:
You would need a target host ... that would react in predictable ways
Click to expand...
Isn't that true regardless of the direction you're scanning?
 
Upvote 0 Downvote
I only mentioned the external host because most people don't have one to target. They have lots of hosts inside their firewall, but few if any on the outbound side. At least that you can consider "reliable" targets.


pansophic
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

XLNTech1
  • Locked
  • Question
iptables port forwarding
Replies
0
Views
675
XLNTech1
XLNTech1
hall5942
  • Locked
  • Question
open firewall port on 881
Replies
0
Views
222
hall5942
hall5942
hall5942
  • Locked
  • Question
open firewall port on 881
Replies
0
Views
201
hall5942
hall5942
TheFireman2
  • Locked
  • Question
Help with Watchguard Firebox M200 setup as a TMG 2010 replacement with ASA 5515 as main firewall
Replies
1
Views
315
hairlessupportmonkey
hairlessupportmonkey
Impersonator
  • Locked
  • Question
UDP Hacking port 53
Replies
1
Views
331
RodneyMcSnow
RodneyMcSnow

Part and Inventory Search

Sponsor

Back
Top