On Tuesday 19 September 2006 09:43, Andrew Cameron wrote: > I use > www.grc.com > > Then follow links to Sheilds-up as a starting point. Check all service > ports. > > And yes some ports may be open for intrusion detection if your firewall has > it.(like snapgears, but you can turn it off)
This does *not* test your firwall. All it does is list ports that can be seen as "open". A system that interacts in any meaningful way with other systems via the net must have some ports visibly open, and that in itself is *not* a security risk. But that check can help to detect ports that have been left open unintentionally, so it is worthwhile. A good firewall will help to police that traffic through open ports is legitimate - in order to test the firewall you need to stand *behind* it (not in front of it) and catch & report what comes through that shouldn't have - testing it from the outside is merely the first step you should perform before you connect your system to an untrusted network. After that, the real monitoring (constant, several times every day) begins - from within. *That's* the checking that is necessary Horst _______________________________________________ Gpcg_talk mailing list [email protected] http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
