RE: Checkpoint Firewall Configuration

["Dieter Sarrazyn" <dieter.sarrazyn () ascure com>]

Hi,

You should have a look at the following tools for auditing the
rulebase(s) and configuration:
* FWDoc: http://www.wyae.de/software/fwdoc/
* Nipper: http://sourceforge.net/projects/nipper

The only requirement is that you have the checkpoint config by hand. So
either you run the tool on the Checkpoint Mgmt server or you take a
backup of the config and run the tool on another system (recommended).

Taking a copy of the config can be done by copying the content of the
"conf" directory off of the Management server. The information in there
is sufficient for these tools.

Dieter

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of global.infosec () gmail com
Sent: dinsdag 29 januari 2008 7:04
To: security-basics () securityfocus com
Subject: Checkpoint Firewall Configuration

We are in the process of auditing our Checkpoint confifuration. We need
to capture the configuration details of the Firewall. The objective is
to identify if any changes have occured to the configuration at any
point of time.



How do we capture the firewall configuration for Audit purpose?



Thanks.
---- eMail Disclaimer ----
This message may be confidential. It is also solely for the use of the individual or group to whom it is addressed. If 
you have received it 
by mistake, please let us know by e-mail reply. Ascure is not liable for any direct or indirect damage arising from 
errors, inaccuracies or 
any loss in the message, from unauthorized use, disclosure, copying or alteration of it.
For the complete version or other languages of this disclaimer see http://www.ascure.com/disclaimer.htm