AXISHK
asked on
Tool to test the firewall protection
Is there any tool that can stimulate some attack to test my current firewall capability :
1. disguise my company domain and send email to users through te firewall
2. bruce-force password attack
3. generate a huge request to my php server
4. Others...
Thx
1. disguise my company domain and send email to users through te firewall
2. bruce-force password attack
3. generate a huge request to my php server
4. Others...
Thx
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You haven't defined the full scope of what you want to test for. So based on that, success is a moving target. Plan exactly what you're looking to secure and test first, then it becomes a simpler discussion.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Our management want to examine how well we can protect our internal information and free from hacking or attack.
For those servcie that may expose to outside, we only get a mail service (in internal zone) and website (coded with php on DMZ zone). All of them is protected by firewall. We don't have any budget. Try to explore any vulnerability as possiblity and make some improvement.
Firewall is using fortigate 100D, with Exchange 2010 server and a Linux hosting the php.
Thx
For those servcie that may expose to outside, we only get a mail service (in internal zone) and website (coded with php on DMZ zone). All of them is protected by firewall. We don't have any budget. Try to explore any vulnerability as possiblity and make some improvement.
Firewall is using fortigate 100D, with Exchange 2010 server and a Linux hosting the php.
Thx
One potential blind spot will be SSL encrypted channel, the FG will not be able to inspect unless you have SSL decryption which FG does not have. Also leakage based on DNS protocol may not be able to be detected.
E.g. DNS leak https://www.dnsleaktest.com
Attacker C&C will be receiving those leaked info..but it is best that you highlight the endpoint DLP and rights management controls will be the other layer of detection rather than just rely solely depends on FG NGFW.
E.g. DNS leak https://www.dnsleaktest.com
Attacker C&C will be receiving those leaked info..but it is best that you highlight the endpoint DLP and rights management controls will be the other layer of detection rather than just rely solely depends on FG NGFW.
Here is a site that has a handful of tests: https://pentest-tools.com/ home
OpenVAS is a vulnerability assessment tool that you could put into play. That will at least help in regards of identifying patching and configuration changes that need to be made without going as far as penetration testing. It would probably be one of your best ways to start.
Have you also started reviewing your current policies in terms of patching, antivirus, backups, acceptable use, awareness training etc? Security is a broad far reaching thing, and that includes protecting the organization against its own users.
OpenVAS is a vulnerability assessment tool that you could put into play. That will at least help in regards of identifying patching and configuration changes that need to be made without going as far as penetration testing. It would probably be one of your best ways to start.
Have you also started reviewing your current policies in terms of patching, antivirus, backups, acceptable use, awareness training etc? Security is a broad far reaching thing, and that includes protecting the organization against its own users.
I have to agree with some of the other posters here, if you need and i mean need a pen test done, contact a certified reputable professional for it. If its just something you want to do you can find everything you need in Kali linux, but you will need to figure out how to use them. If you just need to do a basic assessment or for fun, use the free trial of Nessus. It will require you to do a fair amount of research to properly configure though. But if this is for an audit or some other mission critical reason contact an actual security professional and don't try and do it yourself.
ASKER
Thx
You haven't said what OS you are using but there are so many guides out there for securing things and auto banning IP's etc
For example securing your email server - simple things like rDNS, SPF records
Your question is too broad and no service will provide a one for all solution unless you wanna pay big bucks