TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
----------------------------------------------------------------------------
A round of beer for the gentleman from down under - Fosters? Let us know.
BTW, can somebody give me a link to the Perl for the CKPT?
thanks, Ray
-----Original Message-----
From: mclass [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, June 21, 2000 9:22 PM
To: Stephen Cooper
Cc: [EMAIL PROTECTED]
Subject: RE: ISS RealSecure .policy file reports
TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any
problems!
----------------------------------------------------------------------------
Hi Stephen
Well it just so happens that I am in the process of writing a perl script to
do JUST WHAT YOU want....
Basically I also want to be able to parse the .policy files and report on
them.
The script is in progress and should be complete in a couple of days.
Will post you a copy.
Regards
MARC CLASS
MNET Australia Pty. Ltd
Melbourne Australia
>===== Original Message From "Stephen Cooper" <[EMAIL PROTECTED]> =====
>TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
>[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any
problems!
>---------------------------------------------------------------------------
-
>
>Hello!!
>
>Those of you familiar with Checkpoint Firewall-1 may have seen a series of
Perl 5 scripts which take that products configuration files (ie the .W and
objects.C files) and turn them into a human readable report of the firewall
rules and list of Firewall objects.
>
>What I am wondering is if someone out there in the ISS community has done
something similar for ISS RealSecure .policy files?
>
>If they have, would they be willing to share their code with me / all of
us?
>
>If they havent.....are there any Perl gurus willing to take up the
challenge?
>
>Essentially, what personnally think would look cool is a view very similar
to
that which you get in the Policy Editor when you click on the Class of
decode
and you can see all the decodes for that class and what actions are
configured
for those decodes.
>
>In the lh window: In the rh
window
>
>Security Events
> Event Class Enabled /
Event Name / Priority / Response(s) / Brief Descriptions
>
>Actually, I want this so that I can provide Operations with a quick view of
what each decode has done. A view you just cant get easily within the
console
without opening the policy editor. Not something I want an operator to do.
>
>Something like "decode name / enabled / priority / Responses configured
(and
to which OPSEC firewall)" in one long report.
>
>This will be valuable in the upcoming RS 5.0 release I am sure, where we
will
Xpress Updates adding new things to our policy files and change control
becomes even harder than it already is!!
>
>
>
>
>
>Stephen J. Cooper
>Senior Systems Analyst
>Bank for International Settlements
>Phone: +41 61 2806792
>Fax: +41 61 2809100
[EMAIL PROTECTED]
