Tuesday, June 08, 2010

firewall-wizards Digest, Vol 50, Issue 2

Send firewall-wizards mailing list submissions to
firewall-wizards@listserv.icsalabs.com

To subscribe or unsubscribe via the World Wide Web, visit
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
or, via email, send a message with subject or body 'help' to
firewall-wizards-request@listserv.icsalabs.com

You can reach the person managing the list at
firewall-wizards-owner@listserv.icsalabs.com

When replying, please edit your Subject line so it is more specific
than "Re: Contents of firewall-wizards digest..."


Today's Topics:

1. R: Hidden ISP firewall/filtering (Andrea Mennini - Mobile)
2. Re: Hidden ISP firewall/filtering (Craig Van Tassle)
3. Re: Hidden ISP firewall/filtering (Kurt Buff)
4. Re: Hidden ISP firewall/filtering (Paul Melson)


----------------------------------------------------------------------

Message: 1
Date: Fri, 4 Jun 2010 19:17:16 +0000
From: "Andrea Mennini - Mobile" <andrea@mennini.org>
Subject: [fw-wiz] R: Hidden ISP firewall/filtering
To: "Firewall Wizards Security Mailing List"
<firewall-wizards@listserv.icsalabs.com>
Message-ID:
<1230812993-1275679030-cardhu_decombobulator_blackberry.rim.net-923583116-@bda2151.bisx.produk.on.blackberry>

Content-Type: text/plain

Try grc.com shields up. It should give you a basic idea.

My 2 cents

Ciao
Andrea Mennini (da mobile / vom Handy aus)

-----Original Message-----
From: "Jerrod Fuller" <jfuller@whitesboots.net>
Date: Wed, 26 May 2010 09:54:18
To: <firewall-wizards@listserv.icsalabs.com>
Subject: [fw-wiz] Hidden ISP firewall/filtering

_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

------------------------------

Message: 2
Date: Fri, 4 Jun 2010 13:42:27 -0500
From: "Craig Van Tassle" <craig@codestorm.org>
Subject: Re: [fw-wiz] Hidden ISP firewall/filtering
To: "Firewall Wizards Security Mailing List"
<firewall-wizards@listserv.icsalabs.com>
Message-ID:
<b8a074841daa6449848a6829404b6f4d.squirrel@webmail.codestorm.org>
Content-Type: text/plain;charset=iso-8859-1

Your best bet is to check with your ISP.

A good way to check is to setup a couple of servers on a box, put that
outside your firewall and then see if you can telnet to them. I would use
a box that you can wipe after you do this test.
>
>
>
>
> I recently purchased a Watchguard XTM2 to handle our firewall and VPN with
> IPSec, but when attempting to connect via VPN with IPSec, it gives a
> message
> of "VPN gateway not responding (waiting for MSG2)" I have removed our
> watchguard from the network and when I do a "shields up" scan it shows all
> ports being closed. Long story short . . . does anyone know if there is a
> way to find out if our ISP actually has a firewall/filtering in place, or
> b)
> have any other thoughts.
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@listserv.icsalabs.com
> https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
>


------------------------------

Message: 3
Date: Fri, 4 Jun 2010 11:40:32 -0700
From: Kurt Buff <kurt.buff@gmail.com>
Subject: Re: [fw-wiz] Hidden ISP firewall/filtering
To: Firewall Wizards Security Mailing List
<firewall-wizards@listserv.icsalabs.com>
Message-ID:
<AANLkTinpDVyQarSZk-KeXS7vsuavlHG9sSfb6x3JcKUn@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8

On Wed, May 26, 2010 at 09:54, Jerrod Fuller <jfuller@whitesboots.net> wrote:
> I recently purchased a Watchguard XTM2 to handle our firewall and VPN with
> IPSec, but when attempting to connect via VPN with IPSec, it gives a message
> of ?VPN gateway not responding (waiting for MSG2)?? I have removed our
> watchguard from the network and when I do a ?shields up? scan it shows all
> ports being closed.? Long story short . . . does anyone know if there is a
> way to find out if our ISP actually has a firewall/filtering in place, or b)
> have any other thoughts.

Layer 4 traceroute (http://pwhois.org/lft/) comes to mind, or nmap,
against a remote target controlled by you.

Kurt


------------------------------

Message: 4
Date: Fri, 4 Jun 2010 15:59:25 -0400
From: "Paul Melson" <pmelson@gmail.com>
Subject: Re: [fw-wiz] Hidden ISP firewall/filtering
To: "'Firewall Wizards Security Mailing List'"
<firewall-wizards@listserv.icsalabs.com>
Message-ID: <001001cb0420$703f6ae0$50be40a0$@com>
Content-Type: text/plain; charset="iso-8859-1"

> I recently purchased a Watchguard XTM2 to handle our firewall and VPN with
IPSec, but when
> attempting to connect via VPN with IPSec, it gives a message of ?VPN
gateway not responding
> (waiting for MSG2)?? I have removed our watchguard from the network and
when I do a ?shields
> up? scan it shows all ports being closed.? Long story short . . . does
anyone know if there is > a way to find out if our ISP actually has a
firewall/filtering in place, or b) have any other > thoughts.

You should be able to portscan with a tool like NMap or similar from a
switch connected to the external interface of the firewall and then scan
from another vantage point that traverses the ISP (home, coffee shop,
airport, etc.) If the ports appear open on the attached switch and closed
from another location, then you know there's filtering going on.
Determining exactly where along the path can be difficult, but trying from
multiple vantage points should yield some different results if it's not your
ISP.

PaulM

------------------------------

_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


End of firewall-wizards Digest, Vol 50, Issue 2
***********************************************

1 comment:

  1. Anonymous9:20 AM

    I’d like to visit your weblog extra usually but currently it seems to be taking eternally
    to return up. I go to from work, and our connection there's fairly good. Do you assume the issue could possibly be in your finish?

    Look into my homepage having trouble getting pregnant

    ReplyDelete