Excerpts from linuxchix: 18-Mar-100 Re: ipchains by [EMAIL PROTECTED]
> However, it will only tell you the ports, some information about the
> sequence numbers and guess the OS if you tell it to. It won't actually
> print out any vulnerabilities or try to break through the firewall.
I've found it interesting to experiment with nmap's different scan
types and figure out what my logs/filters pick up. (it's even got a
decent manpage!)
There's also another scanner which tries to get versions of the
running network daemons, and compares it against its vulnerability
database. I'll see if I can dig up a name or URL...
There's a series of articles about security at kuro5hin.org, might
be worth a look. Covers a lot of topics, including firewalls.