14 March 2008 | 22,912 views

Nipper 0.11.5 Released – Network Device Configuration Security Auditing Tool

Check Your Web Security with Acunetix

Nipper performs security audits of network device configuration files. The report produced by Nipper includes; detailed security-related issues with recommendations, a configuration report and various appendices. Nipper has a large number of configuration options which are described on this page

Nipper currently supports the following device types:

  • Cisco Switches (IOS)
  • Cisco Routers (IOS)
  • Cisco Firewalls (PIX, ASA, FWSM)
  • Cisco Catalysts (NMP, CatOS, IOS)
  • Cisco Content Service Switches (CSS)
  • Juniper NetScreen Firewalls (ScreenOS)
  • CheckPoint Firewall-1 (FW1)
  • Nokia IP Firewalls (FW1)
  • Nortel Passport Devices
  • SonicWALL SonicOS Firewalls (SonicOS)

The security audit includes details of the findings, together with detailed recommendations. The security audit can be modified using command lineparameters or an external configuration file.

Network filtering audits include the following, all of which can be modified:

  • Rule lists end with a deny all and log
  • Rules allowing access from any source
  • Rules allowing access from network sources
  • Rules allowing access from any source port
  • Rules allowing access to any destination
  • Rules allowing access to destination networks
  • Rules allowing access to any destination service
  • Rules that do not log
  • Deny rules that do not log
  • Rules that are disabled
  • Rules that reject rather than drop
  • No bypass rules exist
  • Default rules

This update (0.11.5) includes improvements to support for Cisco PIX / ASA / FWSM firewalls, SonicWALL SonicOS firewalls, CheckPoint Firewall-1 and Nokia IP firewalls. It also includes a host of other updates.

The output from Nipper can be in HTML, Latex, XML or Text formats. Furthermore, Nipper will reverse any Cisco type-7 passwords identified, all other encrypted passwords can be output to a John-the-Ripper file for further strength testing. By default, input is retrieved from stdin and is output (in HTML format) to stdout.

Nipper is available for Linux, Windows and other platforms. You can download Nipper here:

Nipper 0.11.5

Or read more here.



Recent in Hacking Tools:
- masscan – The Fastest TCP Port Scanner
- drozer – The Leading Security Testing Framework For Android
- tinfoleak – Get Detailed Info About Any Twitter User

Related Posts:
- Lynis v1.6.0 Released For Download – Linux Security Auditing Tool
- Lynis 1.2.6 Released – UNIX System & Security Auditing Tool
- Lynis – Security & System Auditing Tool for UNIX/Linux

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,869,791 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,060,307 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 624,948 views

Low-cost VPS Hosting

Comments are closed.