Test Your Firewall Configuration With Nmap on Linux

 

 

 

Testing the security effectiveness of a firewall is one of the best ways to assess its effectiveness. Firewall testing can provide you with empirical information about the security of your firewall against threats presented by unauthorized users. Your hardware firewall must be tested to ensure it is functioning effectively so your network can be protected. Several different firewall testing tools may be available, including proprietary ones. In order to obtain these tools, users have to contact the firewall provider. Using Nmap’s firewall filtering identification feature, you can identify whether filtering is applied to ports based on their responses to ACK probes.

 

 

 

In this article we will demonstrate how to test your firewall configuration by using the Nmap tool. It is not a good idea to run Nmap on addresses that aren’t your own.

 

 

 

Now let’s begin,

 

 

 

 

* Ensure that Nmap is installed on the VPSie you wish to test.

 

 

 

  • For Debian-based distributions, run the following command:
apt install -y nmap

 

  • CentOS and RHEL:
yum install -y nmap

 

 

 

 

Step 1: Testing one single TCP port.

 

 

 

 

 

Test one port using the following command:

 

 

 

To illustrate, let’s use the port number 80 and IP address 11.76.3.23 as examples,

 

nmap -p 80 11.76.3.23

 

 

 

OUTPUT



admin:~# nmap -p 80 11.76.3.23

Starting Nmap 1.34 at 2021-11-13 00:00 EEST
Nmap scan report for 11.76.3.23
Host is up (0.000134s latency).
PORT   STATE SERVICE
80/tcp open  http

Nmap done: 1 IP address (1 host up) scanned in 0.31 seconds

 

 

 

Step 2: Testing all TCP ports.

 

 

 

Test all TCP ports with the following command (-p-), and will save the output to nmap.out.

 

 

nmap -oN nmap.out -p- 11.76.3.23

 

 

 

Step 3: Test all TCP ports and identify the version.

 

 

 

Using this command, we can test all TCP ports (-p-), identify which services and versions are being used (-sV), and then save the results to nmap.out.

 

nmap -sV -oN nmap.out -p- 11.76.3.23

 

 

 

Step 4: Run basic security checks on all TCP ports.

 

 

Using this command, we can test all TCP ports (-p-), check the security for open ports (-sC), and output it to nmap.out.

 

nmap -sC -oN nmap.out -p- 11.76.3.23

 

 

By using these checks for security vulnerabilities and configuration errors are particularly helpful, however, there are other useful options there that we haven’t discussed here, so make sure to explore them as well.

 

 

 

 

 

That’s it!

 

 

 

 

 

VPSie is looking forward to embarking on a new journey with you!.

 

 

 

 

 

Get the most out of learning with VPSie.com