The tutorial explains the methodology which can be used to test a firewall. In the below diagram, a firewall is connected to the internet, which is the external network. The firewall is also connected the internal LAN network. The goal of the test is to identify if the external network is vulnerable to potential hackers. The first step is to run a port scan on the IP address of the firewall connected to the internet. nmap can be used for the purpose. Based on the identified port numbers, if unnecessary port numbers are open, the corresponding application is to be disabled.
After identification of the applications on the firewall, target the firewall with known exploits for the applications. For this purpose, metasploit, which is a penetration testing framework can be used. Fingerprinting techniques can used to identify the make and model of the firewall , which can be performed with tools in the metasploit framework. If the make and model can be identified (As some firewalls are smart enough to understand these techniques), security vulnerability database like the national vulnerability database can be used to search for vendor specific vulnerabilities and use metasploit to simulate the exploits.
Become a Network Testing Expert with our Video Course – Click Here