Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Firewall rulebase audit

from [Kevin Ortloff] Network Security [Permanent Link]
Subject: RE: Firewall rulebase audit
Date: Tue, 23 Oct 2007 09:08:51 -0700 
I would say that the best audit for firewalls are manual. There are
tools that can point things out to you, but usually I run nessus or
similar from the outside to gain knowledge of open ports, then I
manually go through the acl's. Once, that's cleaned up, look at your
object groups, hit counters, and translations.

 

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of Roman Shirokov
Sent: Thursday, September 20, 2007 5:09 AM
To: jctx09@yahoo.com
Cc: security-basics@securityfocus.com
Subject: Re: Firewall rulebase audit

Hi

You can check check  this:

CIS Level 1 & 2 Benchmarks and Audit Tool for Cisco IOS Routers and PIX
firewalls.

http://cisecurity.org/bench_cisco.html


I have a pair of PIX firewalls that I need to audit. I was hoping to 
get some guidelines for doing this. Antyhing specific to PIX would be

even better.



1) What is the best/easiest way to document a current policy?
Spreadsheet?? I would like to know what ports (services) are open and 
to where? Also duplicates, etc.? Would it be best just to put it in a 
spreadsheet? Is there a tool for this?




2)Is there standard Analysis checklist to go by when reviewing a (PIX)

firewall policy?



Any help is highly appreciated.




Thank you,



__________ NOD32 2541 (20070920) Information __________



This message was checked by NOD32 antivirus system.
http://www.eset.com





--
Best regards,

Roman Shirokov

e-mail:insecure@yandex.ru

Life has more imagination than we carry in our dreams... (Christopher
Columbus)



This email, its contents and attachments contain information from j2 Global 
Communications, Inc. and/or its affiliates which may be privileged, 
confidential or otherwise protected from disclosure. The information is 
intended to be for the addressee(s) only.  If you are not an addressee, any 
disclosure, copy, distribution, or use of the contents of this message is 
prohibited.  If you have received this email in error please notify the sender 
by reply instant message mail and delete the original message and any copies.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: PHP web exploit/vulnerability, David Gutierrez
Next by Date:  RE: Blocking hack attempts from foreign countries..., Kevin Ortloff
Previous by Thread:  PHP web exploit/vulnerability, Camilo Olea
Next by Thread:  RE: Firewall rulebase audit, Craig Wright
Indexes:  [Date] [Thread] [Top] [All Lists]