Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: Security scan / test  (Read 1082 times)

Weaver

  • Addicted Kitizen
  • *****
  • Posts: 8491
  • Retd sw dev; A&A; 4 × 7km ADSL2; IPv6; Firebrick
Security scan / test
« on: April 17, 2018, 07:42:27 AM »

I have used tools such GRC Shields-Up and ‘pentest-tools’, which test firewalling, check availability of services, look for common bugs and vulnerabilities, run nmaps and so forth.The problem is that some will only work on the ip address that your own current browser is using to talk to the site and don't give you an opportunity to put in an arbitrary target IP address eg GRC. Some do not work with literal numeric IPv6 addresses. For example pentest-tools let's you specify a target domain name but not an IPv6 address and seems to fail with a bogus error if a domain name is given that resolves to an IPv6 address.

btw I think stupid GRC has a design bug in it unless I have misunderstood. On one of the range of optional tests I get a feeling that it thinks that all users are using NAT, so that the src ip address that they are seeing will always be that of a router which is a nat translator, so they take the browser client src address and in some of the tests declare that they are testing your ‘router’ for router model-specific bugs and vulnerabilities when in fact they have no idea what your router’s address is, not unless they traceroute back to your box and stop one hop before but presumably that would be very unreliable - in any event what would they do if your router refuses to play nice with traceroute and chooses not to respond to ICMP? Obviously you are not running a web browser client inside your own default gateway. I somehow can't be bothered to frig up some strange temporary  config for my Firebrick router to do NAT just for GRC.

To security-test my raspberry pi I need to be able to enter an ip address, and a testing service has to speak IPv6, since my box only has IPv6 addresses assigned to it (effectively, apart from possible bogus NATed RFC1918 IPv4 addresses which I am not sure about). It has a routable static ipv6 address anyway, and there is a domain name pointing to that.

Anyone know of a good tool on the internet?

Or a volunteer who has ipv6 and the right tools to attack it for me?

BTW Also, does anyone know how to burn the ipv4 addresses assigned to this linux box?

Perhaps I could run my own test tools, obtained from who knows where, coming from another Raspberry pi of my own?
Logged

d2d4j

  • Reg Member
  • ***
  • Posts: 973
Re: Security scan / test
« Reply #1 on: April 17, 2018, 09:02:28 AM »

Hi weaver

I hope your well and glad to see your back

Firstly, I think you would find it hard to find an external website where you could change the IP address you wish to test. Usually this is a security feature to stop the test server from been used against another server/system

However, there are sites which will do this, but usually paid service. We use securemetrics.com, which are also used for full PCI compliance. So you may want to look up pci checkers

Many thanks

John
Logged

burakkucat

  • Global Moderator
  • Senior Kitizen
  • *
  • Posts: 28941
  • Over the Rainbow Bridge
    • The ELRepo Project
Re: Security scan / test
« Reply #2 on: April 17, 2018, 04:46:07 PM »

Just let me know the full IPv4 & IPv6 addresses that you would like to be scanned and I will run nmap scans upon them. (I believe I have done this for you in the past . . .  :-\  )
Logged
:cat:  100% Linux and, previously, Unix. Co-founder of the ELRepo Project.

Please consider making a donation to support the running of this site.

Weaver

  • Addicted Kitizen
  • *****
  • Posts: 8491
  • Retd sw dev; A&A; 4 × 7km ADSL2; IPv6; Firebrick
Re: Security scan / test
« Reply #3 on: April 17, 2018, 10:48:09 PM »

Burakkucat has indeed been kind enough to scan my own network in the past. I have managed to stuff everything up using my experiment with ufw, and now Mythic Beasts’ admin interface is (partially) down for the first time at the moment so I can recover using the nuke option just now, so there will be some delay before I take him up on his generous offer.
Logged

Weaver

  • Addicted Kitizen
  • *****
  • Posts: 8491
  • Retd sw dev; A&A; 4 × 7km ADSL2; IPv6; Firebrick
Re: Security scan / test
« Reply #4 on: April 17, 2018, 11:04:23 PM »

@john pentest-tools does let you specify an ip address but doesn't speak ipv6. Agree with you about the reason why most such services don't let you scan what is possibly someone else’s box.
Logged

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 6125
Re: Security scan / test
« Reply #5 on: April 18, 2018, 12:46:39 AM »

Message me and I will give you a shell account with nmap on it, I will make sure its dual stacked.
Logged
AAISP - Billion 8800NL bridge & PFSense BOX running PFSense 2.4 - ECI Cab - LINE STATISTICS CLICK HERE

Weaver

  • Addicted Kitizen
  • *****
  • Posts: 8491
  • Retd sw dev; A&A; 4 × 7km ADSL2; IPv6; Firebrick
Re: Security scan / test
« Reply #6 on: April 19, 2018, 01:08:32 AM »

You are all too good to me. But I don't have anything to report. I still haven't got anywhere with ufw, despite trying everything I can think of. I have now locked myself out and had to nuke the system about six times. I checked that ufw is processing ipv6 table rules and the initial config says that it should be.

I did ufw allow 2001:8b0:xxx::/48 first and then ufw enable but the latter might be generating a user prompt and it could be that that is killing me. Perhaps I should do the ufw enable in background to stop it from making the current shell unusable? I did also try piping a y into the command.
Logged