if you are willing to entertain commercial solutions,
then check out
www.algosec.com
you download the config and run it through the AlgoSec Firewall Analyzer
and get a full risk assessment of the rules, plus lots more.
Disclaimer: I created this technology so I'm very biased.
Avishai
On 1/19/07, Michal Merta <michal.merta@gmail.com> wrote:
> Hi Mahesh,
>
> I was thinking about something more complex.
> And I don't have to use netscreen command line only, can download it
> and process on linux machine (ie. perl script).
> Any other ideas?
> Michal
>
> On 1/19/07, Mahesh <mahesh@tiscali.co.uk> wrote:
> > Hi Michael,
> >
> > I can't quite work out the syntax of regular expressions on the Netscreens
> > and the archive search on qorbit.net seems to be broke but something as
> > simple as the following might work for you: -
> >
> > get conf | inc \"ANY"
> >
> > Regards,
> > -Mahesh
> >
> >
> >
> > -----Original Message-----
> > From: nn-bounces@qorbit.net [mailto:nn-bounces@qorbit.net] On Behalf Of
> > Michal Merta
> > Sent: 19 January 2007 07:39
> > To: nn@qorbit.net
> > Subject: [nn] rules assessment
> >
> > Hi all,
> >
> > is there any script/tool for netscreen rules assessment?
> > Suppose I have config file and don't want to check all the rules manually.
> > Simply want to find rules with "any" in service, etc.
> >
> > Thanks
> > Regards, Michal
> >
> > --
> > Michal Merta
> > Security Assessment and Compliance Senior Consultant
> > http://www.misuta.cz
> >
> > The information contained in this electronic message and any
> > attachments to this message are intended for the exclusive use of the
> > addressee(s) and may contain proprietary, confidential or privileged
> > information. If you are not the intended recipient, you should not
> > disseminate, distribute or copy this e-mail. Please notify the sender
> > immediately and destroy all copies of this message and any
> > attachments.
> > _______________________________________________
> > nn mailing list
> > nn@qorbit.net
> > http://qorbit.net/mailman/listinfo/nn
> >
> >
>
>
> --
> Michal Merta
> Security Assessment and Compliance Senior Consultant
> http://www.misuta.cz
>
> The information contained in this electronic message and any
> attachments to this message are intended for the exclusive use of the
> addressee(s) and may contain proprietary, confidential or privileged
> information. If you are not the intended recipient, you should not
> disseminate, distribute or copy this e-mail. Please notify the sender
> immediately and destroy all copies of this message and any
> attachments.
> _______________________________________________
> nn mailing list
> nn@qorbit.net
> http://qorbit.net/mailman/listinfo/nn
>
_______________________________________________
nn mailing list
nn@qorbit.net
http://qorbit.net/mailman/listinfo/nn
|