Flint – Web-based Firewall Rule Scanner

The New Acunetix V12 Engine


Flint examines firewalls, quickly computes the effect of all the configuration rules, and then spots problems so you can:

  • CLEAN UP RUSTY CONFIGURATIONS that are crudded up with rules that can’t match traffic.
  • ERADICATE LATENT SECURITY PROBLEMS lurking in overly-permissive rules
  • SANITY CHECK CHANGES to see if new rules create problems.

Flint is absolutely free. There’s no catch. You can download the source from the git repository. This isn’t the “play at home” version; it’s their second product, and they want to do it open source.

Why You Need Flint

You have multiple firewalls protecting internal networks from the Internet and controlling access to customer data. Your business changes, and so do your firewalls, and not always at the same time. Firewalls can get out of step with policies.

Everybody makes mistakes. To understand a firewall configuration, you have to read hundreds of configuration lines, and then you have to think like a firewall does. People aren’t good at thinking like firewalls. So most firewalls are riddled with subtle mistakes. Some of those mistakes can be expensive:

  • INSECURE SERVICES might be allowed through the firewall, preventing it from blocking attacks.
  • LAX CONTROLS ON DMZs may expose staging and test servers.
  • FIREWALL MANAGEMENT PORTS may be exposed to untrusted networks.
  • REDUNDANT FIREWALL RULES may be complicating your configuration and slowing you down.

You can download Flint here:

VMWare Virtual Machine – FlintVM-current.zip
OVF Virtual Machine – FlintVM-current.ovf.zip
Source – flint-current.tgz

Or read more here.

Posted in: Countermeasures, Networking Hacking, Security Software

, , , ,


Latest Posts:


Intercepter-NG - Android App For Hacking Intercepter-NG – Android App For Hacking
Intercepter-NG is a multi functional network toolkit including an Android app for hacking, the main purpose is to recover interesting data from the network stream and perform different kinds of MiTM attacks.
dcipher - Online Hash Cracking Using Rainbow & Lookup Tables dcipher – Online Hash Cracking Using Rainbow & Lookup Tables
dcipher is a JavaScript-based online hash cracking tool to decipher hashes using online rainbow & lookup table attack services.
HTTP Security Considerations - An Introduction To HTTP Basics HTTP Security Considerations – An Introduction To HTTP Basics
HTTP is ubiquitous now with pretty much everything being powered by an API, a web application or some kind of cloud-based HTTP driven infrastructure. With that HTTP Security becomes paramount and to secure HTTP you have to understand it.
Cangibrina - Admin Dashboard Finder Tool Cangibrina – Admin Dashboard Finder Tool
Cangibrina is a Python-based multi platform admin dashboard finder tool which aims to obtain the location of website dashboards by using brute-force, wordlists etc.
Enumall - Subdomain Discovery Using Recon-ng & AltDNS Enumall – Subdomain Discovery Using Recon-ng & AltDNS
Enumall is a Python-based tool that helps you do subdomain discovery using only one command by combining the abilities of Recon-ng and AltDNS.
RidRelay - SMB Relay Attack For Username Enumeration RidRelay – SMB Relay Attack For Username Enumeration
RidRelay is a Python-based tool to enumerate usernames on a domain where you have no credentials by using a SMB Relay Attack with low privileges.


One Response to Flint – Web-based Firewall Rule Scanner

  1. Winter March 30, 2010 at 6:04 pm #

    FlintVM-current.ovf.zip doesn’t appear to be a ovf file and doesn’t appear to have a ovf file in the archive.

    Am I missing something?