Fanboys on AV for Mac: "ludicrous" "a waste of time" "The Mac will protect me" "the most secure ever" "impenetrable" http://t.co/a1o2Sz7E
1 hour ago by defintel on twitter
Breaking News: CFOs increasingly involved in IT investment decisions
ZDNet / Techguide / Network Admin
Audit your Cisco router's security with Nipper
Summary
Find out more about Nipper, an open source network devices security auditing tool, and why companies can benefit from it.
Events
Echelon 2012
June 11 and 12, 2012
University Cultural Centre, National University of Singapore
Startup Asia Jakarta 2012
June 7 and 8, 2012
12th Floor, Annex Building, Wisma Nusantara Complex, Jl. M.H. Thamrin No. 59 Jakarta 10350, Indonesia
MMA Forum Singapore
April 23-25, 2012
Grand Hyatt Singapore
While recently talking with a fellow network admin, I learned about Nipper. While there are many tools available to perform security audits of network devices, Nipper is unique. Let me show you why.
What is Nipper?
Short for Network Infrastructure Parser, Nipper is an open source network devices security auditing tool. One benefit of being open source is that it's free.
Previously known as CiscoParse, Nipper isn't especially polished, but it is very functional. It was easy to install and easy to use, and it did exactly what it said it would do.
Even more impressive is that it works with many different types of network devices (and not just Cisco). Here's a list of compatible network devices that Nipper can audit:
- Cisco switches (IOS)
- Cisco routers (IOS)
- Cisco firewalls (PIX, ASA, FWSM)Â
- Cisco Catalyst switches (NMP, CatOS, IOS)
- Cisco Content Service Switches (CSS)
- Juniper NetScreen Firewalls (ScreenOS)
How do you use Nipper?
Nipper supports a lot of devices and boasts a ton of options, so I can't possibly demonstrate all that it can do. But I can give you a basic demonstration. For our example, we'll use Nipper to audit a Cisco router that has only the default configuration.
To begin, I took a Cisco 2600 Series router, cleared the configuration, and rebooted it. Then, the process of auditing the router begins.
First, download Nipper from SourceForge.net -- it's available for both Windows and Linux. Extract it to a folder on your local PC; let's call it C:\nipper.
Next, obtain a text version of the router's configuration file. Telnet or SSH to the router, use the show running-configuration command, copy and paste the output into Notepad, and save it to your local PC in the aforementioned C:\nipper directory.
Alternatively, you can use a TFTP server and copy the configuration to your local PC. For example, I tried this using Tftpd32.exe, and it was both quick and easy. Use the copy running-configuration tftp command.
Once you have the running configuration that you want to audit on your PC, go to the Windows command prompt, and CD into the Nipper directory. Run the following, as shown in Figure A:
nipper --ios-router --input=testrouterconfig.txt --output=audit.htmlFigure A
The system will immediately return you to the command prompt without providing any information. But don't worry -- it worked.
Next, open a Web browser and enter this URL: c:\nipper\audit.html. This will take you to the security report. Figure B offers a screenshot of the audit.
Figure B
What does Nipper tell you?
Scrolling through this report, you'll see that Nipper provides security audit information such as:
- A software version that has vulnerabilities and the reference numbers for those vulnerabilities
- Recommendations to disable services that might cause others to be able to access the router
- Commands that you need to enable to secure the router
For our example, Nipper told us that we need to do the following:
- Upgrade the router's IOS needs to prevent vulnerability to a Telnet remote DoS attack and a TCP listener DoS attack.
- Configure the service tcp-keepalives-in command to help prevent a DoS attack.
- Configure timeouts on consoles to prevent anyone from gaining access to the router from a Telnet or console session.
- Configure the HTTP service as secure with HTTPS, and enable authentication.
- Enable logging.
In addition to several other recommendations, Nipper provided a summary of the device's configuration -- what services are turned on or off, status of the lines, status of the interfaces, DNS, time zone, and more. Check out the actual report from our example.
Considering that it's so small, simple, and free, Nipper is an amazingly powerful network device security auditing tool. For help with Nipper, run the C:\nipper\nipper -help command at the command prompt after you've downloaded, extracted, run the program.
David Davis has worked in the IT industry for 12 years and holds several certifications, including CCIE, MCSE+I, CISSP, CCNA, CCDA, and CCNP. He currently manages a group of systems/network administrators for a privately owned retail company and performs networking/systems consulting on a part-time basis.
