Specifications
External Testing
Test externally to see if the available services are working. For instance, if
you can send e-mails to the internal network. You should be able to see
in the postfix messages in /var/log/mail on the firewall host whether
the e-mails were accepted and could be delivered to the internal mail
server. Check to see if the packet filter is working. This can be verified by
a port scanner. At the same time, find the kernel packet filter messages in
/var/log/messages on the firewall machine as well as in the log file an-
alyzer in FAS. Try to set up connections to explicitly restricted ports and at-
tempt to find the corresponding log entries and match them to their corre-
sponding events. For example, try telnet to port 79 of the firewall. This
should be logged on the firewall and the log host.
If you are using a log host, check to see if the log messages are being trans-
mitted in their entirety. If the FAS Log File Analysis module is configured
accordingly, it can be used for this purpose.
Going Online
Only after you have completed all these tests, connect the firewall host to the
Internet and your intranet and begin productive operation.
Note
Constantly monitor your log files. This is the only way to ensure a
timely response to attacks or failures. If unusual events occur, react
immediately. Use the FAS Log File Analysis module to check and track
the log files.
Note
140 Testing the Firewall