Scribd Logo
Unggah

Selamat datang di Scribd!

  • Auditing With Nipper

    Diunggah oleh

    Shalem Raj
    434 tayangan11 halaman
    Nipper Auditing Network Devices with Nipper Audits Cisco Security Appliances Auditing Cisco Switches And Routers Auditing CheckPoint VPN1 / Firewall1 Devices Supported By Nipper. Originally Called Cisco Parse Decoded Cisco Type 7 Passwords Developing Further. Added More Checks Added Support For Juniper NetScreen Firewalls Renamed As Nipper (Network Infrastructure Parser) Now. Performs Security Audits generates A Configuration

    Deskripsi Asli:

    Hak Cipta

    © Attribution Non-Commercial (BY-NC)

    Format Tersedia

    PDF, TXT atau baca online dari Scribd

    Apakah menurut Anda dokumen ini bermanfaat?

    Apakah konten ini tidak pantas?

    Laporkan Dokumen Ini
    Nipper Auditing Network Devices with Nipper Audits Cisco Security Appliances Auditing Cisco Switches And Routers Auditing CheckPoint VPN1 / Firewall1 Devices Supported By Nipper. Originally Called Cisco Parse Decoded Cisco Type 7 Passwords Developing Further. Added More Checks Added Support For Juniper NetScreen Firewalls Renamed As Nipper (Network Infrastructure Parser) Now. Performs Security Audits generates A Configuration

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    434 tayangan11 halaman

    Auditing With Nipper

    Diunggah oleh

    Shalem Raj
    Nipper Auditing Network Devices with Nipper Audits Cisco Security Appliances Auditing Cisco Switches And Routers Auditing CheckPoint VPN1 / Firewall1 Devices Supported By Nipper. Originally Called Cisco Parse Decoded Cisco Type 7 Passwords Developing Further. Added More Checks Added Support For Juniper NetScreen Firewalls Renamed As Nipper (Network Infrastructure Parser) Now. Performs Security Audits generates A Configuration

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    dari 11

    Thisisthehtmlversionofthefilehttp://nipper.titania.co.uk/contrib/nipper20080412.pdf. Googleautomaticallygenerateshtmlversionsofdocumentsaswecrawltheweb.

    Page1

    AuditingNetworkDevices

    Nipper
    IanVenturaWhiting 12 th April2008

    with

    Nipper

    Page2

    AuditingNetworkDevices

    withNipper
    Overview
    NipperBackgroundInformation

    12

    Overview
    NipperBackgroundInformation AuditingCiscoSecurityAppliances AuditingCiscoSwitchesAndRouters AuditingCheckPointVPN1/Firewall1 DevicesSupportedByNipper WhatNipperDoesNotDo TheFutureOfNipper

    IncludesDemonstrationsWithCiscoEquipment AndANokiaIPFirewallConfiguration

    Copyright2008IanVenturaWhiting

    http://nipper.tit
    Page3

    Nipper

    AuditingNetworkDevices

    withNipper

    12

    TheBackgroundInfo...
    StartedInMay2006 OriginallyCalledCiscoParse DecodedCiscoType7Passwords

    DevelopingFurther...
    AddedMoreChecks AddedSupportForJuniperNetScreenFirewalls RenamedAsNipper(NetworkInfrastructureParser)

    Now...
    PerformsSecurityAudits

    Now...
    PerformsSecurityAudits GeneratesAConfigurationReport
    Copyright2008IanVenturaWhiting http://nipper.tit
    Page4

    Nipper

    AuditingNetworkDevices

    withNipper

    12

    Whydevelopersshouldselectindustrystandardencryption example:CiscoType7Passwords

    thepasswordhash

    ThesecretCiscokey

    NOTvery
    thecalculation

    cleve

    Copyright2008IanVenturaWhiting

    http://nipper.tit
    Page5

    Nipper
    ThingsToCheck:
    NetworkFiltering

    AuditingNetworkDevices

    withNipper
    SecurityAuditing

    12

    CiscoSecurityAppliance

    WhatNipperAudits:
    NetworkFiltering

    ThingsToCheck:
    NetworkFiltering ProtocolAnalysis AdministrativeServices AuthenticationConfiguration VPNConfiguration RoutingProtocols OperatingSystemVersion OtherDeviceSettings

    WhatNipperAudits:
    NetworkFiltering ProtocolAnalysis AdministrativeServices AuthenticationConfiguratio VPNConfiguration RoutingProtocols OperatingSystemVersion OtherDeviceSettings

    Copyright2008IanVenturaWhiting

    http://nipper.tit
    Page6

    Nipper

    AuditingNetworkDevices

    withNipper

    12

    AuditingCiscoSecurityAppliances...

    Demonstration

    Copyright2008IanVenturaWhiting

    http://nipper.tit

    Copyright2008IanVenturaWhiting

    http://nipper.tit
    Page7

    Nipper
    ThingsToCheck:
    RoutingProtocols

    AuditingNetworkDevices

    withNipper
    SecurityAuditing

    12

    CiscoSwitchesAndRouters

    WhatNipperAudits:
    RoutingProtocols SwitchPort&VLANConfigu AdministrativeServices AuthenticationConfiguration NetworkFiltering DeviceServices OperatingSystemVersion OtherDeviceSettings

    SwitchPort&VLANConfiguration AdministrativeServices AuthenticationConfiguration NetworkFiltering DeviceServices OperatingSystemVersion OtherDeviceSettings

    Copyright2008IanVenturaWhiting

    http://nipper.tit
    Page8

    Nipper

    AuditingNetworkDevices

    withNipper

    12

    AuditingCiscoSwitchesAndRouters...

