Solved

Software to audit Cisco ASA Firewalls?

Posted on 2012-03-26
4
1,596 Views
Last Modified: 2012-03-26
We are having an outside firm do an internal vulnerability assessment. Can anyone give me a good software to use for free, trial, or purchase that will scan our Cisco ASA Firewalls?

I am looking for something that will scan a configuration that is uploaded and also do a brute force direct scan on the hardware.
0
Comment
Question by:First Last
  • 2
  • 2
4 Comments
 
LVL 6

Expert Comment

by:netjgrnaut
ID: 37767977
...brute force direct scan on the hardware.

What does that mean?  "Brute force" typically implies password cracking.  Which has nothing to do with hardware.  And can be executed against an offline configuration.

So... the EE terms of service prohibit posting links to "hacking" tools here.

I'd suggest Metasploit if you want to test the ASA OS revision for known bugs.

A quick Google of "crack cisco password" should take you to the other tools.

Not exactly "auditing" - but the closest I can come based on the question.

If you're talking about port scanning *through* the ASA to the internal network, then that's a horse of a different color...
0
 
LVL 1

Author Comment

by:First Last
ID: 37767998
I already tested the ports going through the ASA. They only allow ports 80, 443, and some other ones we use.

Each year our auditor comes with some software, uploads our configure, then it highlights stuff in red and states why it is a problem. I was hoping to find a similar software.

All i'm doing is verifying the ios is updated, the accounts are secure, and we have the basic ips turned on. Not sure what else to do.
0
 
LVL 6

Accepted Solution

by:
netjgrnaut earned 500 total points
ID: 37768025
http://security.stackexchange.com/questions/1982/automated-tools-for-cisco-ios-config-auditing

I don't think that will upset any of the mods here at EE.

Several good resources there.

Hope that helps!
0
 
LVL 1

Author Closing Comment

by:First Last
ID: 37768491
This is a good start for auditing the ASA. Thank you very much!
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Netgear switch to Cisco switch VLAN not passing traffic 8 35
Possible RST Flood on IF X0 Sonicwall 6 175
Trunk and Port Security 4 40
CISCO Smartnet agreement 5 8
Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now