Re: Firewall rulebase checking tool

["Christopher A. Jarosz" <christopherjarosz () att net>]

Greetings!!!

If you're looking at a Cisco PIX or ASA, look at CSM (Cisco Security
Manager).  You can import rules and show then in a way to make sense to any
"c" level person.... Not free, but very good....


> From: Jirka Vejrazka <jirka.vejrazka () gmail com>
> Date: Fri, 13 Aug 2010 16:17:49 +0200
> To: "pen-test () securityfocus com" <pen-test () securityfocus com>
> Subject: Firewall rulebase checking tool
> Resent-From: <pen-test-return-1078490304 () securityfocus com>
> Resent-Date: Fri, 13 Aug 2010 10:28:02 -0600 (MDT)
>
> Hi all,
>
>   I'm trying to figure out if there is a tool that would help
> validating firewall rulebase(s), if the configuration is available
> (i.e. no blind pen-testing, more like an audit)
>
>   I know about Flint from Matasano security, looking for some other
> options too. Ability to recognize iptables and CheckPoint syntax would
> be great.
>
>   Any hints appreciated
>
>     Jirka
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually
> do a proper penetration test. IACRB CPT and CEPT certs require a full
> practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------