Firewall Port Scan and Vulnerability Test Results   Introduction

This report documents the results of one of our firewalls. Briefly, they are stateful, packet filtering, NAT firewalls that have been tested by three other companies (not all results are shown here) with excellent results. We are open about our test results and testing methodologies. We have partnered with companies that one may think we compete with, and freely publish their results here. This demonstrates the auditability of our systems. доставка пиццы динамо

The firewall is well suited for home and SOHO use. Its configurability allows for easy implementation where you need to set up a DMZ with servers in the DMZ.

Note: The IP address for these reports has been sanitized. We know some of you out there will feel compelled to test our firewall, and for security reasons, it has been altered.

Test Types   Types of Tests

We use two tests for firewalls - a port scan and a penetration test. The port scan scans the firewall for open ports - a port being a service offered to the outside. Examples of services include web, mail, and file transfer. A profiler (someone profiling your systems in preparation for an attack) will typically use a port scanner to see what services are open and available for exploitation. Free quotes and demos of apartment management software for residential properties.

The second test used is a penetration test. This is a tool that activly attacks your firewall (and the servers behind the firewall) looking for vulnerabilities. This is a very aggressive attack and has been known to cause poorly maintaned systems to crash. It has also been used to show inaccuracies in vendor security tools. LP140WH2(TL)(A2) REPLACEMENT LAPTOP LCD SCREEN

Gibson Research   Test Type: Port Scan

Gibson Research provides a basic port scan for you. No open ports were discovered on our firewalls.

Sygate Technologies   Test Type: Port Scan

Sygate Tech provides a more advanced port scan for you. No open ports or trojans were discovered on our firewalls.

Vulnerability Test from Edge OS   Test Type: Penetration Test

EdgeOS.com provides two reports when they test your firewall or computer. They provide an excellent service, and their vulnerability database is oftentimes updated before the vulnerabilities are publically announced. When you sign up, please put "George Toft" as the reference for how you heard about them.

EdgeOS report number 1.

EdgeOS report number 2.

Vulnerability Test from Nessus   Test Type: Penetration Test

The very enlightening results from nessus:

Summary

This firewall provides a very low profile to port scanners, which will allow you to escape notice by most profilers, and it deflects all known vulnerabilities.

Note: Relying solely on a firewall to protect your internal systems is unwise, and contrary to current security practice. You need redundancy, and a firewall is only a part of the overall security posture you need to maintain. Our philosophy is that all of your internal computers must be able to withstand exposure to the Internet for a short period of time should your firewall be compromised and disabled. A DMZ is a good example of this redundancy as it forces attackers to compromise two firewalls before they get to your internal systems. If you have a wireless LAN, you need additional firewalls as the wireless network is now untrusted.