Portal Home > Knowledgebase > Articles Database > Security Scan


Security Scan




Posted by turbowarp, 06-14-2008, 07:37 PM
Hello, Is it advisable to have someone scan your server setup, ie the firewall? If so, what is used to scan the firewall? Thanks

Posted by HYB-Bryan, 06-14-2008, 08:04 PM
You can do a port scan from outside your firewall using something like Nmap that will show you what ports are open. And yes, it is advisable to have a reputable company check your server setup if you are not confident in your own security skills. I would recommend more than just a firewall scan as your firewall is only (or should be) the first line of defense.

Posted by turbowarp, 06-14-2008, 09:16 PM
I just set up CSF Firewall and I am not sure that it is working. I did the nmap scan and even though I have the iptables set to not allow particular ports, the nmap scan still says they are open. (i.e. port 21) When I restarted csf, I get several errors like: Any idea what is causing the csf firewall error?

Posted by HYB-Bryan, 06-14-2008, 10:14 PM
Are you running nmap on the server with the firewall?

Posted by turbowarp, 06-14-2008, 10:19 PM
Yes, and no... I set it up nmap on 2 servers, both with csf firewall. One of my VPS' doesn't have the error with the firewall. The error was on the server before I installed nmap.

Posted by HYB-Bryan, 06-14-2008, 10:21 PM
Ok, but you are using nmap on server "A" to scan the ports on server "B", yes? A quick google shows other people who have had the error, but no solution that I have found. Some have noted that the problem went away on its own. Have you tried rebooting?

Posted by turbowarp, 06-14-2008, 10:24 PM
Not to be too confusing, but I have tried scanning server "A" with server "A" and also scan from server "B" also. Interestingly, I get the same results. I'll try rebooting to see if anything changes. Thanks

Posted by turbowarp, 06-14-2008, 11:02 PM
I restarted IPTables then rebooted and the error in csf firewall is still there. Any help is appreciated getting rid of the firewall error.

Posted by gpl24, 06-14-2008, 11:44 PM
Can anybody recommend a good company to scan your firewall/server? I'm fairly confident in my setup, but it's better to be safe than sorry.

Posted by zacharooni, 06-15-2008, 01:40 AM
Try doing this in another shell session while you csf -r: tail -f /var/log/messages | grep -i iptables

Posted by turbowarp, 06-15-2008, 09:04 AM
Maybe I didn't understand the syntax (or what you want me to do) of the statement... but this is what I got:

Posted by zacharooni, 06-15-2008, 03:23 PM
No no. Open up another PuTTy session, and have this command running first: tail -f /var/log/messages | grep -i iptables Then, back in the first session while that command is running, type: csf -r

Posted by turbowarp, 06-15-2008, 03:57 PM
When I do the tail -f /var/log/messages | grep -i iptables nothing happens... In the other PuTTy session, this is what happens:

Posted by Mike - Limestone, 06-17-2008, 01:05 PM
You can use NMAP to determine open ports and other sensitive information, such as footprinting (remote OS detection) and whether or not the remote host is just trying to "filter" the ports. NMAP would be great for scanning systems that have ICMP firewalls (specifically trying to block pings.) Once you have a firewall setup and would like to take it further than a simple NMAP scan, I would recommend using Nessus, which is a state of the art/high-speed vulnerability scanner - http://www.nessus.org/ - It won't just find the open ports and report them, but it will find holes in the firewall as well. Which can come in handy. There are many comapanies that will scan/test your firewall for you (such as unspecificconsulting.com, though I'm not sure of their present status). -mike



Was this answer helpful?

Add to Favourites Add to Favourites    Print this Article Print this Article

Also Read
site not working (Views: 344)

Powered by WHMCompleteSolution


Language:

Customer Testimonials

John Doe
It's a great service with fantastic support. It's definately good value for your money. Overall rating, 10 out of 10.
Mike Smith
Much better than my previous hosting company - I also got help with migration at no extra cost. Friendly support too.
Copyright © 2015 DC International LLC in partnership with Bragin IT Solutions Inc. - All Rights Reserved.