{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,4]],"date-time":"2026-06-04T15:53:55Z","timestamp":1780588435205,"version":"3.54.1"},"reference-count":31,"publisher":"MDPI AG","issue":"5","license":[{"start":{"date-parts":[[2023,3,1]],"date-time":"2023-03-01T00:00:00Z","timestamp":1677628800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>The growing number of cyber-crimes is affecting all industries worldwide, as there is no business or industry that has maximum protection in this domain. This problem can produce minimal damage if an organization has information security audits periodically. The process of an audit includes several steps, such as penetration testing, vulnerability scans, and network assessments. After the audit is conducted, a report that contains the vulnerabilities is generated to help the organization to understand the current situation from this perspective. Risk exposure should be as low as possible because in cases of an attack, the entire business is damaged. In this article, we present the process of an in-depth security audit on a distributed firewall, with different approaches for the best results. The research of our distributed firewall involves the detection and remediation of system vulnerabilities by various means. In our research, we aim to solve the weaknesses that have not been solved to date. The feedback of our study is revealed with the help of a risk report in the scope of providing a top-level view of the security of a distributed firewall. To provide a high security level for the distributed firewall, we will address the security flaws uncovered in firewalls as part of our research.<\/jats:p>","DOI":"10.3390\/s23052683","type":"journal-article","created":{"date-parts":[[2023,3,1]],"date-time":"2023-03-01T02:02:56Z","timestamp":1677636176000},"page":"2683","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":19,"title":["Research on Security Weakness Using Penetration Testing in a Distributed Firewall"],"prefix":"10.3390","volume":"23","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-2273-0293","authenticated-orcid":false,"given":"Andrei-Daniel","family":"Tudosi","sequence":"first","affiliation":[{"name":"Department of Computers, Electronics and Automation, Stefan cel Mare University of Suceava, 720229 Suceava, Romania"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Adrian","family":"Graur","sequence":"additional","affiliation":[{"name":"Department of Computers, Electronics and Automation, Stefan cel Mare University of Suceava, 720229 Suceava, Romania"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1039-9794","authenticated-orcid":false,"given":"Doru Gabriel","family":"Balan","sequence":"additional","affiliation":[{"name":"Department of Computers, Electronics and Automation, Stefan cel Mare University of Suceava, 720229 Suceava, Romania"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Alin Dan","family":"Potorac","sequence":"additional","affiliation":[{"name":"Department of Computers, Electronics and Automation, Stefan cel Mare University of Suceava, 720229 Suceava, Romania"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"1968","published-online":{"date-parts":[[2023,3,1]]},"reference":[{"key":"ref_1","unstructured":"Wikipedia (2023, January 10). Information Security Audit. Available online: https:\/\/en.wikipedia.org\/wiki\/Information_security_audit."},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"IBM (2023, January 03). Cost of a Data Breach 2022. Available online: https:\/\/www.ibm.com\/reports\/data-breach.","DOI":"10.12968\/S1353-4858(22)70049-9"},{"key":"ref_3","unstructured":"(2023, January 10). Average Duration of Downtime after a Ransomware Attack from 1st Quarter 2020 to 4th Quarter 2021. Available online: https:\/\/www.statista.com\/statistics\/1275029\/length-of-downtime-after-ransomware-attack."},{"key":"ref_4","unstructured":"Aquasec (2023, January 17). Vulnerability Scanning Process: An In-Depth Look. Available online: https:\/\/www.aquasec.com\/cloud-native-academy\/vulnerability-management\/vulnerability-scanning-process\/."},{"key":"ref_5","unstructured":"Fortinet (2023, January 18). What Is Internet Control Message Protocol (ICMP)?. Available online: https:\/\/www.fortinet.com\/resources\/cyberglossary\/internet-control-message-protocol-icmp."},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Kiratsata, H.J., Raval, D.P., Viras, P.K., Lalwani, P., Patel, H., and Panchal, S.D. (2022, January 24\u201326). Behaviour Analysis of Open-Source Firewalls Under Security Crisis. Proceedings of the 2022 International Conference on Wireless Communications Signal Processing and Networking (WiSPNET), Chennai, India.","DOI":"10.1109\/WiSPNET54241.2022.9767176"},{"key":"ref_7","unstructured":"Check Point (2023, January 17). What Is a Port Scan?. Available online: https:\/\/www.checkpoint.com\/cyber-hub\/network-security\/what-is-a-port-scan\/."},{"key":"ref_8","unstructured":"Netgate (2023, January 10). pfSense\u00ae\u2014World\u2019s Most Trusted Open Source Firewall. Available online: https:\/\/www.pfsense.org\/."},{"key":"ref_9","unstructured":"Juniper (2023, January 03). What Is IDS and IPS?. Available online: https:\/\/www.juniper.net\/us\/en\/research-topics\/what-is-ids-ips.html."