[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 5822
  • Last Modified:

How to test which outgoing ports are not blocked

Hi,

Does somebody know of a tool which can test/list which ports are not blocked by the firewall for outgoing connection, kinda like the opposite of a port scanner.
I would like to test it to integrate this to my auditing procedures.

Thanks.
0
Vorenus
Asked:
Vorenus
  • 3
  • 3
1 Solution
 
rsivanandanCommented:
Actually any tool which tells you the ports open is telling you which ports are *not open* as well, isn't it ? Anything that is not open is closed.

Cheers,
Rajesh
0
 
VorenusAuthor Commented:
Hi Rajesh,

Thanks, but it is not really my problem : I probably wasn't clear enough, sorry.

I want to check which ports can leave the local network and not just reach it.
Example : in my company, nothing except, 80, 443, can leave the network to the internet.
Example, if an user wants to use Remote Desktop from office to access its home computer, it won't work because port 3389 is closed for outbound connection in our firewall.
Knowing which inbound ports is easy, I just have to do nmap from an external connection, but what I'm wanting to know is which ports can leave the machine (vs which ports can reach it, which is quite easy).

I don't always know where the firewall is or have access to it immediatly when I go to the site first to make my audit (sometimes, they are administrated by external companies and the users don't know the passwords and it takes usually sometime to have the company tell me the password etc).
Sometimes, the outbound ports are blocked at the ISP level too and I have no way to know that other than trying to connect from all the ports.

The current solution I'm thinking about is to have a listener program which listens on the 65535 ports at once on a machine located on a separate site/internet connection, under a DMZ, and running another program trying to connect to those ports from the site I'm investigating/auditing, but I wonder if there is another solution which is ready or available.

Thanks,
0
 
VorenusAuthor Commented:
In short, I'm looking for a solution to easily list which ports can be used to leave the network rather than reach it, which I already know how to do.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
rsivanandanCommented:
Oh Okay,

http://www.securityfriday.com/tools/DrMorena.html

Take a look at the above tool which is essentially a firewall rule analyzer which fits your requirement.

Cheers,
Rajesh
0
 
VorenusAuthor Commented:
Thanks,

It doesn't seem to be exactly what I am after (it seems to only run on Linux and require 2 Nics, one plugged into the firewall appliance), but it may be useful as well.
0
 
rsivanandanCommented:
That is the close I could come across from my rss feeds :-)

Cheers,
Rajesh
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now