Your SlideShare is downloading. ×
0
Router Defense - BRUcon 2010
Router Defense - BRUcon 2010
Router Defense - BRUcon 2010
Router Defense - BRUcon 2010
Router Defense - BRUcon 2010
Router Defense - BRUcon 2010
Router Defense - BRUcon 2010
Router Defense - BRUcon 2010
Router Defense - BRUcon 2010
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Router Defense - BRUcon 2010

1,044

Published on

Router Defense

Router Defense

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,044
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
13
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Router Defense Cisco IOS security assessment tool Lightning talk day 2 - 2010
  • 2. Operational security Did you ever seen a Cisco network device with security BCP enforced? « The network is more powerful than the node »
  • 3. The network moves Network (re)design Configuration changes Compromised network devices Network usage (Software update policy, devs plays with mcast) RouterDefense will adapt Recurrent assesment schedule for teh win
  • 4. Threat base reference model Enterprise/Service providers networks agnostic IPv4/IPv6/MPLS Cisco Guide to Harden Cisco IOS Devices (Cisco) Cisco IOS Switch Security Configuration Guide (NSA) Tool's author experience 0-dayz vendor EPIC FAIL proactive prevention (cisco-sa-20100707-snmp)
  • 5. Features Reads Cisco IOS config with a security mindset Management, control, data planes Stdout, HTML(5+CSS3), CSV, PDF output Three-tier architecture Router/switch scenarii IOS versioning CVSS base vectors scoring 138 tests
  • 6. Demo
  • 7. HTML output
  • 8. Router Defense tool Written in python during spare time wc -l *.{py,xml} | tail -1 | awk '{ print $1}' 9336 Version 0.2 Available at Google Code http://code.google.com/p/routerdefense/
  • 9. $ whoami Francois Ropert Topics of interest: network protocols and devices security Feel free to ping6 me at: http://www(6).packetfault.org @pello

×