Security Basics mailing list archives

Re: Checkpoint Firewall Configuration

From: c0unter14 <c0unter14 () gmail com>
Date: Thu, 31 Jan 2008 13:20:46 -0600

No easy open source tool for audit purpose that will maintain
configuration changes. However I have used Firemon ($), and it works
like a champ. It will maintain all your old/new configurations,
generate reports that will highlight what has been changed between 2
selected configurations (can be any stored configs), can run multiple
audit queries for analysis.

It costs some $, but is worth the money if you have it .

On Jan 30, 2008 6:10 AM, Dieter Sarrazyn <dieter.sarrazyn () ascure com> wrote:

Hi,

You should have a look at the following tools for auditing the
rulebase(s) and configuration:
* FWDoc: http://www.wyae.de/software/fwdoc/
* Nipper: http://sourceforge.net/projects/nipper

The only requirement is that you have the checkpoint config by hand. So
either you run the tool on the Checkpoint Mgmt server or you take a
backup of the config and run the tool on another system (recommended).

Taking a copy of the config can be done by copying the content of the
"conf" directory off of the Management server. The information in there
is sufficient for these tools.

Dieter

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]

On Behalf Of global.infosec () gmail com
Sent: dinsdag 29 januari 2008 7:04
To: security-basics () securityfocus com
Subject: Checkpoint Firewall Configuration

We are in the process of auditing our Checkpoint confifuration. We need
to capture the configuration details of the Firewall. The objective is
to identify if any changes have occured to the configuration at any
point of time.



How do we capture the firewall configuration for Audit purpose?



Thanks.
---- eMail Disclaimer ----
This message may be confidential. It is also solely for the use of the individual or group to whom it is addressed. 
If you have received it
by mistake, please let us know by e-mail reply. Ascure is not liable for any direct or indirect damage arising from 
errors, inaccuracies or
any loss in the message, from unauthorized use, disclosure, copying or alteration of it.
For the complete version or other languages of this disclaimer see http://www.ascure.com/disclaimer.htm

Current thread:

Checkpoint Firewall Configuration global . infosec (Jan 29)
- Re: Checkpoint Firewall Configuration Andrea Gatta (Jan 29)
  - RE: Checkpoint Firewall Configuration Hall, Spencer D (Jan 29)
- Re: Checkpoint Firewall Configuration Jason Thompson (Jan 29)
  - Re: Checkpoint Firewall Configuration Louise Forrest (Jan 29)
- Re: Checkpoint Firewall Configuration Jurgen Vermeulen (Jan 30)
- RE: Checkpoint Firewall Configuration Dieter Sarrazyn (Jan 30)
  - Re: Checkpoint Firewall Configuration c0unter14 (Jan 31)
- <Possible follow-ups>
- Re: RE: Checkpoint Firewall Configuration bill (Jan 30)
- Checkpoint Firewall Configuration David Glosser (Jan 30)