mailing list archives
RE: Firewall rulebase audit
From: "Kevin Ortloff" <Kevin.Ortloff () j2global com>
Date: Tue, 23 Oct 2007 09:08:51 -0700
I would say that the best audit for firewalls are manual. There are
tools that can point things out to you, but usually I run nessus or
similar from the outside to gain knowledge of open ports, then I
manually go through the acl's. Once, that's cleaned up, look at your
object groups, hit counters, and translations.
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Roman Shirokov
Sent: Thursday, September 20, 2007 5:09 AM
To: jctx09 () yahoo com
Cc: security-basics () securityfocus com
Subject: Re: Firewall rulebase audit
You can check check this:
CIS Level 1 & 2 Benchmarks and Audit Tool for Cisco IOS Routers and PIX
I have a pair of PIX firewalls that I need to audit. I was hoping to
get some guidelines for doing this. Antyhing specific to PIX would be
1) What is the best/easiest way to document a current policy?
Spreadsheet?? I would like to know what ports (services) are open and
to where? Also duplicates, etc.? Would it be best just to put it in a
spreadsheet? Is there a tool for this?
2)Is there standard Analysis checklist to go by when reviewing a (PIX)
Any help is highly appreciated.
__________ NOD32 2541 (20070920) Information __________
This message was checked by NOD32 antivirus system.
e-mail:insecure () yandex ru
Life has more imagination than we carry in our dreams... (Christopher
This email, its contents and attachments contain information from j2 Global Communications, Inc. and/or its affiliates
which may be privileged, confidential or otherwise protected from disclosure. The information is intended to be for the
addressee(s) only. If you are not an addressee, any disclosure, copy, distribution, or use of the contents of this
message is prohibited. If you have received this email in error please notify the sender by reply instant message mail
and delete the original message and any copies.
- RE: Firewall rulebase audit Kevin Ortloff (Oct 23)