Click here to Skip to main content
13,050,450 members (85,274 online)
Rate this:
Please Sign up or sign in to vote.
See more:
How to detect whether the remote system firewall is on or off using VC++
Posted 25-Jan-11 1:40am
Rate this: bad
Please Sign up or sign in to vote.

Solution 1

If you are sitting at the internet side looking in, the chances are you will never know if it has been properly configured.

Many internet facing addresses/ports will not respond to any ping requests etc, or acknowledge there existence. If they did ack, that is just advertising to potential hackers that there is 'something' there.

For example, Visit[^] follow the links to ShieldsUp and put your internet ip in.
Gokulnath007 25-Jan-11 8:28am
NO. i need the code in VC++ to check whether the remote system firewall is on or off. provided IP address and Port are known...
SAKryukov 25-Jan-11 11:10am
What do you mean 'no'?! you got correct answer, forget about getting "code in VC++"
Dylan Morley 25-Jan-11 9:34am
Dave has given you the correct answer here. You can't just tell if *any* firewall is up or down

Maybe have a look at nmap - That uses port scanning to try and determine what is up or down. Useful tool either way.

But as Dave mentioned, a properly configured system won't respond to certain requests - if it did it would just give hackers a clue!
SAKryukov 25-Jan-11 11:09am
This is correct answer - my 5. The presence of Firewall activity can be an educated guess based on indirect data. nmap data says what's responding and what's not, it does not indicate why.
Rate this: bad
Please Sign up or sign in to vote.

Solution 2

Firstly, DaveAuld has a good Answer. If the computer is accessed over the internet, its access will most likely be restricted by a router or gateway.
If however, the computer is attached via a modem, direct link to the internet (as is the case in many universities) or on the local network in your house and in the room next door that you are too lazy to go look at, then you may consider using code to find out.

Then you hit the next hurdle: There is no explicit way of telling if there is a firewall running, they don't advertise it or anything and there are so many different ones that behave in different ways, but they will deny you access to several features that are otherwise commonly available.

Almost all firewalls will block a echo request (ping) unless explicitly told not to for whatever reason, while the echo response server is most commonly running on all systems, providing a pretty quick and easy way of getting a good estimate if the system is firewalled.

If you know the OS (I will stick with Windows) then there are also a number of other ports that are commonly open.
135 - Microsoft End Point Mapper (RPC server for remote admin)
139 - NetBIOS NetBIOS Session Service (Windows file sharing)
445 - Microsoft-DS Active Directory, Windows shares (more Windows file sharing)

If port 135 is open they you should be able to connect to the remote management interface with RPC and look at the services running on the computer given you know a valid username and password.

You can also check this with mmc.exe and add a services snap-in with the remote computer's address.

Dave Morley's suggestion of nmap is a very good one, and it also has a user interface with pre-set command lines for easy use.

There are other tools that may also be useful (no source code provided unlike nmap), and although they justify making these tools with legitimate uses, these boards are not the place to be sharing system exploit analysis tools.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month

Advertise | Privacy | Mobile
Web01 | 2.8.170713.1 | Last Updated 25 Jan 2011
Copyright © CodeProject, 1999-2017
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100