How to Test Your Firewall Configuration With Nmap on Linux

Updated on December 14, 2018
How to Test Your Firewall Configuration With Nmap on Linux header image

Introduction

Nmap is a free and very popular network security scanner. It is easy to use and very powerful. This article will explain the installation and usage of Nmap for testing firewall configurations. Even though you can check which ports are open through your firewall, testing it by scanning can be very useful. For example, if you have a firewall rule that disables outside access to your MariaDB service, Nmap can help you make sure that the firewall is working as intended.

NOTE: You should never run Nmap on IP addresses that do not belong to you, unless you have explicit permission to do so, as per Vultr.com's Acceptable Use Policy ('AUP').

Prerequisites

  • A Vultr VPS running a Linux Distribution
  • Root access to your VPS, via SSH or console.

Installation

Install Nmap on the VPS that you wish to test.

  • Debian and Debian-based distributions: apt install -y nmap
  • CentOS and RHEL: yum install -y nmap

Usage

First, you need to know the IP address of your VPS. You should use your public-facing IP address, since the goal is to test the public-facing firewall configuration. This article will use 203.0.113.1 as an example. Make sure you replace it with your own IP address.

Testing a single TCP port.

The command to test a single port is as follows:

nmap -p 80 203.0.113.1

In this example, 80 is the TCP port number you wish to test.

Example output:

root@debian1:~# nmap -p 80 203.0.113.1

Starting Nmap 7.40 at 2018-10-19 00:00 EEST
Nmap scan report for 203.0.113.1
Host is up (0.000097s latency).
PORT   STATE SERVICE
80/tcp open  http

Nmap done: 1 IP address (1 host up) scanned in 0.36 seconds

Testing all TCP ports.

The following command will test all TCP ports (-p-), and will save the output to nmap.out.

nmap -oN nmap.out -p- 203.0.113.1 

Testing all TCP ports and detect the version.

The following command will test all TCP ports (-p-), try to detect which services and which versions are running (-sV), and will save the output to nmap.out.

nmap -sV -oN nmap.out -p- 203.0.113.1 

Testing all TCP ports and run basic security checks.

The following command will test all TCP ports (-p-), will run basic security checks on open ports (-sC), and will save the output to nmap.out.

nmap -sC -oN nmap.out -p- 203.0.113.1 

These security checks are especially helpful in detecting common vulnerabilities and misconfigurations.

Other useful options

-v, -vv, -vvv lead to increasingly verbose output.

-sU is used for UDP scans.

Conclusion

Running nmap is not always necessary, but can be very useful especially when complicated network configurations and firewall rules are in place.