Firewall Test Agent

This simple tool can be used to test and log the rules on a firewall. The Firewall Test Agent is able to open up any number of TCP and UDP ports on a windows machine and log any connection attempts. A port scanner or other such tool can then be used to scan through the firewall to find which ports have been allowed through in the firewall rule base. This tool is useful when you don’t have access to the firewall rules.

This tool could also be used as a port scan monitor if you are interested in the number of scans your networks are receiving.

  • System Requirements: Windows 2000 or higher
  • Version: 1.0
  • WARNING: Some machines will NOT be able to open thousands of ports. With older, slower and heavily utilized machines you should only open a few thousand ports at a time. I do not recommend any more than 10,000 ports at any one time although 65,535 if theoretically possible.
Table Of Contents

Add a header to begin generating the table of contents

Firewall Test Agent Screen Shots :

firewall_test_agent_sc2
firewall_test_agent_sc1
firewall_test_agent_sc3
firewall_test_agent_sc4

Firewall Test Agent FAQ :

 Q. How do I use the Firewall Test Agent?

firewall_test_agent_diagram
  1. Place the firewall test agent on a network divided by the firewalls who’s rules you wish to establish.
  2. Place a TCP/UDP network scanner on a second network divided by the firewall.
  3. Open a selected range of ports using the firewall test agent.
  4. Using a TCP/UDP network scanner attempt to connect to the firewall test agents open ports. (Scanners recommended below)
  5. Any successful connections indicated the firewall is allowing traffic from the source IP to the destination IP on the given port number.

 Q. How do I use Firewall Test Agent for port scan monitoring?

port_scan_monitor_sc
  1. Place the firewall test agent on a machine you wish to monitor.
  2. Open a selected range of ports using the firewall test agent. Common used ports such as 80, 21,23,25 etc are recommended.
  3. Using a TCP/UDP network scanner attempt to connect to the firewall test agents open ports. (Scanners recommended below)
  4. Any successful connections indicate a connection attempt was made to the machine. The source IP, time, date, port and protocol are all logged.

Q. How do I use Firewall Test Agent to test a software firewall?

software_firewall_test
  1. Place the firewall test agent on a machine you wish to monitor.
  2. Open a selected range of ports using the firewall test agent. Common used ports such as 80, 21,23,25 etc are recommended.
  3. Using a TCP/UDP network scanner attempt to connect to the firewall test agents open ports. We recommend using the Internet real IP address if you are using one. Find this here. (Scanners recommended below)
  4. Any successful connections indicated the software firewall is allowing traffic from the source IP to the destination IP on the given port number.

Q. How do I export the information?

A. A log file of all information is created in the root folder from where the program is run. The first time you run the firewall test agent the log file will only be created when you close the program. The file is log.txt

Q. What is the maximum number of ports I should open?

A. WARNING some machines will NOT be able to open thousands of ports. With older, slower and heavily utilized machines you should only open a few thousand ports at a time. I do not recommend any more than 10,000 ports at any one time.

Q. What is the connection made to stationx.net?

A. This connection looks for updates to the banner at the top of the program. This is a HTTP get for a gif image file.

Q. What information is written to the registry?

A. The only information written to the registry if your customization of the log file.

Q. How do I add port ranges?

A. Click the insert button and enter in the format 100-200 TCP or 80 TCP etc. Click again to add more.

Q. How do I delete port ranges?

A. Click on a port or port range and click on the delete button.

Q. What is the correct format of port ranges?

A. The format is portnumber-portnumber and portnumber. xxx-xxx or x. example 100-200 TCP or 80 TCP etc

Q. How do I Sort the order of the log file?

A. Click on the column header and it will sort into ascending or descending order.

Q. The Firewall Test Agent Hangs / Not Responding, What is wrong?

A. Try reducing the number of ports you are trying to open.

Q. What scanners are best to use?

A. The best port scanners for the job are nmap and superscanner.

superscan_firewall_test

I would recommend the use of a full TCP connect scan to guarantee more accurate results.
$ nmap -sS 192.168.1.11 -p 7000-8000 -P0

Q. Can I do tests without a port scanner?

A. Yes any type of TCP/UDP connection attempt will do. For example people often use telnet to test if a port is open.
e.g. C:\> telnet 127.0.0.1 100
This will attempt to connect to port 100 on IP 127.0.0.1 and if successful the firewall test agent will log it.

Download

Download

CATEGORIES
  • Jeff Hagen says:

    My system has blocked running this application

  • Shigeo KOBAYASHI says:

    Whenever I get mail from Station X, I spend all day reading all the materials carefully. As they are food for my growth.
    Thanks a lot!

  • >