Solved

Software to audit Cisco ASA Firewalls?

Posted on 2012-03-26
4
1,689 Views
Last Modified: 2012-03-26
We are having an outside firm do an internal vulnerability assessment. Can anyone give me a good software to use for free, trial, or purchase that will scan our Cisco ASA Firewalls?

I am looking for something that will scan a configuration that is uploaded and also do a brute force direct scan on the hardware.
0
Comment
Question by:First Last
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 6

Expert Comment

by:netjgrnaut
ID: 37767977
...brute force direct scan on the hardware.

What does that mean?  "Brute force" typically implies password cracking.  Which has nothing to do with hardware.  And can be executed against an offline configuration.

So... the EE terms of service prohibit posting links to "hacking" tools here.

I'd suggest Metasploit if you want to test the ASA OS revision for known bugs.

A quick Google of "crack cisco password" should take you to the other tools.

Not exactly "auditing" - but the closest I can come based on the question.

If you're talking about port scanning *through* the ASA to the internal network, then that's a horse of a different color...
0
 
LVL 1

Author Comment

by:First Last
ID: 37767998
I already tested the ports going through the ASA. They only allow ports 80, 443, and some other ones we use.

Each year our auditor comes with some software, uploads our configure, then it highlights stuff in red and states why it is a problem. I was hoping to find a similar software.

All i'm doing is verifying the ios is updated, the accounts are secure, and we have the basic ips turned on. Not sure what else to do.
0
 
LVL 6

Accepted Solution

by:
netjgrnaut earned 500 total points
ID: 37768025
http://security.stackexchange.com/questions/1982/automated-tools-for-cisco-ios-config-auditing

I don't think that will upset any of the mods here at EE.

Several good resources there.

Hope that helps!
0
 
LVL 1

Author Closing Comment

by:First Last
ID: 37768491
This is a good start for auditing the ASA. Thank you very much!
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
replacing 2811 to ISR 4331 2 47
Resource timeout across a VPN 9 30
Password recovery 2960S 4 35
Ping in Fortigate 2 39
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question