RE: Auditing Router and Firewall - Checklist and Utils


Thanks..Will try this out, seems like I missed it and will try out PLA/FWANALOG for PIX log gathering.

Best Regards

At 11:29 AM 10/1/2007 -0500, Palmer, Mark wrote:

Read the README document in the Nipper file. It explains how to audit
the PIX. I included in the email for your reference.

--pix | --asa | --fwsm
Treat input configuration as a PIX/ASA/FWSM-based Cisco firewall.

--ios | --ios-router
Treat input configuration as an IOS-based Cisco router. This is the
default device type.

Mark Palmer


-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of WALI
Sent: Monday, October 01, 2007 9:49 AM
To: security-basics@xxxxxxxxxxxxxxxxx
Subject: Auditing Router and Firewall - Checklist and Utils

Hi All,

There is a need to undertake Auditing of Routers (Cisco) and Firewall
(PIX 515)

I have read about Nipper in case of Auditing Router, but haven't come
across any equivalent utility for Cisco PIX. How can I audit Firewall?
Is
there a defined checklist..tool etc?

Which is the best open source product you guys use for Router and
Firewall
logging? Something capable of generating management reports?

Pls advise!!



--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.488 / Virus Database: 269.13.35/1040 - Release Date:
9/30/2007 9:01 PM





--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.488 / Virus Database: 269.13.35/1040 - Release Date: 9/30/2007 9:01 PM


--
No virus found in this outgoing message.
Checked by AVG Free Edition. Version: 7.5.488 / Virus Database: 269.13.35/1040 - Release Date: 9/30/2007 9:01 PM

Relevant Pages

  • RE: Router with security features
    ... Subject: Router with security features ... Cisco makes an even cheaper and smaller pix firewall. ... Pix 520's it just does not come with more powerful hardware. ...
    (Security-Basics)
  • Re: [fw-wiz] Cisco 2811 vs. ASA 55xx
    ... Cisco ASA units are the replacements/upgrades for the PIX. ... "Is the lack of flexibility of the ASA justified by the higher performance? ... I'm not real sure what you're trying to do security-wise with a Cisco router that a Cisco firewall appliance cannot do. ...
    (Firewall-Wizards)
  • RE: Router with security features
    ... Subject: Router with security features ... Well when looking at firewalls you have to understand that a PIX is a PC ... If you want the firewall to work well, ...
    (Security-Basics)
  • RE: PIX Question
    ... to say on the locking down a router and yes the firewall will block internal ... With out some sort of filtering on the ... edge router you will still leave yourself open to certain attacks. ... Subject: PIX Question ...
    (Security-Basics)
  • Re: Replaced NT 4 Server with Linux
    ... Maybe later when i will be more confidential with linux. ... Cisco both with the same configuration i'm doing now with your help. ... > off by a second line of defense (the Linux firewall machine you don't ... > router and keeping track of connections, running IDS's, etc - your Cisco ...
    (comp.os.linux.security)