Blog
Keeping compliant with the myriad of regulations that currently abound is one of the major challenges facing the enterprise and its leaders today.

Tevora Blog

  • Archives

Tevora has offices at the following locations:

Southern California: (Headquarters)

One Spectrum Pointe Drive, Suite 200
Lake Forest, California 92630.
Tel: 949.250.3290
Fax: 949.250.9993
Email: info@tevora.com
Driving directions

How to Parse Firewall Configs with Nipper.

Thursday, 12 February 2009 by

Who
said analyzing firewalls and network devices was something tedious and cumbersome?
Well your problems are over: Introducing Nipper, the network device configuration
parser. I have found that nipper aids tremendously in helping audit and analyze network
devices during our assessments, reducing tremendously the time it takes to analyze
a network device configuration file. Nipper offers comprehensive and detailed reports
which anyone can understand. Nipper helps security administrators to check their network
devices for known vulnerabilities and configuration flaws, and attending the need
for industry standards and compliance controls such as PCI, HIPAA, ISO and BITS, and
the best part of using Nipper is the fact that this tool is absolutely free.

Supported
Devices

· Checkpoint
VPN-1/Firewall-1

· Cisco
Catalysts

· Cisco
Content Services Switch.

· Cisco
Routers

· Cisco
Security Applicances (PIX, ASA and FWSM)

· Juniper
NetScreens Firewalls

· Nokia
IP Firewalls

· Notel
Passports

· Sonicwall
SonicOS Firewalls

How
to use Nipper

1. Download
Nipper for free at :
http://sourceforge.net/forum/forum.php?forum_id=722046

2. Unzip
the file to a working directory ex: c:\nipper

3. Open
the command line ( start > run > cmd )

4. Create
a folder inside the working directory called config ( c:\nipper\config )

b1.JPG

5. Obtain
a copy of your device’s config file.

Example
on how to get the config of a Cisco Router.

A. Log
on to the device IOS or Console.

B. Authenticate
with your credentials.

C. Type
at the command line: show
running config

D. Copy
the contents displayed.

E. Open
notepad (start
-> run -> notepad
)

F. Paste
the contents onto notepad and save it as

.
config

6. Copy
the configuration file created above to the
config directory ( c:\nipper\config)

b2.JPG

7. Open
the command prompt and type the following command
to start the analysis process:

b3.JPG

Command:

Nipper.exe

–input=c:\nipper\config\file.config –output=report_

.html

List
of device type and Output:

Device
Model

Syntax

Output

Cisco
Catalyst (IOS)

–IOS-CATALSYT

HTML / XML
/ TXT

Cisco
Catalyst (NMP/CatOS)

–CATOS

HTML / XML
/ TXT

Cisco
CSS

–CSS

HTML / XML
/ TXT

Cisco
Security Appliance

(ASA
/ PIX / FWSM)

–PIX

– ASA

–FWSM

HTML / XML
/ TXT

Juniper
NetScreen Firewall

–SCREENOS

HTML / XML
/ TXT

Nokia
IP Firewall

–NOKIA

HTML / XML
/ TXT

Nortel
Passport

–PASSPORT

HTML / XML
/ TXT

SONICWALL
SonicOS Firewall

–SONICOS

HTML / XML
/ TXT

Cisco
IOS

–IOS-ROUTER

HTML / XML
/ TXT

Example
of a Nipper report:

Below
is an example of a Nipper HTML Report.

b6.JPG

Nipper
Functionalities and Benefits:

· Provides
a series of recommendations to disable services that might lead to unauthorized access
to the router or network.

· Checks
device OS version for vulnerabilities linking them to known vulnerability Databases.

· Commands
and recommendations to harden the network devices.

· Help
configure logging and monitoring.

· Preform
Security Audits.

· Password
complexity check.

Be Sociable, Share!