TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
----------------------------------------------------------------------------
The Perl scripts are on www.phoneboy.com
>>> "Freiwirth, Ray" <[EMAIL PROTECTED]> 06/23/00 03:26pm >>>
A round of beer for the gentleman from down under - Fosters? Let us know.
BTW, can somebody give me a link to the Perl for the CKPT?
thanks, Ray
-----Original Message-----
From: mclass [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, June 21, 2000 9:22 PM
To: Stephen Cooper
Cc: [EMAIL PROTECTED]
Subject: RE: ISS RealSecure .policy file reports
TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any
problems!
----------------------------------------------------------------------------
Hi Stephen
Well it just so happens that I am in the process of writing a perl script to
do JUST WHAT YOU want....
Basically I also want to be able to parse the .policy files and report ont
hem.
The script is in progress and should be complete in a couple of days.
Will post you a copy.
Regards
MARC CLASS
MNET Australia Pty. Ltd
Melbourne Australia
>===== Original Message From "Stephen Cooper" <[EMAIL PROTECTED]> =====
>TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
>[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any
problems!
>---------------------------------------------------------------------------
-
>
>Hello!!
>
>Those of you familiar with Checkpoint Firewall-1 may have seen a series ofP
erl 5 scripts which take that products configuration files (ie the .W ando
bjects.C files) and turn them into a human readable report of the firewallr
ules and list of Firewall objects.
>
>What I am wondering is if someone out there in the ISS community has dones
omething similar for ISS RealSecure .policy files?
>
>If they have, would they be willing to share their code with me / all of
us?
>
>If they havent.....are there any Perl gurus willing to take up the
challenge?
>
>Essentially, what personnally think would look cool is a view very similar
to
that which you get in the Policy Editor when you click on the Class of
decode
and you can see all the decodes for that class and what actions are
configured
for those decodes.
>
>In the lh window: In the rh
window
>
>Security Events
> Event Class Enabled /E
vent Name / Priority / Response(s) / Brief Descriptions
>
>Actually, I want this so that I can provide Operations with a quick view of
what each decode has done. A view you just cant get easily within the
console
without opening the policy editor. Not something I want an operator to do.
>
>Something like "decode name / enabled / priority / Responses configured
(and
to which OPSEC firewall)" in one long report.
>
>This will be valuable in the upcoming RS 5.0 release I am sure, where we
will
Xpress Updates adding new things to our policy files and change control
becomes even harder than it already is!!
>
>
>
>
>
>Stephen J. Cooper
>Senior Systems Analyst
>Bank for International Settlements
>Phone: +41 61 2806792
>Fax: +41 61 2809100
[EMAIL PROTECTED]
DISCLAIMER: Any e-mail messages from the Bank for International Settlements are sent
in good faith, but shall not be binding nor construed as constituting any obligation
on the part of the Bank.
CONFIDENTIALITY NOTICE: This e-mail contains confidential information, which is
intended only for the use of the recipient(s) named above. If you have received this
communication in error, please notify the sender immediately via e-mail and return the
entire message. Thank you for your assistance.
