Penetration Testing mailing list archives
Re: Firewall rulebase checking tool
From: Scott <opiesan () gmail com>
Date: Mon, 16 Aug 2010 17:44:48 -0400
Hello Jirka. I don't know if you're strictly looking for open source tools or not but there are a few commercial tools I've heard good things about. Specifically they are: Tufin Algosec Firemon They all pretty much do the same thing although I've never used any of them extensively. I believe they're compatible with all the major firewall vendors (Check Point, Cisco, Juniper, etc.) and probably many of the smaller ones as well. No clue about support for iptables though. You'd have to ask them directly about that. Additionally, you could also consider a professional services/consultant approach to analyze the rulebase. I know Check Point has a service for this called SmartUse. It would take longer than running your own tool but likely costs less and you get the added value of a human consultant providing their feedback on top of any automated analysis. Hope this helps. Scott On Fri, Aug 13, 2010 at 10:17 AM, Jirka Vejrazka <jirka.vejrazka () gmail com> wrote:
Hi all, I'm trying to figure out if there is a tool that would help validating firewall rulebase(s), if the configuration is available (i.e. no blind pen-testing, more like an audit) I know about Flint from Matasano security, looking for some other options too. Ability to recognize iptables and CheckPoint syntax would be great. Any hints appreciated Jirka ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Firewall rulebase checking tool Jirka Vejrazka (Aug 13)
- Re: Firewall rulebase checking tool Christopher A. Jarosz (Aug 16)
- Re: Firewall rulebase checking tool Michal Merta (Aug 16)
- Re: Firewall rulebase checking tool anthony . cicalla (Aug 16)
- Message not available
- Re: Firewall rulebase checking tool anthony . cicalla (Aug 16)
- Re: Firewall rulebase checking tool Nikhil Wagholikar (Aug 16)
- RE: Firewall rulebase checking tool lgpm (Aug 16)
- RE: Firewall rulebase checking tool Hugo V. Garcia R. (Aug 16)
- Re: Firewall rulebase checking tool Scott (Aug 16)
- Re: Firewall rulebase checking tool Tracy Reed (Aug 17)
- Re: Firewall rulebase checking tool Jirka Vejrazka (Aug 17)
- RE: Firewall rulebase checking tool K K Mookhey (Aug 18)
- Re: Firewall rulebase checking tool anthony . cicalla (Aug 18)
- RE: Firewall rulebase checking tool Martinez, Daniel (Aug 18)
- Re: Firewall rulebase checking tool anthony . cicalla (Aug 18)
- Re: Firewall rulebase checking tool Jirka Vejrazka (Aug 17)