Line 1: |
Line 1: |
− | ==Tim's IPv6 Firewall Tester (IPv6 TCP/IP Port Scanner)== | + | ==Tim's IPv6 Firewall Tester (ICMPv6, IPv6 TCP and UDP Port Scanner)== |
| | | |
− | The home of ipscan, an opensource IPv6 firewall tester supporting ICMPv6 pings and TCP/IP port scans. | + | The home of ipscan, an opensource IPv6 firewall tester supporting ICMPv6 pings, UDP/IP and TCP/IP port scans. |
| | | |
| <analytics uacct="UA-27654202-1" ></analytics> | | <analytics uacct="UA-27654202-1" ></analytics> |
Line 26: |
Line 26: |
| | | |
| | | |
− | The tester allows a user to choose whether to include a commonly used set of '''[[IPv6_Ports]]''' in their scan, as well as the ability to specify a number of their own specifically interesting ports (this is intended to cover setups where you run services on non IANA-assigned ports, or just run less-common services). If you would like to see the list of commonly used ports expanded, or just changed, then please contact me. | + | The tester allows a user to choose whether to include a commonly used set of '''TCP/UDP [[IPv6_Ports]]''' in their scan, as well as the ability to specify a number of their own specifically interesting TCP ports (this is intended to cover setups where you run services on non IANA-assigned ports, or just run less-common services). If you would like to see the list of commonly used ports expanded, or just changed, then please contact me. |
| | | |
| | | |
Line 35: |
Line 35: |
| The test begins by sending an ICMPv6 ECHO-REQUEST (an IPv6 ping) towards the host under test (HUT). The tester checks for related ICMPv6 responses from either the HUT or other hosts (e.g. routers and/or firewall devices protecting the HUT). If a response is detected from an host other than the HUT then the IPv6 address of this third-party is reported. | | The test begins by sending an ICMPv6 ECHO-REQUEST (an IPv6 ping) towards the host under test (HUT). The tester checks for related ICMPv6 responses from either the HUT or other hosts (e.g. routers and/or firewall devices protecting the HUT). If a response is detected from an host other than the HUT then the IPv6 address of this third-party is reported. |
| | | |
| + | The test continues by scanning a set of IPv6 UDP/IP ports. The test sets its' socket tx/rx timeouts to be 2 seconds - consequently the results can take up to 2s per tested UDP port - although this depends heavily upon the filtering your system employs (e.g. firewalls which mark protected ports as 'administratively prohibited' will resolve as PHBTD in much less than the allowed 2 second timeout assuming that your firewall sends an ICMPv6 type 1 code 1 packet in response). |
| | | |
− | The test continues by scanning the user-selected IPv6 TCP/IP ports. The test sets its' socket tx/rx timeouts to be 1 second - consequently the results can take up to 1s per tested port - although this depends heavily upon the filtering your system employs (e.g. firewalls which mark protected ports as 'administratively prohibited' will resolve as PHBTD in much less than the allowed 1 second timeout assuming that your firewall sends an ICMPv6 type 1 code 1 packet in response). | + | The test finishes by scanning the user-selected IPv6 TCP/IP ports. The IPv6 TCP test sets its' socket tx/rx timeouts to be 1 second - consequently the results can take up to 1s per tested port - although this depends heavily upon the filtering your system employs (e.g. firewalls which mark protected ports as 'administratively prohibited' will resolve as PHBTD in much less than the allowed 1 second timeout assuming that your firewall sends an ICMPv6 type 1 code 1 packet in response). |
| | | |
| | | |