To resolve the question: accurately scanned the port of remote network host through firewall, researched deeply on the existing scan methods, found their weakness, provided a new method about port detection through firewall. Described the design thinking and scan process, design the first part of ETHERNET, send out and receive of the data packet was turned from the IP layer to data link layer. delivered the data packet directly to network hosts. At last, developed the network security assessment system based on this way. Test results show that this method can penetrate firewall and accurately scan the port of remote network host.