    Demonstration

    Copyright2008IanVenturaWhiting

    http://nipper.tit
    Page9

    Nipper
    SoftwareFirewall

    AuditingNetworkDevices

    withNipper
    SecurityAuditing

    12

    CheckPointVPN1/Firewall1

    RunsOnGNU/Linux,SunSolarisAndMicrosoftWindows ThirdPartyProducts,e.g.NokiaIPFirewalls SupportsOtherManufacturersFirewalls,e.g.Cisco ManagementAndFirewallModules PolicyIsConfiguredOnManagementModule PolicyIsDeployedToFirewallModulesAndOtherFirewalls NoSingleConfigurationFile NotStoredInASingleLocation LookForconfOrdatabaseDirectories

    Copyright2008IanVenturaWhiting

    http://nipper.tit
    Page10

    Nipper

    AuditingNetworkDevices

    withNipper

    12

    Copyright2008IanVenturaWhiting

    http://nipper.tit
    Page10

    Nipper

    AuditingNetworkDevices

    withNipper
    SecurityAuditing

    12

    CheckPointVPN1/Firewall1

    Copyright2008IanVenturaWhiting

    http://nipper.tit
    Page11

    Nipper

    AuditingNetworkDevices

    withNipper

    12

    AuditingCheckPointVPN1/Firewall1...

    Demonstration

    Copyright2008IanVenturaWhiting

    http://nipper.tit
    Page12

    Nipper
    CiscoASAFirewalls CiscoCatOSBasedCatalysts

    AuditingNetworkDevices

    withNipper

    12

    Nipper0.11.6SupportsAllTheseDevices

    BayNetworksAccelar CheckPointVPN1/Firewall1 JuniperNetScreenFirewalls NokiaIPFirewalls NortelPassport SonicWALLFirewalls

    CiscoContentServicesSwitch CiscoFirewallServicesModule CiscoIOSBasedCatalysts CisocIOSBasedRouters CiscoNMPBasedCatalysts CiscoPIXFirewalls

    Copyright2008IanVenturaWhiting

    http://nipper.tit
    Page13

    Nipper

    AuditingNetworkDevices

    withNipper
    WhatNipper0.11.6

    12

    DoesNotDo...

    withNipper
    WhatNipper0.11.6

    DoesNotDo...

    IdentifyClearTextProtocolsInFilterConfiguration IdentifyDestinationServiceRangesInFilters VPNConfiguration ProtocolAnalysis WirelessRoutingConfigurations BruteForceStrongEncryptionPasswords DeviceSupportVaries

    Copyright2008IanVenturaWhiting

    http://nipper.tit
    Page14

    Nipper

    AuditingNetworkDevices

    withNipper
    TheFutureof

    12

    Nipper

    IdentifyMoreNetworkFilteringIssues AuditProtocolAnalysis AuditVPNConfigurationSettings AuditEncryptionSettings ConsistancyAcrossDeviceTypes SupportForMoreDevices CompliancyChecking

    ImprovedEfficiency NipperLibrary NipperGUI(Linux,Windows&O InternationalisationReady(i18n) ImprovedHTMLOutput ImprovedLatexOutput ImprovedReportContent

    CompliancyChecking

    ImprovedReportContent

    Copyright2008IanVenturaWhiting

    http://nipper.tit
    Page15

    Nipper
    Example:Improvementsto

    AuditingNetworkDevices

    withNipper

    12

    SNMPAuditing
    Nipper0.12.0 ClearTextSNMPInUse Nipper0.11.6 SNMPVersion1/2cInUse WeakCommunityString DictionaryBasedCommunityString WeakCommunityString DictionaryBasedCommunityString DefaultCommunityString SNMPConfiguredWithoutFiltering SNMPWriteAccessEnabled SNMPSystemShutdownEnabled SNMPTFTPListNotConfigured SNMPViewNotConfigured
    Copyright2008IanVenturaWhiting http://nipper.tit
    Page16

    Nipper
    CiscoASAFirewalls CiscoCatOSBasedCatalysts

    AuditingNetworkDevices

    withNipper

    12

    BayNetworksAccelar CheckPointVPN1/Firewall1

    CiscoContentServicesSwitch

    CiscoCatOSBasedCatalysts CiscoContentServicesSwitch CiscoFirewallServicesModule CiscoIOSBasedCatalysts CisocIOSBasedRouters CiscoNMPBasedCatalysts CiscoPIXFirewalls

    BayNetworksAccelar CheckPointVPN1/Firewall1 JuniperNetScreenFirewalls NokiaIPFirewalls NortelPassport SonicWALLFirewalls EntrasysSwitches&Routers

    3ComSuperStackSwitches NortelAlteonFirewall NortelBayStackSwitches NortelContivityVPNRouter

    FoundrySwitches FortinetFortigateFirewalls HPProcurveSwitches WatchGuardFirewalls

    Copyright2008IanVenturaWhiting

    http://nipper.tit
    Page17

    Nipper

    AuditingNetworkDevices

    Anda mungkin juga menyukai