 |
| Home Networking and Internet Connection Sharing tutorials at HomeNetHelp.com |
| |
ZyWall 10 Firewall test at www.HomeNetHelp.com
Report on scan number 154116 requested on 2001-02-13 19:40:20 to
xxxxxxxxx
|
Test Section |
Sub Section |
Detail | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|
| run-log |
log | 19:40:24: IP address: xxxxxxxxxxxxxxxxxxxxx | ||||||||
| 19:40:24: Testing level: standard | ||||||||||
| 19:40:25: Fragmented scan: requested | ||||||||||
| 19:40:25: Pings-of-death: requested | ||||||||||
| 19:40:25: doing basic ICMP ping | ||||||||||
| 19:40:39: Running tcp SYN (half-open) portscan, source port 20, over 1-1024 plus 1026 common tcp service ports. | ||||||||||
| 20:10:41: ** Last phase failed due to a sub-command timeout. | ||||||||||
| 20:10:41: ** test results from this phase may not be reliable. | ||||||||||
| 20:10:41: Running tcp SYN (half-open) port scan, source port 20, over first 140 ports. | ||||||||||
| 20:10:41: using fragmented packets, which can get past some firewalls | ||||||||||
| 20:25:43: ** Last phase failed due to a sub-command timeout. | ||||||||||
| 20:25:43: ** test results from this phase may not be reliable. | ||||||||||
| 20:25:43: Running quick udp portscan over port 1-16 | ||||||||||
| 20:26:19: Running tcp FULL CONNECT portscan over 1-1024 plus services (limit 15 minutes). | ||||||||||
| 20:36:13: Attack with targa. | ||||||||||
| 20:36:13: Sending each different ping-of-death.. | ||||||||||
| 20:36:20: Done Attack with targa. | ||||||||||
| 20:36:21: Attack with sping. | ||||||||||
| 20:36:21: Done Attack with sping. | ||||||||||
| 20:36:22: Attack with fawx. | ||||||||||
| 20:36:22: Done Attack with fawx. | ||||||||||
| 20:36:23: Attack with kod. | ||||||||||
| 20:37:54: Done Attack with kod. | ||||||||||
 |
||||||||||
| icmp |
comment | if your security logs are good, you might have logged a ping. | ||||||||
| result | Your address is currently NOT pingable. | |||||||||
|
||||||||||
| udp |
comment | since all UDP ports are silent, there is no information. | ||||||||
| result | Nothing can be determined about your UDP ports. | |||||||||
| target IP is silent, or throttling speed of UDP icmp return packets | ||||||||||
| udp port scan would take too long! full udp scan cancelled. | ||||||||||
|
||||||||||
| tcp |
comment | One or more ports are showing as unfiltered. An unfiltered port responds to an open request with a CLOSED packet. Software firewalls common leave port 113 as unfiltered, and sometimes ports beyond 1024 are also left as visibly closed. | ||||||||
| advice | For ultimate invisibility, ALL ports must be filtered and unresponsive. | |||||||||
| result | some ports are unfiltered | |||||||||
| score | Points Deducted:1 | |||||||||
|
||||||||||
| smtphealth |
result | Cannot do requested SMTP server health check because I dont see port 25 open | ||||||||
|
||||||||||
| nmap-syn |
comment | No results from the SYN (stealth) scan) | ||||||||
|
||||||||||
| nmap-synfrag |
comment | fragmented packet scans are network intensive, so only first 140 ports are tried since if your firewall blocks services, it would certainly be trying to block something in this range. | ||||||||
|
||||||||||
| nmap-tcp |
comment | TCP port results from basic scan: | ||||||||
|
||||||||||
|
||||||||||
| nmap-syn |
comment | If your security is good, you get an alert of a scan attempt but this is a stealth scan, so it is difficult to detect. | ||||||||
|
||||||||||
| nmap-synfrag |
comment | No results from the FRAGMENTED PACKET scan | ||||||||
|
||||||||||
| nmap-udp |
comment | UDP Ports. Could not complete UDP scan because within the timeout allowed, we got no responses. It is probably you have an effective UDP firewall. | ||||||||
|
||||||||||
| final |
comment | Conclusion: FINAL SCORE: -1 |
||||||||
| ** good result. | ||||||||||
