Many users have misconfigured firewalls such that they are all but useless in defending against attacks. You can determine the state of your firewall by using the same tool hackers use to find its weaknesses, Nmap. To install Nmap, use the Package Management Tool to install the System Tools package group, and the extra package nmap.

Unfortunately, Nmap doesn’t have a place on the GNOME or KDE menus. Instead, you use Nmap by issuing shell commands from a terminal window.

Nmap has enough features to be the topic of a book. You can learn more about Nmap from its author’s web site, http://www.insecure.org/. A vanilla use of Nmap involves configuring it to send TCP or UDP packets to every important port of a specified system. The target system’s responses reveal whether it has services listening on scanned ports.

To scan your system, open a terminal window, become the root user and issue a command having the form:

# nmap -sT -sU -p 1-1023 xxx.xxx.xxx.xxx

where xxx.xxx.xxx.xxx is the IP address of your system. After a few seconds, Nmap reports the ports on which services are listening:

Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
Interesting ports on  (192.168.83.131):
(The 2042 ports scanned but not shown below are in state: closed)
Port       State       Service
22/tcp     open        ssh
68/udp     open        dhcpclient
80/tcp     open        http
123/udp    open        ntp
                                                                                
Nmap run completed -- 1 IP address (1 host up) scanned in 5 seconds

Some ports listed in Nmap’s report may not be remotely accessible. ...