Do you use a Firewall, perhaps a dedicated one or one of those comprehensive suites or are you satisfied with the Windows firewall?. Check the effectiveness of your protection with the free firewall testers below:
Free Firewall Test and Port Scan – Online
Gibson Research Corporation – ShieldsUP! – The Internet’s quickest, most popular, reliable and trusted, free Internet security checkup and information service. And now in its Port Authority Edition, it’s also the most powerful and complete. Check your system here, and begin learning about using the Internet safely.
PC Flank: Advanced Port ScannerThe Advanced Port Scanner will test your system for open ports that can be used in attacks on your computer. You can select which scanning technique will be used during the test TCP connect scanning (standard) or TCP SYN scanning. You can also select what ports of your system you want to scan: desired ports or range of ports, typical vulnerable and Trojan ports, 20 random ports or All ports
HackerWatch Test Your Firewall – Our server is ready to send traffic to your computer. You may select either of two methods. If you would like to simply generate some event traffic on your computer to test the event notification dialog and see some events in the log choose the simple probe. If you would like the server to check a list of common ports on your computer to determine if it is able to obtain a connection to them use the port scan.
AuditMyPC Firewall Test – Free Internet Security Testing – A firewall test should be conducted often and is easy to do. This site offers basic as well as advanced firewall tests.
Digital Control Systems – Passive TCP Port Scan Report
Hackerwhacker Firewall Tester, Free Security Scan – This test will tell you if you have some very common vulnerabilities. You should run this test every few days OR after installing a new piece of software to make sure no security holes have crept in.
PC Flank: Stealth Test – With the help of the Stealth test you can determine if your computer is visible to the others on the Internet. You can also use this test to determine if your firewall is successful in making ports of your system stealthed.
Free Port Scan – Free Server/Firewall Test – SecurityMetrics – Offers Home Office/Personal Firewall Test For home users and Business Server/Firewall Test For Webmasters, Network Administrators, and Executives – test up to three servers.
broadband Security Port Scan – A modern port scan tool is used (nmap) and this attempts to identify the machine signature, and any vulnerable services running on it. If NETBIOS ports are open (indicating it is a Windows machine), then we attempt to talk to your netbios to see if there are any shares or printers visible, and to query your machine name and domain name.
BufferZone – Security Test – This test simulates an internet download similar to what any users may perform and will attempt to prove that none of your security systems will alert or identify our intrusion attempt. As you run the .exe file it will launch your calculator and scan your documents‘ names. We will then place your document names on our server and provide you with a link so that you can see what files we accessed.
SpeedGuide.net Security Scan – a comprehensive remote port scanner that audits a number of commonly used ports on your system in order to detect potenital security vulnerabilities. Many of those ports are used by servers, sharing services, trojans/backdoors, worms, as well as crackers trying to break into your system, or obtain information about it. The SG Security Scanner performs real-world attacks and analysis, providing information about the ports it finds open (if any), in order to help secure and better understand the potenital vulnerabilities of your network.
gamasec Port scanner, open ports check and Firewall security configuration – Online-Port scanner gives the ability to perform an online scan of your TCP ports and to check open port and security of your computer/network/firewall. The results of this ports-scan can be used as a basis for your firewall configuration. This test sheds light on how easy it is for Hackers, Intruders or Malware to enter your computer and network.
Der Keiler: Free Online-Portscanner – This Online-Portscanner uses the open-source utility nmap to scan your IP and detect open ports. As the result of the scan, you will get raw nmap output, without any explaination. So if you use this tool, you should know what ports are and how to interpret the output.
Nmap Online – Nmap („Network Mapper“) is a free and open source (license) utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and both console and graphical versions are available.
SafeCenter | Online Anti-Hacker Scan – Anti-Hacker System, since it started in August 2002, has run over 32,000 scans on individual machines. Only 3% of those machines received a perfect score. 97% of them had one or more possible weaknesses, some had multiple weaknesses, These included unneeded network services, public machine names or usernames, guest accounts, routers with weak configuration protection, printers visible for anyone to use and more… Are you still sure?
