Test Your Firewall – Have You Firewalked?

All companies on the Internet have a firewall, even an older filtering firewall. here is a simplistic diagram of Internet – Modem – Firewall – Local Switch – Computers on network.

basic networkdiagram

 

Do you know what your firewall looks like from the Internet? When a hacker looks at your network how does your firewall actually look like?

 

Should you use the same people that are running your computers and network to check your firewall? Isn’t this a conflict of interest?

 

Is it even necessary to test your firewall?  Your IT is outsourced so why do anything else?  Can’t you trust IT with the current people that run it?

What I want to do now is make 2 lists (feel free to contact me and give me more reasons for each list):

 

List A.    Yes You need to test – Why?

PCI compliance says you should test firewall to see if it has vulnerabilities.

If the firewall was misconfigured you can find problems

If the firewall has a problem unknown to IT support can find the problem

If we get breached then the brand will take a hit

The support personnel doing the firewall support should not test their own configurations

Do you have a risk management process?

 

List B.   No need for testing

We outsource our IT if there is a breach they will take blame

We trust our IT support personnel implicitly

We don’t understand what could possible be wrong with our network firewall as it is working

No one has told us there is a problem

We don’t need to focus on security there is nothing here for hackers to steal

 

 

Riskmanagmentsystemsprocess

 

 

If the “Customer Needs” are a secure computer environment I.e. when I use computer I expect it to work correctly

“Model the System” is your computer environment

“Product and Process” is  using computers while being secure

“Re-evaluate” means to check the computer environment (is it secure?)

 

Now in this feedback loop re-evaluate means test the firewall.

 

So what does firewall walking – firewalk mean?

http://www.giac.org/paper/gsec/312/firewalk-attackers-firewall/100588

is an excellent paper to discuss firewalking

It is the process of finding out ports open on the firewall, so that one can know if there are any potential weaknesses.

 

There are tools that perform firewalking, such as nmap script and hping.

 

These tools are free, oh and do you think these guys check for permissions before they hack?

evgeniybogachevfbimostwanted

nikolaepopescu-only

 

Contact Us to discuss firewalking or other security policy questions