Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4591
Views
10
Helpful
5
Replies

ASA firewall penetration testing

paulnigel
Level 1
Level 1

‎06-14-2007 04:14 PM - edited ‎03-11-2019 03:30 AM

Hi forum,

Due to SOX requirements, we are supposed to perform penetration testing on the firewall to ensure it is working as accordingly. There are tons of info on the web, I am almost complete novice at this, I would appreciate if you could advise me on how should I go about doing this? I need to write a procedure to do this yearly.

Kind regards,

PN

1 person had this problem
Labels:
0 Helpful
5 Replies 5

srue
Level 7
Level 7

‎06-14-2007 06:43 PM

download Nessus ( http://www.nessus.org/ ) - the free version. It's one of the better scanners for it's price (free). The biggest difference between the free version and the licensed version is updates are delayed a week for the free version.

lots of good options and tests for TONS of vulnerabilities.

anandramapathy
Level 3
Level 3
In response to srue

‎06-14-2007 11:01 PM

There is a GUI frontend which works well once it is configured. YOu can try that too.

It is called INPROTECT. Try that out.

paulnigel
Level 1
Level 1
In response to anandramapathy

‎06-14-2007 11:05 PM

Thank you everyone for being so helpful. :>

Thanks much,

0 Helpful

rcoleman67
Level 1
Level 1
In response to srue

‎04-03-2020 04:57 PM

A vulnerability scan is NOT penetration testing. It's sad that professionals would comment/recommend such an action without freaking knowing the difference between vulnerability scanning and penetration testing. Vulnerability scanners are automated tools looks for specific (often known) vulnerabilities in given technologies. Penetration testing is actually performing tests to evaluation vulnerabilities found by scanners, but much more importantly perform tests to compromise systems that are most often not enumerated or disclosed with the scanners.

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to rcoleman67

‎04-03-2020 08:54 PM

@rcoleman67 this thread is 13 years old. The state of maturity in the pen testing world is a bit different now than it was in 2007.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card