Re: Auditing a Firewall rulebase
- From: <econtreras@xxxxxxxxxxxxxxx>
- Date: Wed, 16 Jul 2008 14:58:44 -0300
hi all..somebody known about a tools o parser for old version of pix software, I need something to see a lots of conduit...or something to translate configuration from pix to netscreen firewall...
thank..
Edgar Carlos Alberto Contreras
----- Mensaje original -----
De: arvind doraiswamy <arvind.doraiswamy@xxxxxxxxx>
Fecha: Domingo, Julio 13, 2008 2:53 pm
Asunto: Re: Auditing a Firewall rulebase
Hey All,
Thanks to everyone who gave me feedback. I've released version 1.1 of
the Firewall Rulebase Automation tool. Not a major upgrade but
still a
few things cleaned up and it looks better now:
- Outputs now available in reasonably neat HTML format :D
- No more complex command line arguments, everything's in a config
file- More ports added in vulnerable ports section
- Options available to obtain detailed/non detailed output
I wanted to put in detailed redundancy checking but the effort
involved was too high for this release. Maybe version 1.2 , whenever
that is ;).
The latest version is available at:
http://downloads.sourceforge.net/fwauto/fwauto_v1.1.zip?use_mirror=osdn
As usual please get back to me with your brickbats , they are the only
way I can improve on my work. Any good feedback, suggested
improvements and patches as well are thoroughly appreciated :)
Thanks
Arvind
Paladion Networks - http://www.paladion.net
---------- Forwarded message ----------
From: arvind doraiswamy <arvind.doraiswamy@xxxxxxxxx>
Date: Wed, Jun 18, 2008 at 3:06 PM
Subject: Auditing a Firewall rulebase
To: pen-test@xxxxxxxxxxxxxxxxx
Hi Guys,
Maybe there have been times when you have pentested a firewall. As
part of a grey box engagement you were assigned the task of auditing
that HUGE firewall rulebase and were stuck on how to proceed , just
because of the sheer volume of information. I hence have created a
little tool in Perl to help in auditing a rulebase and helping you in
narrow down on the weak rules. Obviously this is a big Work In
Progress and can be better but its a start and what I've written works
- Current support is just for Cisco PIX though the framework was
designed to scale across multiple firewalls and no major changes need
to be made.
Please come back to me with feedback on how I can make this better and
what I've missed in the first place. The code can be accessed at:
http://sourceforge.net/projects/fwauto
Thanks
Arvind Doraiswamy
Security Consultant - Paladion Networks
http://www.paladion.net
-------------------------------------------------------------------
-----
This list is sponsored by: Cenzic
Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides
www.cenzic.com/landing/securityfocus/hackinar
-------------------------------------------------------------------
-----
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides
www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
- Follow-Ups:
- Re: Auditing a Firewall rulebase
- From: Meenal Mukadam
- Re: Auditing a Firewall rulebase
- Prev by Date: Re: Wired captive portal pen-test
- Next by Date: Re: Wired captive portal pen-test
- Previous by thread: Re: Auditing a Firewall rulebase
- Next by thread: Re: Auditing a Firewall rulebase
- Index(es):
Relevant Pages
|
