Nipper is a network infrastructure parser. It processes configuration files from network devices and produces a report including a security audit of the device, configuration settings and other relevant information.

Nipper currently supports the following device types:

  * Cisco IOS-based routers

  * Cisco IOS-based catalysts

  * Cisco NMP-based catalysts

  * Cisco CatOS-based catalysts

  * Cisco PIX-based Firewalls

  * Cisco ASA-based Firewalls

  * Cisco FWSM-based Firewalls

  * Cisco Content Service Switches

  * Juniper ScreenOS-based Firewalls (NetScreen)

  * Nortel Passport devices

  * CheckPoint Firewall-1 Firewalls

  * Sonicwall SonicOS-based Firewalls

  * Bay Networks Accelar

  * Nokia IP Firewalls

The security audit includes details of the findings, together with detailed recommendations. The security audit can be modified using command line parameters or an external configuration file.

This update (0.11.7) adds CSV output of the devices network filtering rules, adds an option to show CheckPoint rule comments. This release now includes improved support for Nokia IP and Accelar devices. The release also contains a few other minor updates. Read the Changelog for more information.

Nipper is available for Linux, Windows and other platforms. More information and downloads can be obtained from the project web site at http://nipper.titania.co.uk .

If you have access to device configuration files for network devices, please consider sending them to me. I will be discrete, but you are welcome to sanitise them first. However, if you do sanitise them, please ensure that the structure of the config file is not modified.

The project web site is http://nipper.titania.co.uk

Ian Ventura-Whiting