Link to home
Start Free TrialLog in
Avatar of First Last
First LastFlag for United States of America

asked on

Software to audit Cisco ASA Firewalls?

We are having an outside firm do an internal vulnerability assessment. Can anyone give me a good software to use for free, trial, or purchase that will scan our Cisco ASA Firewalls?

I am looking for something that will scan a configuration that is uploaded and also do a brute force direct scan on the hardware.
Avatar of netjgrnaut
netjgrnaut
Flag of United States of America image

...brute force direct scan on the hardware.

What does that mean?  "Brute force" typically implies password cracking.  Which has nothing to do with hardware.  And can be executed against an offline configuration.

So... the EE terms of service prohibit posting links to "hacking" tools here.

I'd suggest Metasploit if you want to test the ASA OS revision for known bugs.

A quick Google of "crack cisco password" should take you to the other tools.

Not exactly "auditing" - but the closest I can come based on the question.

If you're talking about port scanning *through* the ASA to the internal network, then that's a horse of a different color...
Avatar of First Last

ASKER

I already tested the ports going through the ASA. They only allow ports 80, 443, and some other ones we use.

Each year our auditor comes with some software, uploads our configure, then it highlights stuff in red and states why it is a problem. I was hoping to find a similar software.

All i'm doing is verifying the ios is updated, the accounts are secure, and we have the basic ips turned on. Not sure what else to do.
ASKER CERTIFIED SOLUTION
Avatar of netjgrnaut
netjgrnaut
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
This is a good start for auditing the ASA. Thank you very much!