Resource Centre Useful content from our premier sponsors
Network Admin TechGuides
5 tips to help prevent networking configuration oversights
3 PowerShell queries to obtain critical system information
Network security: 7 tips for desktop malware first responders
Fix slow workstations with this tune-up checklist
5 most overlooked networking configuration items
Disabling indirect file transfer through remote desktop
Delegating DNS record write permissions
Identify network settings applied via Group Policy
Set an icon to identify your network
SNMP security: Maligned or ignored, but useful for risk management
ZDNet Asia Live
RT @ameliatmy: the hottest angel investment & venture capital event in #MALAYSIA! will u be there? http://t.co/ChSjkmzu #ABAF
1 hour ago by seraphine on twitter
Singapore Game Box in the ZDnet news!
http://t.co/UuTs0SqX http://t.co/YdPKmm39
RT @zdnetasia: SingTel acquires HungryGoWhere for US$9.4 million. http://t.co/Qho1REVZ
2 hours ago by molobok on twitter
Gartner: Mobile CRM gives better ROI than social - http://t.co/s5OfTAXK #CRM
2 hours ago by RichBohn on twitter
RT @zdnetasia: S'pore sets up portal to grow games sector. http://t.co/In8gtj7L
2 hours ago by molobok on twitter
#Malaysia: 20% yoy rise in overall #wages for both direct and non-direct labor. http://t.co/5T2e0LUU
3 hours ago by mikebuetow on twitter
RT @mikebuetow: #Malaysia: 20% yoy rise in overall #wages for both direct and non-direct labor. http://t.co/5T2e0LUU
3 hours ago by PhotoStencilLLC on twitter
@88tc88 RT @KevinZDNetAsia: User experience more important to app monetization than actual content http://t.co/ogbD5wyI… #li #dm12
3 hours ago by eelisam on twitter
Dubbed the first social #Olympics, this year's summer games have some of the strictest social rules for all involved http://t.co/4HlcqhW3
3 hours ago by 5Loom on twitter
Value of big data analytics largely untapped - Zd Net http://t.co/ZuhPrCN4: Pushing cloud limits for d... http://t.co/VyOU0vHz #TheBIBlog
3 hours ago by nextbi on twitter
Value of big data analytics largely untapped http://t.co/026PCpSc @zdnetasia
4 hours ago by data_nerd on twitter
RT @data_nerd: Value of big data analytics largely untapped http://t.co/026PCpSc @zdnetasia
4 hours ago by alexandrearrigh on twitter
Active WebTraffic - Downloads - ZDNet Asia: Active WebTraffic is a web promotion tool that includes ... http://t.co/fMJepPh8 #webtraffic
4 hours ago by Hits9auto on twitterSo much as we know , MTK6575 extremely integrated frequency1GHz ARM Cortex-A9 processor, the superiority of 3G / HSPA Modem, and help the...
14 hours ago by y15822137359 on 5 SaaS adoption speed bumps to avoidI reckon your view: "CRM is strategy, not software", if a company replicating the approach uses in ERP implementation into CRM, what they...
1 day ago by wykoong on Gartner: Mobile CRM gives better ROI than socialThis video will teach you about the Excel fill handle but also provide you with a workook to download... http://www.youtube.com/watch?v=...
2 days ago by TradeBrother on A quick fill handle trick for Microsoft Excelwaiting...
4 days ago by eapete on What should count in a company's market value?Boy, you've opened a can of worms now.
Wait for the rants & raves.
I was puzzling before this whether to replicate the success formula we executed for a financial institute, and come out with a standard s...
4 days ago by wykoong on Drop the egos, copy ideas, then innovateKeep up with ZDNet Asia
Facebook 
RSS Feeds 
Newsletters 
Twitter Whitepapers
Downloads
Network Admin News
Inside ZDNet Asia
Sponsored
Echelon 2012 - The Awesomer Tech Event in Asia
Echelon 2012 – SEA’s longest running tech startup event goes Awesomer. Catch 50 of Asia’s most promising startups & over 40 international speakers on June 11-12.
Startup Asia Jakarta showcases new product-ready tech startups. Plus: hackathon, exhibition, and speakers. Use promo code CBSi50 for 50% discount.
ZDNet Asia Intelligent Singapore video series
Featuring inteviews with CXOs who define "intelligence" in their markets and reveal how their companies drive business efficiencies through ICT.
