diff --git a/content/guides/firewall-testing.md b/content/guides/firewall-testing.md index ed8d60e..42e591a 100644 --- a/content/guides/firewall-testing.md +++ b/content/guides/firewall-testing.md @@ -25,32 +25,28 @@ Testing Tools To test your firewall there are a few software tools and a few online services to help you. I suggest the following tools: -- [Nessus](http://www.nessus.org) is probably the best open source - security scanner available. - [Nessus](http://www.nessus.org) not only checks the firewall of a - host, but also scans for known application vulnerabilities. - I highly recommend [Nessus](http://www.nessus.org) for periodic - (weekly, monthly, etc) scans. -- [Nmap](http://nmap.org/) ("Network Mapper") is an open source +- [Nessus](https://www.tenable.com/products/nessus) is probably the best + open source security scanner available. + [Nessus](https://www.tenable.com/products/nessus) not only checks the + firewall of a host, but also scans for known application vulnerabilities. + I highly recommend [Nessus](https://www.tenable.com/products/nessus) for + periodic (weekly, monthly, etc) scans. +- [Nmap](https://nmap.org/) ("Network Mapper") is an open source utility for network exploration or security auditing. It is also possible to try out connections, see what effect your firewall is having and monitor exactly what is happening on the network with tools such as: -- [netcat](http://netcat.sourceforge.net/) (`nc`) allows you to easily +- [netcat](https://netcat.sourceforge.net/) (`nc`) allows you to easily listen for connections and create connections and send data over both TCP and UDP. -- [tcpdump](http://www.tcpdump.org/) allows you to see and capture +- [tcpdump](https://www.tcpdump.org/) allows you to see and capture the traffic seen by a network device. - [Wireshark](https://www.wireshark.org/) is a GUI equivalent which makes it very easy to decode and filter live traffic as well as being able to read data captured by `tcpdump`. -Other useful links: - -- [Top 125 Network Security Tools](http://sectool.org/) - Online Tools ------------ @@ -58,23 +54,18 @@ Online Tools There are a number of sites that offer firewall testing services to everyone: -- [AuditMyPC](http://www.auditmypc.com/) -- [Security Space](http://www.securityspace.com/sspace/index.html), a +- [AuditMyPC](https://www.auditmypc.com/) +- [Security Space](https://www.securityspace.com/sspace/index.html), a commercial service with a free scan. \ These people are using something like - [Nessus](http://www.nessus.org) if not - [Nessus](http://www.nessus.org) itself). + [Nessus](https://www.tenable.com/products/nessus) if not + [Nessus](https://www.tenable.com/products/nessus) itself). - [Shields UP!!](https://grc.com/x/ne.dll?bh0bkyd2) NanoProbe Technology Internet Security Testing for... Windows Users. (note: well, it says for Windows, but it is a port scanner with a limited - range of ports to be scanned...) -- [SubnetOnline.com](http://www.subnetonline.com/) provide tools + range of ports to be scanned.) +- [SubnetOnline.com](https://www.subnetonline.com/) provides tools which allow you to check if specific TCP ports are open for both - [IPv4](http://www.subnetonline.com/pages/network-tools/online-port-scanner.php) - and [IPv6](http://www.subnetonline.com/pages/ipv6-network-tools/online-ipv6-port-scanner.php) amongst other things. - -Other testers on the net: - -- [Smurf Amplifier Registry (SAR)](http://www.powertech.no/smurf/) The - SAR is a tool for Internet administrators being attacked by or - implicated in smurf attacks, or those who wish to take precautions. + [IPv4](https://www.subnetonline.com/pages/network-tools/online-port-scanner.php) + and [IPv6](https://www.subnetonline.com/pages/ipv6-network-tools/online-ipv6-port-scanner.php) + amongst other things.