RE: Firewall config analysis

From: Marc Doudiet (marc.doudiet@psdsecurite.com)
Date: Wed Feb 28 2007 - 15:24:17 EST


Hi,

>From which side are you ? Do you want to test the config with access to the
config ? Or from a pen-test approach (black box)?
For a pen test approach you can try
http://www.packetfactory.net/projects/firewalk/ or http://www.hping.org/
(better)
For the other approach you can try hdiff
(http://www.ginini.com/software/hdiff/) to test de difference between the
policied on and the other.

Hope this help.
Regards.

Marc Doudiet
PSD SECURITE
Information systems security consultant
L.A. IS 27001 - Information Systems Security Officer (HEC-GE)
http://www.psdsecurite.com
Av. de Boisy 42
1004 Lausanne - Switzerland
+41 21 622 0728 - +4179 5893494

-----Message d'origine-----
De : listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] De
la part de Sachin Ghodkhande
Envoyé : mardi, 27. février 2007 16:18
À : pen-test@securityfocus.com
Objet : Firewall config analysis

Hi,

I wonder what tool do you use for firewall config analysis?

I found following open source Perl script to analyze Pix config.
http://www.techzoom.net/down-zoompix-sample.asp

I'm looking for similar Checkpoint and NetScreen config analyzer.

Regards,
Sachin

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=70160000
0008bOW
------------------------------------------------------------------------





This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:37 EDT