Cisco ACL Parser v0.04

December 22nd, 2010 3 comments

Greeting all,
Here is a new version of the ACL parser. I fixed a lot of issues with this script. The object groups are now expanded for the PIX and ASA. I have added the attributes for ACL entries for log level, time, and inactive state. I enhanced the remark feature also. The script was verified and test by Anthony, who contacted me after my initial public release v2. Anthony ran the script against an ASA 7.x with ACL that totals over 5000 lines. Here a quote from his response after testing:

“This is truly a parsing masterpiece. This did exactly what I needed and meets all of my requirements perfectly. Had no issues with any of the lines in the over 5000 lines of a single ACL that I ran through it, wonderful! Save me days of work! Seriously!!! Thanks a million. I know this wasn’t easy… especially since your script more than doubled!!”

I hope that you can use the script as well, I know this saves me a lot of time when auditing a router or firewall. In the next release I hope to add support for object groups with IOS ACL’s, and a column for description of how the ACL is applied. If you have any feedback please feel contact me anytime.

Well as luck would have it, there was a small spelling issue. I fixed the script and have here is the updated script.
acl2csv.0.04.pl

Nessus Vulnerability XML Parser v7

December 14th, 2010 9 comments

Greetings ALL,

A few people asked for some changes to the output of the Nessus Vulnerability XML Parser, so I here they are. One High, Medium and Low severity Vulnerability tabs I added the following fields: BID, CVE, OSVDB, Description and Solution. These field can help provide the user with a little more data or aid the priorities given to corrective actions. Also my first contributor added code to put the date on the end of the file names. Thank you very much Whinston, I am very happy to added your contribution to my project.
parse_nessus_xml.v7.pl

Categories: Nessus Tags: ,

Cisco ACL Parser

December 13th, 2010 1 comment

>

Greeting all,
As I work with many firewalls, routers and switches, I have often wished I could parse the ACL’s into a spreadsheet. A few years back I found mangeek’s PIX ACL parser, it can be found at http://mangeek.com/portfolio/pixparser.html. I found it to be a great start to what I was looking for, however the script fell short when using object-groups and names. Also it would not parse the IOS based ACL’s. So a couple years back I made my own version of the tool. My tool was extremely ruff, but it did get the job done enough for my uses. Well, I decided to clean up the tool and fix some of the issues with object groups and names.

So I am now proud to release the ACL2CSV.PL version 0.02. The tool takes the name of a cisco configuration as an argument and then parses the data and returns a CSV file. The CSV file can then be used in your favorite spreadsheet tool for more analysis.

The tool does not do anything special with ACL’s nor does it fully look at how the ACL’s are used. But simply parses the ACL’s for review in a CSV format. I hope you enjoy the tool. I am going to doing more with object groups, inactive ACL’s and other features in the near future.

acl2csv.0.02.pl