Re: [fw-wiz] Analyzing a Cisco firewalls connection table

Thanks for the Feedback Paul.

The binary only tool doesn't connect to a firewall at all. It requires no
connection and can be ran 100% within a sandbox. It simply takes data from
your firewall. I find that binaries tend to be more user friendly rather
than saying install python, wx.python..etc.

But I do agree with you. This was a sneak peak that I wanted feedback on. I
had always planned to make this open source much like my other project tpcat
(a packet capture analyzer

Anyhoo. Updated binary and source available here:

It will run on all modern systems all you need to do is install python and
wx.python. I've tested it on Windows/OSX/Linux.

Thanks again all.
-Tim Eberhard

On Mon, Dec 14, 2009 at 8:22 AM, Paul D. Robertson <paul@xxxxxxxxxxxx>wrote:

On Thu, 10 Dec 2009, Tim Eberhard wrote:

It is in .exe format and is completely virus free. It requires no
connection. Please give it a try and give me some feedback good/bad/ugly.
You can download a copy here:


1. I'm not sure how someone is supposed to evaluate a binary-only tool
that wants to connect to their firewall- the potential for malice is
large, and it's difficult to imagine someone with firewall issues setting
up an appropriate sandbox.

2. Why do people insist on archiving using rar instead of zip? I can't
imagine letting a RAR file through a content filter, heck I don't even
like to allow .zips!

3. Windows-only tools aren't very useful to me (one of the reasons I'm
moving away from firewalls like Watchguard that require a Windows box to


Paul D. Robertson "My statements in this message are personal opinions
paul@xxxxxxxxxxxx which may have no basis whatsoever in fact."
Moderator: Firewall-Wizards mailing list

firewall-wizards mailing list

firewall-wizards mailing list