Re: R: Auditing Router and Firewall - Checklist and Utils

[David Bergert <infosecblurb () gmail com>]

I've justed used a linux syslog and fwanalog for some summary reports - 
http://tud.at/programm/fwanalog/
Worked pretty good.

[db]


Vega - Brunello Ivan wrote:
> I use splunk for general logging, and PLA (http://www.logging-architecture.net/pla2/) for specific PIX log monitoring.
>
> AFAIK, neither is capable of automatic reporting (at least, with free version of splunk), 
> but they indeed do a good job in searching and presenting relevant data.
>
> Ivan
>
>
> Ivan Brunello
>   
> > -----Messaggio originale-----
> > Da: listbounce () securityfocus com 
> > [mailto:listbounce () securityfocus com] Per conto di WALI
> > Inviato: lunedì 1 ottobre 2007 16.49
> > A: security-basics () securityfocus com
> > Oggetto: Auditing Router and Firewall - Checklist and Utils
> >
> > Hi All,
> >
> > There is a need to undertake Auditing of Routers (Cisco) and 
> > Firewall (PIX 515)
> >
> > I have read about Nipper in case of Auditing Router, but 
> > haven't come across any equivalent utility for Cisco PIX. How 
> > can I audit Firewall? Is there a defined checklist..tool etc?
> >
> > Which is the best open source product you guys use for Router 
> > and Firewall logging? Something capable of generating 
> > management reports?
> >
> > Pls advise!!
> >   
> >
> >
> > --
> > No virus found in this outgoing message.
> > Checked by AVG Free Edition. 
> > Version: 7.5.488 / Virus Database: 269.13.35/1040 - Release 
> > Date: 9/30/2007 9:01 PM
> >
> >
> >
> >     
>
>