Final Testing (cont.)

Attack first from within. Use portscanners, such as nmap, sscan, mscan etc. to identify listening ports, then decide whether or not they are needed.
Use vulnerability scanners (e.g. Nessus, ISS' System Scanner, and Internet Scanner, and ARC's TARA and SARA). Again, find, identify and correct any vulnerabilities the scanner detects.
Scan from inside and from all interfaces. If a firewall, make sure to scan from outside of the firewall interface.
When looking for holes, you may have to disable your defenses. Don't forget to reenable them.

Attack first from within. Use portscanners, such as nmap, sscan, mscan etc. to identify listening ports, then decide whether or not they are needed.