Port Scan Alken.nl – This server will attempt to open several ports on your computer. If your firewall is configured to block a port, and it is operating correctly, you will see Secure and an event will be logged on your firewall. A Closed port indicates that the port is reachable but there is no program currently accepting connections there. If the port is indicated as Open there is an application or service on your computer actively accepting connections.The time to check each port will range from less than a second up to 20 seconds. Ports which are Secure will take the most time.
PC Flank: Exploits Test – This test will detect how vulnerable your computer is to exploits attacks. This test can be also used to test firewalls and routers for stability and reactions to unexpected packets. Most of the exploits are in fact denial-of-service attacks.
CheckIt Firewall Test – These scans test your systems vulnerability by scanning for common security holes in your operating system.
Test My PC Security – Will your security software prevent your confidential data from being transmitted to a hacker? Will it stop a virus from corrupting or destroying your important documents? Can you trust it to halt a key-logging program from recording and broadcasting every keyboard stroke you make? Test My PC Security has a wide range of downloadable firewall leak and HIPS tests so you can find out just how good your security software is.
Online Port Scan | Port Scanning | Port Scanner | Port Checker – Use this tool to scan individual ports to determine if the device is listening on that port.
TOOLS-ON.NET – These tests are designed to help users identify potential security risks. It’s a free service that provides a number of scans.
More Free Online Scanners
- Online Anti-virus Scanners
- Online Anti-malware Scanners
- Online Anti-malware Scanners (Single file)
- Online Firewall and Port Scanners
- Online Anti-spam and Email Security Scanners
- Online Browser Security and Privacy Scanners
- Online Anonymity, Proxy, IP, Whois and DNS Scanners
- Online Popup Blocker Tests, Wi-Fi, Java and Miscellaneous Security Scanners
- Website Security Check Tools
- Free Anonymous Proxies
- OT: Online Bandwidth and Connection speed Tests
Normally you would need at least two computers to test a firewall. That is still an option, however recent builds of FireHOL ship with a tool, vnetbuild, which helps you to build whole virtual networks using only the standard network namespaces feature present in recent Linux kernels.
You can run any commands you want in the namespaces and they will behave with that view of the network. This is ideal if you want to control everything without the expense of setting up lots of real or virtual hardware.
Otherwise, if you only have one machine or you want to test your live firewall from outside, there are a number of online services.
To test your firewall there are a few software tools and a few online services to help you. I suggest the following tools:
- Nessus is probably the best open source security scanner available. Nessus not only checks the firewall of a host, but also scans for known application vulnerabilities. I highly recommend Nessus for periodic (weekly, monthly, etc) scans.
- Nmap („Network Mapper“) is an open source utility for network exploration or security auditing.
It is also possible to try out connections, see what effect your firewall is having and monitor exactly what is happening on the network with tools such as:
- netcat (
nc) allows you to easily listen for connections and create connections and send data over both TCP and UDP.
- tcpdump allows you to see and capture the traffic seen by a network device.
- Wireshark is a GUI equivalent which makes it very easy to decode and filter live traffic as well as being able to read data captured by
Other useful links:
There are a number of sites that offer firewall testing services to everyone:
- Security Space, a commercial service with a free scan.
These people are using something like Nessus if not Nessus itself).
- Shields UP!! NanoProbe Technology Internet Security Testing for… Windows Users. (note: well, it says for Windows, but it is a port scanner with a limited range of ports to be scanned…)
- SubnetOnline.com provide tools which allow you to check if specific TCP ports are open for both IPv4 and IPv6 amongst other things.
Other testers on the net:
- Smurf Amplifier Registry (SAR) The SAR is a tool for Internet administrators being attacked by or implicated in smurf attacks, or those who wish to take precautions.