Go Back   Computer Forums > General Computing > Networking | DNS
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 12-11-2005, 11:10 AM   #1
Beta Member
 
Join Date: Dec 2005
Posts: 1
Default Needs some help Concerning firewall programs

Hi all

It is my first time here and i am very pleased to find this great forum that strongly gives major support to its members.

Actuallly my problem is little complicated... i know nothing about network and its concepts... and i am now in a situation that i am obliged to test a firewall program. and this will be within couple of days.. so i have downloaded some firewall programs to try to be familiar with it.. and now i face so many questions and options that are considered to be so difficult to me to understand.
i have searched alot about them and i found your great forum by chance... and i am full of hopes that i can find all answers to my problems here

i will mention now some of the options that i want to know what are these... and how exactly i can test them.

1- Allow/block outgoing DNS
2- Allow/block outgoing DHCP
3- incomming UDP Ports

as i have the answers to these 3 options.. i may have some else to ask about

I realy appreciate your help
Thanks
__________________

ziohausam is offline   Reply With Quote
Old 12-12-2005, 04:04 PM   #2
In Runtime
 
tractorboy's Avatar
 
Join Date: Oct 2005
Posts: 110
Default Re: Needs some help Concerning firewall programs

Kerio has some good programs that you can configure the firewall what to block. Why do you think you have to have a firewall. Do you have broadband ? What I would suggest is to r4ead up on the subject and not rely on someone else.

here is a start
http://www.howstuffworks.com/firewall.htm
__________________

tractorboy is offline   Reply With Quote
Old 12-17-2005, 07:59 AM   #3
Site Team
 
root's Avatar
 
Join Date: Mar 2004
Posts: 8,006
Default Re: Needs some help Concerning firewall programs

hmm... the easiest way to test these...

DNS works on port 53... easiest way to test this...

set up the firewall either to bock port 53 TCP, or if it has named services tell it to block DNS...

now start a command prompt, type nslookup
then type google.co.uk...

a name server should respond...

like this...
Code:
> google.co.uk
Server:  [192.168.88.1]
Address:  192.168.88.1

Non-authoritative answer:
Name:    google.co.uk
Addresses:  216.239.59.104, 216.239.39.104, 216.239.57.104
now set yuor name server to something else...

type server 62.31.176.39

now... (if dns is allowed out you should see)
Code:
> google.co.uk
Server:  ns1-wol.blueyonder.net
Address:  62.31.176.39

Non-authoritative answer:
Name:    google.co.uk
Addresses:  216.239.57.104, 216.239.59.104, 216.239.39.104
if not you should see a message saying something like this

Code:
> google.com
Server:  [62.31.176.39]
Address:  62.31.176.39

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
*** Request to [62.31.176.39] timed-out
you'll also see int he firewall logs that the packetsare being dropped...
__________________
I didn’t fight my way to the top of the food chain to be a vegetarian…
Im sick of people saying 'dont waste paper'. If trees wanted to live, they'd all carry guns.
"The inherent vice of capitalism is the unequal sharing of blessings; The inherent vice of socialism is the equal sharing of miseries."
root is offline   Reply With Quote
Old 12-17-2005, 08:06 AM   #4
Site Team
 
root's Avatar
 
Join Date: Mar 2004
Posts: 8,006
Default Re: Needs some help Concerning firewall programs

DHCP is a little more complicated...

DHCP is sent out as a broacast packet 255.255.255.255 so that all machines see the packet, and hopefully a DHP server will respond,

this, means that your firewall will see the packet, but will not necessarily respond

dhcp works using serveral ports.
see (http://www.iana.org/assignments/port-numbers)...

to check if these ports can be reached outside of your firewall open the command prompt (again) and type telnet google.com [port-number]

eg telnet google.com 68

you should see that the connection is erfused and that the packet being dropped is again noted in the firewall logs... assuming this happens, then great the firewall passed test 2...
__________________
I didn’t fight my way to the top of the food chain to be a vegetarian…
Im sick of people saying 'dont waste paper'. If trees wanted to live, they'd all carry guns.
"The inherent vice of capitalism is the unequal sharing of blessings; The inherent vice of socialism is the equal sharing of miseries."
root is offline   Reply With Quote
Old 12-17-2005, 08:11 AM   #5
Site Team
 
root's Avatar
 
Join Date: Mar 2004
Posts: 8,006
Default Re: Needs some help Concerning firewall programs

ter isn't really a way to test incoming udp ports...

at least not without bneing on the outside and trying to come in... all I could suggest is that you have the firewall machine attached to an internet connection for an hour or so, and hope that something tries to access that machine using a UDP... if you see UDP packets being dropped in the log files, then great, test 3 is a suces also...

you could try thinking of a program that uses UDP... the only one that I can think of where you can "attack" your network searching for vulnerabilities is NMAP...

or this site...
www.grc.com

I hope that hels, (and I hope it's not too late!).
__________________
I didn’t fight my way to the top of the food chain to be a vegetarian…
Im sick of people saying 'dont waste paper'. If trees wanted to live, they'd all carry guns.
"The inherent vice of capitalism is the unequal sharing of blessings; The inherent vice of socialism is the equal sharing of miseries."
root is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 07:41 PM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0