Security Basics mailing list archives
RE: Firewall rulebase audit
From: "Murda Mcloud" <murdamcloud () bigpond com>
Date: Thu, 20 Sep 2007 11:36:21 +1000
Hey this is a good start point-from Lance Spitzner no less... http://www.rootprompt.org/article.php3?article=323 -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of jctx09 () yahoo com Sent: Thursday, September 20, 2007 7:00 AM To: security-basics () securityfocus com Subject: Firewall rulebase audit I have a pair of PIX firewalls that I need to audit. I was hoping to get some guidelines for doing this. Antyhing specific to PIX would be even better. 1) What is the best/easiest way to document a current policy? Spreadsheet?? I would like to know what ports (services) are open and to where? Also duplicates, etc.? Would it be best just to put it in a spreadsheet? Is there a tool for this? 2)Is there standard Analysis checklist to go by when reviewing a (PIX) firewall policy? Any help is highly appreciated. Thank you,
Current thread:
- Firewall rulebase audit jctx09 (Sep 19)
- Re: Firewall rulebase audit Garry Baker (Sep 20)
- Firewall gnatbox gb-2000e rulebase audit Wilson Mosquera (Sep 20)
- Re: Firewall rulebase audit Roman Shirokov (Sep 20)
- RE: Firewall rulebase audit Murda Mcloud (Sep 20)
- Re: Firewall rulebase audit David Hamm (Sep 20)
- RE: Firewall rulebase audit Palmer, Mark (Sep 20)
- Re: Firewall rulebase audit c0unter14 (Sep 20)
- Re: Firewall rulebase audit David Hamm (Sep 20)
- Re: Firewall rulebase audit Garry Baker (Sep 20)
- Re: Firewall rulebase audit Nikhil Wagholikar (Sep 20)
- Re: Firewall rulebase audit Brian Laing (Sep 21)
- <Possible follow-ups>
- Re: Firewall rulebase audit blah (Sep 20)
- RE: Firewall rulebase audit Chinnery, Paul (Sep 21)