You got your new firewall installed and you want to play some Hunt: Showdown. Before you do, I recommend making sure you got everything working well and secure.
My previous post I talked about replacing my Edge Router with an OPNSense firewall. This was a massive upgrade as the hardware is a full blown PC allowing me to do a lot more at the firewall level than I could do before.
That being said, I keep my firewall locked down and I do not port foward to internal machines, I used to ages ago but I keep everything hosted off my network these days. Reguardless, you should always check to make sure your network is not exposing anything.
I'm going to go over a few checks you can use to make sure your network is locked down. Even if you didn't recently install a new firewall, these steps are a very good exercise to make sure you are not exposing anything unexpected.
There are two things in my experience people tend to ignore, backups and security. Both are extremely critical and can drastically affect your life if they go wrong.
Let's go over a few steps to do a sanity check on your network exposure.
The first test I recommend you do is Shields Up! This is a relatively old service run by a well known Security Expert Steve Gibson.
The test is very simple to run and will allow you to see if you are exposing any ports.
All you need to do is hist proceed here.
At this point you want to select "All Service Ports" in the middle.
You should then see it going through all ports for your IP and when complete will tell you if you have any exposed ports. This test will only look at the first 1056 ports which account for a lot of the common services. It does not cover all possible ports though. There are a total of 65,535 potential open ports both TCP and UDP. This test only checks for the first 1,056 TCP ports.
The best case scenerio of this test is all ports are stealth as you can see from the results below.
Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice.
While we got a perfect result from this test, it is not a conclusive test for total security.
Next I recommend running a Shodan scan, Shodan is a search engine for finding exposed devices on the Internet. The test is really easy, just enter your public IP in the search engine and if it knows of any devices it will let you know. You do not need to sign up for an account.
A perfect result will be "No results found", this means it has no knowledge of any exposed devices or ports on your IP.
The next test I recommend running is Censys, another service very similar to Shodan.
Just enter your IP and you are looking for the following ideal results, like Shodan, you do not need an account.
If you received "no publicly accessible services" you are looking pretty good.
While this isn't an exhaustive test of your external security, it will catch the most common issues. I would recommend doing a full port scan of all 65,535 ports for both TCP and UDP to have a complete view of any potentially opened ports. There are paid services that offer this but the popular tool nmap can do this for you as well.
You can download nmap and do a full portscan on your ip using
nmap -p- YOUR IP.
Posted with STEMGeeks