Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Checkpoint Firewall Configuration

from [c0unter14] Network Security [Permanent Link]
Subject: Re: Checkpoint Firewall Configuration
Date: Thu, 31 Jan 2008 13:20:46 -0600 
No easy open source tool for audit purpose that will maintain
configuration changes. However I have used Firemon ($), and it works
like a champ. It will maintain all your old/new configurations,
generate reports that will highlight what has been changed between 2
selected configurations (can be any stored configs), can run multiple
audit queries for analysis.

It costs some $, but is worth the money if you have it .

On Jan 30, 2008 6:10 AM, Dieter Sarrazyn <dieter.sarrazyn@ascure.com> wrote:

Hi,

You should have a look at the following tools for auditing the
rulebase(s) and configuration:
* FWDoc: http://www.wyae.de/software/fwdoc/
* Nipper: http://sourceforge.net/projects/nipper

The only requirement is that you have the checkpoint config by hand. So
either you run the tool on the Checkpoint Mgmt server or you take a
backup of the config and run the tool on another system (recommended).

Taking a copy of the config can be done by copying the content of the
"conf" directory off of the Management server. The information in there
is sufficient for these tools.

Dieter

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]

On Behalf Of global.infosec@gmail.com
Sent: dinsdag 29 januari 2008 7:04
To: security-basics@securityfocus.com
Subject: Checkpoint Firewall Configuration

We are in the process of auditing our Checkpoint confifuration. We need
to capture the configuration details of the Firewall. The objective is
to identify if any changes have occured to the configuration at any
point of time.



How do we capture the firewall configuration for Audit purpose?



Thanks.
---- eMail Disclaimer ----
This message may be confidential. It is also solely for the use of the 
individual or group to whom it is addressed. If you have received it
by mistake, please let us know by e-mail reply. Ascure is not liable for any 
direct or indirect damage arising from errors, inaccuracies or
any loss in the message, from unauthorized use, disclosure, copying or 
alteration of it.
For the complete version or other languages of this disclaimer see 
http://www.ascure.com/disclaimer.htm
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Converting Checkpoint to ASA, c0unter14
Next by Date:  RE: Converting Checkpoint to ASA, Lee Hilt
Previous by Thread:  RE: Checkpoint Firewall Configuration, Dieter Sarrazyn
Next by Thread:  Re: RE: Checkpoint Firewall Configuration, bill
Indexes:  [Date] [Thread] [Top] [All Lists]