Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Software to audit Cisco ASA Firewalls?

Posted on 2012-03-26
4
Medium Priority
?
1,828 Views
Last Modified: 2012-03-26
We are having an outside firm do an internal vulnerability assessment. Can anyone give me a good software to use for free, trial, or purchase that will scan our Cisco ASA Firewalls?

I am looking for something that will scan a configuration that is uploaded and also do a brute force direct scan on the hardware.
0
Comment
Question by:First Last
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 6

Expert Comment

by:netjgrnaut
ID: 37767977
...brute force direct scan on the hardware.

What does that mean?  "Brute force" typically implies password cracking.  Which has nothing to do with hardware.  And can be executed against an offline configuration.

So... the EE terms of service prohibit posting links to "hacking" tools here.

I'd suggest Metasploit if you want to test the ASA OS revision for known bugs.

A quick Google of "crack cisco password" should take you to the other tools.

Not exactly "auditing" - but the closest I can come based on the question.

If you're talking about port scanning *through* the ASA to the internal network, then that's a horse of a different color...
0
 
LVL 1

Author Comment

by:First Last
ID: 37767998
I already tested the ports going through the ASA. They only allow ports 80, 443, and some other ones we use.

Each year our auditor comes with some software, uploads our configure, then it highlights stuff in red and states why it is a problem. I was hoping to find a similar software.

All i'm doing is verifying the ios is updated, the accounts are secure, and we have the basic ips turned on. Not sure what else to do.
0
 
LVL 6

Accepted Solution

by:
netjgrnaut earned 2000 total points
ID: 37768025
http://security.stackexchange.com/questions/1982/automated-tools-for-cisco-ios-config-auditing

I don't think that will upset any of the mods here at EE.

Several good resources there.

Hope that helps!
0
 
LVL 1

Author Closing Comment

by:First Last
ID: 37768491
This is a good start for auditing the ASA. Thank you very much!
0

Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You deserve ‘straight talk’ from your cloud provider about your risk, your costs, security, uptime and the processes that are in place to protect your mission-critical applications.
This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question