Who said analyzing firewalls and network devices was something tedious and cumbersome? Well your problems are over: Introducing Nipper, the network device configuration parser. I have found that nipper aids tremendously in helping audit and analyze network devices during our assessments, reducing tremendously the time it takes to analyze a network device configuration file. Nipper offers comprehensive and detailed reports which anyone can understand. Nipper helps security administrators to check their network devices for known vulnerabilities and configuration flaws, and attending the need for industry standards and compliance controls such as PCI, HIPAA, ISO and BITS, and the best part of using Nipper is the fact that this tool is absolutely free.
Supported Devices
· Checkpoint VPN-1/Firewall-1
· Cisco Catalysts
· Cisco Content Services Switch.
· Cisco Routers
· Cisco Security Applicances (PIX, ASA and FWSM)
· Juniper NetScreens Firewalls
· Nokia IP Firewalls
· Notel Passports
· Sonicwall SonicOS Firewalls
How to use Nipper
1. Download Nipper for free at : http://sourceforge.net/forum/forum.php?forum_id=722046
2. Unzip the file to a working directory ex: c:\nipper
3. Open the command line ( start > run > cmd )
4. Create a folder inside the working directory called config ( c:\nipper\config )
5. Obtain a copy of your device’s config file.
Example on how to get the config of a Cisco Router.
A. Log on to the device IOS or Console.
B. Authenticate with your credentials.
C. Type at the command line: show running config
D. Copy the contents displayed.
E. Open notepad (start -> run -> notepad)
F. Paste the contents onto notepad and save it as .config
6. Copy the configuration file created above to the config directory ( c:\nipper\config)
7. Open the command prompt and type the following command to start the analysis process:
Command:
Nipper.exe -- --input=c:\nipper\config\file.config --output=report_.html
List of device type and Output:
|
Device Model |
Syntax |
Output |
|
Cisco Catalyst (IOS) |
--IOS-CATALSYT |
HTML / XML / TXT
|
|
Cisco Catalyst (NMP/CatOS) |
--CATOS |
HTML / XML / TXT
|
|
Cisco CSS |
--CSS |
HTML / XML / TXT
|
|
Cisco Security Appliance
(ASA / PIX / FWSM) |
--PIX
-- ASA
--FWSM |
HTML / XML / TXT
|
|
Juniper NetScreen Firewall |
--SCREENOS |
HTML / XML / TXT
|
|
Nokia IP Firewall |
--NOKIA |
HTML / XML / TXT
|
|
Nortel Passport |
--PASSPORT |
HTML / XML / TXT
|
|
SONICWALL SonicOS Firewall |
--SONICOS |
HTML / XML / TXT
|
|
Cisco IOS |
--IOS-ROUTER |
HTML / XML / TXT
|
Example of a Nipper report:
Below is an example of a Nipper HTML Report.
Nipper Functionalities and Benefits:
· Provides a series of recommendations to disable services that might lead to unauthorized access to the router or network.
· Checks device OS version for vulnerabilities linking them to known vulnerability Databases.
· Commands and recommendations to harden the network devices.
· Help configure logging and monitoring.
· Preform Security Audits.
· Password complexity check.