OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Re: Firewall rulebase checking tool

From: Christopher A. Jarosz (christopherjaroszatt.net)
Date: Fri Aug 13 2010 - 15:26:37 CDT


Greetings!!!

If you're looking at a Cisco PIX or ASA, look at CSM (Cisco Security
Manager). You can import rules and show then in a way to make sense to any
"c" level person.... Not free, but very good....

> From: Jirka Vejrazka <jirka.vejrazkagmail.com>
> Date: Fri, 13 Aug 2010 16:17:49 +0200
> To: "pen-testsecurityfocus.com" <pen-testsecurityfocus.com>
> Subject: Firewall rulebase checking tool
> Resent-From: <pen-test-return-1078490304securityfocus.com>
> Resent-Date: Fri, 13 Aug 2010 10:28:02 -0600 (MDT)
>
> Hi all,
>
> I'm trying to figure out if there is a tool that would help
> validating firewall rulebase(s), if the configuration is available
> (i.e. no blind pen-testing, more like an audit)
>
> I know about Flint from Matasano security, looking for some other
> options too. Ability to recognize iptables and CheckPoint syntax would
> be great.
>
> Any hints appreciated
>
> Jirka
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually
> do a proper penetration test. IACRB CPT and CEPT certs require a full
> practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------
>

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------