Page1
AuditingNetworkDevices
Nipper
IanVenturaWhiting 12 th April2008
with
Nipper
Page2
AuditingNetworkDevices
withNipper
Overview
NipperBackgroundInformation
12
Overview
NipperBackgroundInformation AuditingCiscoSecurityAppliances AuditingCiscoSwitchesAndRouters AuditingCheckPointVPN1/Firewall1 DevicesSupportedByNipper WhatNipperDoesNotDo TheFutureOfNipper
IncludesDemonstrationsWithCiscoEquipment AndANokiaIPFirewallConfiguration
Copyright2008IanVenturaWhiting
http://nipper.tit
Page3
Nipper
AuditingNetworkDevices
withNipper
12
TheBackgroundInfo...
StartedInMay2006 OriginallyCalledCiscoParse DecodedCiscoType7Passwords
DevelopingFurther...
AddedMoreChecks AddedSupportForJuniperNetScreenFirewalls RenamedAsNipper(NetworkInfrastructureParser)
Now...
PerformsSecurityAudits
Now...
PerformsSecurityAudits GeneratesAConfigurationReport
Copyright2008IanVenturaWhiting http://nipper.tit
Page4
Nipper
AuditingNetworkDevices
withNipper
12
Whydevelopersshouldselectindustrystandardencryption example:CiscoType7Passwords
thepasswordhash
ThesecretCiscokey
NOTvery
thecalculation
cleve
Copyright2008IanVenturaWhiting
http://nipper.tit
Page5
Nipper
ThingsToCheck:
NetworkFiltering
AuditingNetworkDevices
withNipper
SecurityAuditing
12
CiscoSecurityAppliance
WhatNipperAudits:
NetworkFiltering
ThingsToCheck:
NetworkFiltering ProtocolAnalysis AdministrativeServices AuthenticationConfiguration VPNConfiguration RoutingProtocols OperatingSystemVersion OtherDeviceSettings
WhatNipperAudits:
NetworkFiltering ProtocolAnalysis AdministrativeServices AuthenticationConfiguratio VPNConfiguration RoutingProtocols OperatingSystemVersion OtherDeviceSettings
Copyright2008IanVenturaWhiting
http://nipper.tit
Page6
Nipper
AuditingNetworkDevices
withNipper
12
AuditingCiscoSecurityAppliances...
Demonstration
Copyright2008IanVenturaWhiting
http://nipper.tit
Copyright2008IanVenturaWhiting
http://nipper.tit
Page7
Nipper
ThingsToCheck:
RoutingProtocols
AuditingNetworkDevices
withNipper
SecurityAuditing
12
CiscoSwitchesAndRouters
WhatNipperAudits:
RoutingProtocols SwitchPort&VLANConfigu AdministrativeServices AuthenticationConfiguration NetworkFiltering DeviceServices OperatingSystemVersion OtherDeviceSettings
Copyright2008IanVenturaWhiting
http://nipper.tit
Page8
Nipper
AuditingNetworkDevices
withNipper
12
AuditingCiscoSwitchesAndRouters...
Demonstration
Copyright2008IanVenturaWhiting
http://nipper.tit
Page9
Nipper
SoftwareFirewall
AuditingNetworkDevices
withNipper
SecurityAuditing
12
CheckPointVPN1/Firewall1
Copyright2008IanVenturaWhiting
http://nipper.tit
Page10
Nipper
AuditingNetworkDevices
withNipper
12
Copyright2008IanVenturaWhiting
http://nipper.tit
Page10
Nipper
AuditingNetworkDevices
withNipper
SecurityAuditing
12
CheckPointVPN1/Firewall1
Copyright2008IanVenturaWhiting
http://nipper.tit
Page11
Nipper
AuditingNetworkDevices
withNipper
12
AuditingCheckPointVPN1/Firewall1...
Demonstration
Copyright2008IanVenturaWhiting
http://nipper.tit
Page12
Nipper
CiscoASAFirewalls CiscoCatOSBasedCatalysts
AuditingNetworkDevices
withNipper
12
Nipper0.11.6SupportsAllTheseDevices
Copyright2008IanVenturaWhiting
http://nipper.tit
Page13
Nipper
AuditingNetworkDevices
withNipper
WhatNipper0.11.6
12
DoesNotDo...
withNipper
WhatNipper0.11.6
DoesNotDo...
Copyright2008IanVenturaWhiting
http://nipper.tit
Page14
Nipper
AuditingNetworkDevices
withNipper
TheFutureof
12
Nipper
CompliancyChecking
ImprovedReportContent
Copyright2008IanVenturaWhiting
http://nipper.tit
Page15
Nipper
Example:Improvementsto
AuditingNetworkDevices
withNipper
12
SNMPAuditing
Nipper0.12.0 ClearTextSNMPInUse Nipper0.11.6 SNMPVersion1/2cInUse WeakCommunityString DictionaryBasedCommunityString WeakCommunityString DictionaryBasedCommunityString DefaultCommunityString SNMPConfiguredWithoutFiltering SNMPWriteAccessEnabled SNMPSystemShutdownEnabled SNMPTFTPListNotConfigured SNMPViewNotConfigured
Copyright2008IanVenturaWhiting http://nipper.tit
Page16
Nipper
CiscoASAFirewalls CiscoCatOSBasedCatalysts
AuditingNetworkDevices
withNipper
12
BayNetworksAccelar CheckPointVPN1/Firewall1
CiscoContentServicesSwitch
Copyright2008IanVenturaWhiting
http://nipper.tit
Page17
Nipper
AuditingNetworkDevices