The Firewall Analyzer is less a penetration testing tool and more of a firewall
rules analyzer. It started out first as a commercial product called the Lumeta
Firewall Analyzer. From previous experience - for complex firewall
configurations, it gives pretty decent insight. From their site:
----
Manual inspection of firewall rules involves a high probability of errors.
Corporations need to have their firewalls audited in a systematic and
comprehensive way to avoid the errors that leave security gaps. Only
sophisticated computerized products are able to tackle such a task: there are
simply too many possibilities for humans to handle unassisted.
A comprehensive approach to firewall policy analysis requires analyzing all
intrusion scenarios between all IP addresses (source and destinations),
analyzing all possible source and destination ports and all protocols. A quick
calculation shows that there are over 1030 possible combinations. On such a
scale, active testing is not a viable option, since it would take longer than
the age of our planet in order to complete.
FA started its development in 1998 by a team of researchers at Bell Labs, led
by FA creator Avishai Wool, PhD. It is protected by four patents in various
approval stages. The FA report contains over 1,500 richly-linked HTML-based
files. This structure allows a very easy drill down to more detail, without
cluttering the high level view. All the reports may be stored on a server to
allow easy access to any authorized user, or exported to MS office file format
such as Word or Excel. This allows you to import the results of the firewall
analysis into a database, as well as to include portions of the reports in
tailor-made documents.
----
Steve
-----Original Message-----
From: Chuck Fullerton [mailto:chuckf69@ceinetworks.com]
Sent: Monday, January 03, 2005 1:25 PM
To: Greg Dreelin; pen-test@lists.securityfocus.com
Subject: RE: Routers, Switches, and Firewall testing
Here is a commercial tool that is rather new but looking very
promising.
www.algosec.com
It is a Firewall Analysis tool. It imports all configs into the software
and analyzes it for possible vulnerabilities. Has some bells and whistles
to make the job easier..
Chuck F.
-----Original Message-----
From: Greg Dreelin [mailto:gdreelin@edsicorp.com]
Sent: Monday, January 03, 2005 9:59 AM
To: pen-test@lists.securityfocus.com
Subject: Routers, Switches, and Firewall testing
Pen-Test Group,
I have a question to present that is in need of a good answer. The
question I have is "Is there any good programs for VAP testing routers,
switches, and firewalls?" I know there is the Router Assessment Tool (RAT)
for Cisco router and there is FTEST for firewalls, but are there any other
programs that can be loaded on to a Laptop Toolkit that can do the testing?
Looking for a all in one program if there is such a thing. If anyone has
any good ideas please let me know. Thanks ahead.
v/r
Gregory (Greg) S. Dreelin
Senior Systems Analyst
Marine Corp Information Assurance Assessment Team (MCIAAT)
gdreelin@edsicorp.com
540-720-0841/0843/2093 /2106
Cell 703-843-1962
__________________________________________________________________
'Information is Knowledge, Knowledge is Power, and Power is Dangerous"
