Firewall Test Agent:

Name:	Firewall Test Agent v1.1[ZIP 774 KB]
Released:	23rd June 2005
System Requirements:	Windows 2000 or higher
Credit:	Nathan House
Abstract:	This simple tool can be used to test and log the rules on a firewall. The Firewall Test Agent is able to open up any number of TCP and UDP ports on a windows machine and log any connection attempts. A port scanner or other such tool can then be used to scan through the firewall to find which ports have been allowed through in the firewall rule base. This tool is useful when you don't have access to the firewall rules. This tool could also be used as a port scan monitor if you are interested in the number of scans your networks are receiving.
Report Bugs :	nhouse[at]stationx.net
WARNING:	Some machines will NOT be able to open thousands of ports. With older, slower and heavily utilized machines you should only open a few thousand ports at a time. I do not recommend any more than 10,000 ports at any one time although 65,535 if theoretically possible.

Download

---

Firewall Test Agent FAQ :

Q. How do I use the Firewall Test Agent?

Q. How do I use Firewall Test Agent to test a software firewall?

1. Place the firewall test agent on a machine you wish to monitor.
2. Open a selected range of ports using the firewall test agent. Common used ports such as 80, 21,23,25 etc are recommended.
3. Using a TCP/UDP network scanner attempt to connect to the firewall test agents open ports. We recommend using the Internet real IP address if you are using one. Find this here. (Scanners recommended below)
4. Any successful connections indicated the software firewall is allowing traffic from the source IP to the destination IP on the given port number.
   

Q. How do I export the information?

A. A log file of all information is created in the root folder from where the program is run. The first time you run the firewall test agent the log file will only be created when you close the program. The file is log.txt

Q. What is the maximum number of ports I should open?

A. WARNING some machines will NOT be able to open thousands of ports. With older, slower and heavily utilized machines you should only open a few thousand ports at a time. I do not recommend any more than 10,000 ports at any one time.

Q. What is the connection made to stationx.net?

A. This connection looks for updates to the banner at the top of the program. This is a HTTP get for a gif image file.

Q. What information is written to the registry?

A. The only information written to the registry if your customization of the log file.

Q. How do I add port ranges?

A. Click the insert button and enter in the format 100-200 TCP or 80 TCP etc. Click again to add more.

 

Q. How do I delete port ranges?

A. Click on a port or port range and click on the delete button.

Q. What is the correct format of port ranges?

A. The format is portnumber-portnumber and portnumber. xxx-xxx or x. example 100-200 TCP or 80 TCP etc

Q. How do I Sort the order of the log file?

A. Click on the column header and it will sort into ascending or descending order.

Q. The Firewall Test Agent Hangs / Not Responding, What is wrong?

A. Try reducing the number of ports you are trying to open.

Q. What scanners are best to use?

A. The best port scanners for the job are nmap and superscanner.

I would recommend the use of a full TCP connect scan to guarantee more accurate results.
$ nmap -sS 192.168.1.11 -p 7000-8000 -P0

Firewall Testing using SuperScanner

Q. Can I do tests without a port scanner?

A. Yes any type of TCP/UDP connection attempt will do. For example people often use telnet to test if a port is open.
e.g. C:\> telnet 127.0.0.1 100
This will attempt to connect to port 100 on IP 127.0.0.1 and if successful the firewall test agent will log it.