cancel
Showing results for 
Search instead for 
Did you mean: 
gooru4speed
Not applicable
Report Inappropriate Content
Message 1 of 5

Scaning Cisco Router

Jump to solution

I need advice to scan a Cisco Router. I'm looking for vulnerabilities and good practices policy scan in order to detect username with no password or by default SNMP community names.

What kind of scan would you suggest for vulnerabilities router and for policy checks as I mentioned before?

Best Regards.

JR

1 Solution

Accepted Solutions
cgrim
Not applicable
Report Inappropriate Content
Message 5 of 5

Re: Scaning Cisco Router

Jump to solution

Hi gooru4speed,

We don't have any policy checks for IOS.  You should submit a Product Enhancement Request:

https://secure.nai.com/apps/downloads/products/product.asp select McAfee Vulnerability Manager (Foundstone)

-Cathy

4 Replies
karthikeyan-p
Not applicable
Report Inappropriate Content
Message 2 of 5

Re: Scaning Cisco Router

Jump to solution

Hi ,

select full scan from template and in Vul set select ->general -> Network. below are available vul set for SNMP related vulnerablities.

Cisco IOS SNMP Message Handling Multiple Vulnerabilities

Cisco IOS SNMP solicited Message Processing Denial-of-Service

Cisco IOS SNMP Trap Handling

Cisco IOS SNMPv3 Authentication Bypass Vulnerability

Cheers,

karthik

gooru4speed
Not applicable
Report Inappropriate Content
Message 3 of 5

Re: Scaning Cisco Router

Jump to solution

Hi Karthik,

thanks for your reply. What you suggested is good for SNMP vulnerabilities but what I'm looking for is detection of wrong configurations that could impact in security policies that's why I think I have to do a "Compliance" scan but I don't know which one of McAfee templates apply.

Regards,

JR

karthikeyan-p
Not applicable
Report Inappropriate Content
Message 4 of 5

Re: Scaning Cisco Router

Jump to solution

I am not sure this tool will help out verify best practice configuration or dectecting wrong configuration. Also most of the compliance templates available are for OS only. not for IOS. you can check Algosec tool which may help you.

cgrim
Not applicable
Report Inappropriate Content
Message 5 of 5

Re: Scaning Cisco Router

Jump to solution

Hi gooru4speed,

We don't have any policy checks for IOS.  You should submit a Product Enhancement Request:

https://secure.nai.com/apps/downloads/products/product.asp select McAfee Vulnerability Manager (Foundstone)

-Cathy

McAfee ePO Support Center Plug-in
Check out the new McAfee ePO Support Center. Simply access the ePO Software Manager and follow the instructions in the Product Guide for the most commonly used utilities, top known issues announcements, search the knowledgebase for product documentation, and server status and statistics – all from within ePO.