Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Auditing a Firewall rulebase
From: "arvind doraiswamy" <arvind.doraiswamy () gmail com>
Date: Sun, 13 Jul 2008 23:23:07 +0530

Hey All,
Thanks to everyone who gave me feedback. I've released version 1.1 of
the Firewall Rulebase Automation tool. Not a major upgrade but still a
few things cleaned up and it looks better now:

- Outputs now available in reasonably neat HTML format :D
- No more complex command line arguments, everything's in a config file
- More ports added in vulnerable ports section
- Options available to obtain detailed/non detailed output

I wanted to put in detailed redundancy checking but the effort
involved was too high for this release. Maybe version 1.2 , whenever
that is ;).

The latest version is available at:
http://downloads.sourceforge.net/fwauto/fwauto_v1.1.zip?use_mirror=osdn

As usual please get back to me with your brickbats , they are the only
way I can improve on my work. Any good feedback, suggested
improvements and patches as well are thoroughly appreciated :)

Thanks
Arvind
Paladion Networks - http://www.paladion.net


---------- Forwarded message ----------
From: arvind doraiswamy <arvind.doraiswamy () gmail com>
Date: Wed, Jun 18, 2008 at 3:06 PM
Subject: Auditing a Firewall rulebase
To: pen-test () securityfocus com


Hi Guys,
Maybe there have been times when you have pentested a firewall. As
part of a grey box engagement you were assigned the task of auditing
that HUGE firewall rulebase and were stuck on how to proceed , just
because of the sheer volume of information. I hence have created a
little tool in Perl to help in auditing a rulebase and helping you in
narrow down on the weak rules. Obviously this is a big Work In
Progress and can be better but its a start and what I've written works
- Current support is just for Cisco PIX though the framework was
designed to scale across multiple firewalls and no major changes need
to be made.

Please come back to me with feedback on how I can make this better and
what I've missed in the first place. The code can be accessed at:
http://sourceforge.net/projects/fwauto

Thanks
Arvind Doraiswamy
Security Consultant - Paladion Networks
http://www.paladion.net

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in 
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]