Lock IT Down: Double-check your firewall

by Ed Engelking II A+ | Apr 17, 2001 7:00:00 AM

Tags: Ed Engelking II A+

Takeaway: Learn to make double-sure your firewall is secure

Protecting your network from Internet intruders is of the utmost importance. Don’t rely solely on that fancy firewall software or hardware package to protect your network from malicious attacks just yet. Double-check your security measures by using the Firewall Leakage Tester (a.k.a., LeakTest). In this article, I’ll show you how to use this invaluable tool.

What is the Firewall Leakage Tester?
If you’re wondering what the Firewall Leakage Tester does, the name says it all. This application was designed from the ground up to do nothing but test for security leaks in some of today’s most popular software and hardware firewall applications.

Currently at version 1.0, the Firewall Leakage Tester is a freeware application, which you can download here. It has already discovered major flaws in many popular software firewall applications available on the market. It does this by taking a different approach to how firewall applications protect a network.

What’s the concept behind the application?
Most firewall applications, both hardware and software, block incoming traffic by preventing attackers from accessing a network via open access points, such as Telnet or FTP ports. However, if an application such as a Trojan horse, were to make it into your system, it might be able to send a signal outside of the network, allowing hackers access via a back door that it creates.

The Firewall Leakage Tester tries to trick these firewall applications by acting as a Trojan horse, transmitting a signal over the Internet to a server outside of the network. It then operates as a receiver to intercept the return message. If the message from the external network is received by the application, your firewall software/hardware has a leak.

How does the Firewall Leakage Tester work?
After downloading the zipped application from the Gibson Research Corporation’s Web site, you can install the software onto any Windows machine that has an Internet connection. The executable file must be renamed to represent a Trojan horse application or another application that would normally be blocked on a well-configured firewall. The LeakTest Web site suggests using the name vampire, which we’ve used in Figure A.


After you rename the file, double-click on the application to open it. The Firewall Leakage Tester dialog box shown in Figure B will appear. Click Test For Leaks, and the Ready to Test message will change to Connecting, as shown in Figure C. This indicates that the Firewall Leakage Tester application is looking for leaks in your firewall by trying to connect to your server.



If your firewall works properly, you’ll see an image such as the one shown in Figure D. Note that Unable to connect appears in bold, red type to let you know that the firewall worked properly. If a firewall fails, a similar message will appear explaining that the software was able to connect.


Conclusion
Just because your network has a software and/or hardware firewall incorporated into the infrastructure doesn’t necessarily mean that the network is secure from hackers. The creator of the Firewall Leakage Tester built the program to prove that point.

By using the Firewall Leakage Tester to test the security of your network, you may discover that the systems you once believed to be hacker-proof are actually vulnerable. This will allow you to take the steps necessary to correct any holes that may be open to malicious individuals who could damage your systems.

---

Have you tried the LeakTest?
Have you used this program and discovered a hole in your firewall security? If so, we’d love to hear your story. Feel free to leave a post below or send us a note with your thoughts on this valuable little program.

---

 

Print/View all Posts Comments on this article

Personal Firewall darren.pratt@... | 04/17/01

No network Firewall... Anwaar | 04/17/01

You could... henrys@... | 04/17/01

MS Solutions? Ryan_S | 04/23/01

Overrated... Open-Minded | 04/23/01

CISCO Ryan_S | 04/24/01

Firewall for education/schools? BrianJP | 04/24/01

If you have the skills... sjb_xexec@... | 04/25/01

School filtering and reporting... Milo | 04/25/01

Sygate Firewall ROCKS !!!! Philip Lee | 04/23/01

This article does not hit the mark henrys@... | 04/17/01

Maybe it does chmod777 | 04/17/01

It's not a firewall problem Shanghai Sam | 04/17/01

Further henrys@... | 04/17/01

Agreed pkiser1228@... | 04/17/01

henrys is absolutly correct! Snowdog | 04/17/01

down to the real question Kieseyhow | 04/17/01

Who knows? Shanghai Sam | 04/18/01

My 2 Cents Shanghai Sam | 04/23/01

Problems and no solutions rtpllc@... | 04/23/01

Should only be used by firewall admin jp-dutch | 04/23/01

dungerous dexM | 05/02/01

depends on who uses it carbon14 | 05/17/01

Traditional Network Security Models Shanghai Sam | 05/23/01