Firewalk is an active Reconnaissance network scanner that will help determine what our Layer 4 protocols our router or firewall will pass or deny. This is a great tool for finding a way into an environment through bad, poor, or missing ACL. Because of this, it is also a great tool to audit firewall or router ACLs to make sure they are handling traffic correctly. Firewalk uses ICMP error messages and TTL expirations to let us know whether a port is open or not, very similar to a traceroute. If a port is opened or allowed, the packet destined for that port will typically be silently dropped by the security device. But if the port is opened, the TTL of the packet will expire at the next hop and issue an ICMP_TIME_EXCEEDED error message. ...