Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Translate nipper-ng checks for Cisco to pynipper-ng modules #4

Open
2 tasks
syn-4ck opened this issue Apr 11, 2021 · 0 comments
Open
2 tasks

Translate nipper-ng checks for Cisco to pynipper-ng modules #4

syn-4ck opened this issue Apr 11, 2021 · 0 comments
Assignees
@syn-4ck
Labels
enhancement New feature or request priority/high Issue with high priority project/management Issue managed by contributors to manage the project roadmap/Q2-23 Issues estimated to Q2 (May-Aug) '23
Milestone
Improve Cisco IOS...

Comments

@syn-4ck
Copy link
Owner

syn-4ck commented Apr 11, 2021
edited

Motivation

A new important enhancement for v0.1.0 BETA is include the checks of nipper-ng in the pynipper-ng modules. The translation of this checks (C++ to Python) allows user to have the same level of detection that in nipper-ng.

Acceptance criteria

  • Include new modules for checks: In this moment pynipper-ng only gets SSH and HTTP basic missconfigurations, but nipper gets a lot more.
  • Checks this detection with tests-data

CIS Recommendations

Category Complete?
Local Authentication, Authorization and Accounting (AAA) No
Access rules No
Banner rules Yes
Password rules Yes
SNMP rules No
Login enhancements No
Setup SSH Yes (need enhancements)
Logging rules No
NTP rules No
Loopback rules No
Routing rules Yes
Border routing filtered No
Neighbour Auth No
OSPF Auth No
RIPv2 Auth No
BGP Auth No

Plugins

Based on https://www.cisecurity.org/cis-benchmarks (CIS CISCO IOS 17.x Benchmark)
@syn-4ck syn-4ck self-assigned this Apr 11, 2021
@syn-4ck syn-4ck added the enhancement New feature or request label Apr 11, 2021
@syn-4ck syn-4ck pinned this issue Apr 11, 2021
@syn-4ck syn-4ck added the project/management Issue managed by contributors to manage the project label Apr 17, 2021
@syn-4ck syn-4ck added the priority/high Issue with high priority label Jan 23, 2022
@syn-4ck syn-4ck changed the title Translate nipper-ng checks to pynipper-ng modules Translate nipper-ng checks for Cisco to pynipper-ng modules Apr 14, 2022
@syn-4ck syn-4ck mentioned this issue Aug 23, 2022
Merged
@syn-4ck syn-4ck added the roadmap/Q2-23 Issues estimated to Q2 (May-Aug) '23 label Jan 14, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@syn-4ck syn-4ck

Labels
enhancement New feature or request priority/high Issue with high priority project/management Issue managed by contributors to manage the project roadmap/Q2-23 Issues estimated to Q2 (May-Aug) '23
Projects
None yet
Milestone
Improve Cisco IOS misconfiguration de...
Development

No branches or pull requests
1 participant
@syn-4ck