cancel
Showing results for 
Search instead for 
Did you mean: 
gooru4speed
Level 10

Scaning Cisco Router

Jump to solution

I need advice to scan a Cisco Router. I'm looking for vulnerabilities and good practices policy scan in order to detect username with no password or by default SNMP community names.

What kind of scan would you suggest for vulnerabilities router and for policy checks as I mentioned before?

Best Regards.

JR

0 Kudos
1 Solution

Accepted Solutions
cgrim
Level 13

Re: Scaning Cisco Router

Jump to solution

Hi gooru4speed,

We don't have any policy checks for IOS.  You should submit a Product Enhancement Request:

https://secure.nai.com/apps/downloads/products/product.asp select McAfee Vulnerability Manager (Foundstone)

-Cathy

0 Kudos
4 Replies

Re: Scaning Cisco Router

Jump to solution

Hi ,

select full scan from template and in Vul set select ->general -> Network. below are available vul set for SNMP related vulnerablities.

Cisco IOS SNMP Message Handling Multiple Vulnerabilities

Cisco IOS SNMP solicited Message Processing Denial-of-Service

Cisco IOS SNMP Trap Handling

Cisco IOS SNMPv3 Authentication Bypass Vulnerability

Cheers,

karthik

0 Kudos
gooru4speed
Level 10

Re: Scaning Cisco Router

Jump to solution

Hi Karthik,

thanks for your reply. What you suggested is good for SNMP vulnerabilities but what I'm looking for is detection of wrong configurations that could impact in security policies that's why I think I have to do a "Compliance" scan but I don't know which one of McAfee templates apply.

Regards,

JR

0 Kudos

Re: Scaning Cisco Router

Jump to solution

I am not sure this tool will help out verify best practice configuration or dectecting wrong configuration. Also most of the compliance templates available are for OS only. not for IOS. you can check Algosec tool which may help you.

0 Kudos
cgrim
Level 13

Re: Scaning Cisco Router

Jump to solution

Hi gooru4speed,

We don't have any policy checks for IOS.  You should submit a Product Enhancement Request:

https://secure.nai.com/apps/downloads/products/product.asp select McAfee Vulnerability Manager (Foundstone)

-Cathy

0 Kudos