Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Auditing a Firewall rulebase

from [à aditya mukadam à] Network Security [Permanent Link]
Subject: Re: Auditing a Firewall rulebase
Date: Mon, 14 Jul 2008 08:50:33 +0530 
- Current support is just for Cisco PIX though the framework was
designed to scale across multiple firewalls and no major changes need
to be made.


Does it have support for Cisco PIX/ASA 7.x code onwards as well ?

Thanks,
Aditya Govind Mukadam

On Sun, Jul 13, 2008 at 11:23 PM, arvind doraiswamy
<arvind.doraiswamy@gmail.com> wrote:

Hey All,
Thanks to everyone who gave me feedback. I've released version 1.1 of
the Firewall Rulebase Automation tool. Not a major upgrade but still a
few things cleaned up and it looks better now:

- Outputs now available in reasonably neat HTML format :D
- No more complex command line arguments, everything's in a config file
- More ports added in vulnerable ports section
- Options available to obtain detailed/non detailed output

I wanted to put in detailed redundancy checking but the effort
involved was too high for this release. Maybe version 1.2 , whenever
that is ;).

The latest version is available at:
http://downloads.sourceforge.net/fwauto/fwauto_v1.1.zip?use_mirror=osdn

As usual please get back to me with your brickbats , they are the only
way I can improve on my work. Any good feedback, suggested
improvements and patches as well are thoroughly appreciated :)

Thanks
Arvind
Paladion Networks - http://www.paladion.net


---------- Forwarded message ----------
From: arvind doraiswamy <arvind.doraiswamy@gmail.com>
Date: Wed, Jun 18, 2008 at 3:06 PM
Subject: Auditing a Firewall rulebase
To: pen-test@securityfocus.com


Hi Guys,
Maybe there have been times when you have pentested a firewall. As
part of a grey box engagement you were assigned the task of auditing
that HUGE firewall rulebase and were stuck on how to proceed , just
because of the sheer volume of information. I hence have created a
little tool in Perl to help in auditing a rulebase and helping you in
narrow down on the weak rules. Obviously this is a big Work In
Progress and can be better but its a start and what I've written works
- Current support is just for Cisco PIX though the framework was
designed to scale across multiple firewalls and no major changes need
to be made.

Please come back to me with feedback on how I can make this better and
what I've missed in the first place. The code can be accessed at:
http://sourceforge.net/projects/fwauto

Thanks
Arvind Doraiswamy
Security Consultant - Paladion Networks
http://www.paladion.net

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------




------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in 
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: How to decrypt a connection SSH v2?, Ulises2k
Next by Date:  Wired captive portal pen-test, Roman Medina-Heigl Hernandez
Previous by Thread:  Re: Auditing a Firewall rulebase, arvind doraiswamy
Next by Thread:  Re: Auditing a Firewall rulebase, econtreras
Indexes:  [Date] [Thread] [Top] [All Lists]