February 12, 2009
How to Parse Firewall Configs with Nipper.
Who said analyzing firewalls and network devices was something tedious and cumbersome?
Well your problems are over: Introducing Nipper, the network device configuration
parser. I have found that nipper aids tremendously in helping audit and analyze network
devices during our assessments, reducing tremendously the time it takes to analyze
a network device configuration file. Nipper offers comprehensive and detailed reports
which anyone can understand. Nipper helps security administrators to check their network
devices for known vulnerabilities and configuration flaws, and attending the need
for industry standards and compliance controls such as PCI, HIPAA, ISO and BITS, and
the best part of using Nipper is the fact that this tool is absolutely free.
Content Services Switch.
Security Applicances (PIX, ASA and FWSM)
to use Nipper
Nipper for free at : http://sourceforge.net/forum/forum.php?forum_id=722046
the file to a working directory ex: c:nipper
the command line ( start > run > cmd )
a folder inside the working directory called config ( c:nipperconfig )
a copy of your device’s config file.
on how to get the config of a Cisco Router.
on to the device IOS or Console.
with your credentials.
at the command line: show
the contents displayed.
-> run -> notepad)
the contents onto notepad and save it as
of device type and Output:
|–IOS-CATALSYT||HTML / XML|
|–CATOS||HTML / XML|
|–CSS||HTML / XML|
/ PIX / FWSM)
|–PIX– ASA–FWSM||HTML / XML|
|–SCREENOS||HTML / XML|
|–NOKIA||HTML / XML|
|–PASSPORT||HTML / XML|
|–SONICOS||HTML / XML|
|–IOS-ROUTER||HTML / XML|
of a Nipper report:
is an example of a Nipper HTML Report.
Functionalities and Benefits:
a series of recommendations to disable services that might lead to unauthorized access
to the router or network.
device OS version for vulnerabilities linking them to known vulnerability Databases.
and recommendations to harden the network devices.
configure logging and monitoring.