InfoSecter Device Support

InfoSecter operates on configurations from a variety of security device vendors. Rather that communicating with the security devices directly most of the InfoSecter tools work on files that contain information about a device's configuration (either the current configuration, a past configuration, or a potential future configuration). Many organizations already have a process for managing device configurations, and InfoSecter can adapt to those processes. In the detailed device notes, we present options for accessing a device's configuration for organizations that do not already have a configuration management process.

The configuration of a security device is sensitive information. With the details of a security device's configuration, an attacker knows exactly what your organization is protecting and what it is not. The attacker can also gain insight in how your network is structured. Therefore, when using InfoSecter, you must be careful about how your device configuration files are stored. For example, they should not be stored in a shared directory accessible to all.

InfoSecter attempts to parse all commands in a configuration (with some expections noted in the detailed machine notes). It builds a model of packet processing concentrating on the firewall, IPSec, and protocol analysis features of the device.

Here are more specific notes about using InfoSecter with specific types of devices.

• Cisco PIX, ASA, and FWSM
• IOS
• Juniper Netscreen
• CheckPoint
• Iptables