},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Chalvatzis, I., Karras, D.A., and Papademetriou, R.C. (2019, January 29\u201331). Evaluation of Security Vulnerability Scanners for Small and Medium Enterprises Business Networks Resilience towards Risk Assessment. Proceedings of the 2019 IEEE International Conference on Artificial Intelligence and Computer Applications (ICAICA), Dalian, China.","DOI":"10.1109\/ICAICA.2019.8873438"},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Chowdhary, A., Huang, D., Mahendran, J.S., Romo, D., Deng, Y., and Sabur, A. (2020, January 17\u201319). Autonomous Security Analysis and Penetration Testing. Proceedings of the 2020 16th International Conference on Mobility, Sensing and Networking (MSN), Tokyo, Japan.","DOI":"10.1109\/MSN50589.2020.00086"},{"key":"ref_12","unstructured":"Lyon, G. (2023, January 15). Nmap. Available online: https:\/\/nmap.org\/."},{"key":"ref_13","unstructured":"Tenable (2023, January 17). Nessus. Available online: https:\/\/www.tenable.com\/."},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Tudosi, A.-D., Balan, D.G., and Potorac, A.D. (2022, January 26\u201328). Secure network architecture based on distributed firewalls. Proceedings of the 2022 International Conference on Development and Application Systems (DAS), Suceava, Romania.","DOI":"10.1109\/DAS54948.2022.9786092"},{"key":"ref_15","unstructured":"Wikipedia (2023, January 20). Distributed Firewall. Available online: https:\/\/en.wikipedia.org\/wiki\/Distributed_firewall."},{"key":"ref_16","unstructured":"PeerSpot (2023, January 17). pfSense Reviews. Available online: https:\/\/www.peerspot.com\/products\/pfsense-reviews."},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Shah, M., Ahmed, S., Saeed, K., Junaid, M., Khan, H., and Rehman, A.U. (2019, January 30\u201331). Penetration Testing Active Reconnaissance Phase\u2014Optimized Port Scanning with Nmap Tool. Proceedings of the 2019 2nd International Conference on Computing, Mathematics and Engineering Technologies (iCoMET), Sukkur, Pakistan.","DOI":"10.1109\/ICOMET.2019.8673520"},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Balaz, A., Hulic, M., Kurilec, M., and Stancel, M. (2019, January 12\u201314). Classification of Security for System Vulnerabilities. Proceedings of the 2019 IEEE 17th International Symposium on Intelligent Systems and Informatics (SISY), Subotica, Serbia.","DOI":"10.1109\/SISY47553.2019.9111624"},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Reddy, P.S., and Pelletier, J.M. (2022, January 23\u201327). The Pentest Method for Business Intelligence. Proceedings of the 2022 45th Jubilee International Convention on Information, Communication and Electronic Technology (MIPRO), Opatija, Croatia.","DOI":"10.23919\/MIPRO55190.2022.9803788"},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"DeCusatis, C., Peko, P., Irving, J., Teache, M., Laibach, C., and Hodge, J. (2022, January 26\u201329). A Framework for Open Source Intelligence Penetration Testing of Virtual Health Care Systems. Proceedings of the 2022 IEEE 12th Annual Computing and Communication Workshop and Conference (CCWC), Las Vegas, NV, USA.","DOI":"10.1109\/CCWC54503.2022.9720785"},{"key":"ref_21","unstructured":"Wikipedia (2023, January 08). Netcat. Available online: https:\/\/en.wikipedia.org\/wiki\/Netcat."},{"key":"ref_22","unstructured":"Wikipedia (2023, January 17). Firewalk (Computing). Available online: https:\/\/en.wikipedia.org\/wiki\/Firewalk_(computing)."},{"key":"ref_23","unstructured":"TechTaraget (2023, January 17). Network Time Protocol (NTP). Available online: https:\/\/www.techtarget.com\/searchnetworking\/definition\/Network-Time-Protocol."},{"key":"ref_24","unstructured":"Cloudflare (2023, January 21). What is a DDoS attack?. Available online: https:\/\/www.cloudflare.com\/learning\/ddos\/what-is-a-ddos-attack\/."},{"key":"ref_25","unstructured":"DigiCert (2023, January 07). What Is an SSL Certificate?. Available online: https:\/\/www.digicert.com\/what-is-an-ssl-certificate."},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Kamath, S., Sarasvathi, V., Singh, A., Aparna, R., Saxena, H., and Shruthi, S.S. (2022, January 29\u201331). Detection and Mitigation of Man-in-the-Middle Attack in IoT through Alternate Routing. Proceedings of the 2022 6th International Conference on Computing Methodologies and Communication (ICCMC), Erode, India.","DOI":"10.1109\/ICCMC53470.2022.9753832"},{"key":"ref_27","unstructured":"U.S. Department of Homeland Security (DHS) (2022, December 12). CVE, Available online: https:\/\/www.cve.org."},{"key":"ref_28","unstructured":"MITRE Corporation (2023, January 11). CVE Details. Available online: https:\/\/www.cvedetails.com\/product\/21763\/Pfsense-Pfsense.html?vendor_id=11749."},{"key":"ref_29","unstructured":"RedMine (2023, January 05). pfSense Packages. Available online: https:\/\/redmine.pfsense.org\/projects\/pfsense-packages."},{"key":"ref_30","unstructured":"DigitalOcean (2023, January 13). Wireshark. Available online: https:\/\/www.wireshark.org\/."},{"key":"ref_31","unstructured":"Pratum (2023, January 20). Risk Assessment: Likelihood & Impact. Available online: https:\/\/pratum.com\/blog\/443-risk-assessment-likelihood-impact."}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/23\/5\/2683\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T18:44:56Z","timestamp":1760121896000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/23\/5\/2683"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,3,1]]},"references-count":31,"journal-issue":{"issue":"5","published-online":{"date-parts":[[2023,3]]}},"alternative-id":["s23052683"],"URL":"https:\/\/doi.org\/10.3390\/s23052683","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,3,1]]}}}