Firecall – Automate SSH Communication With Firewalls, Switches, Etc.

Automate SSH communication with firewalls, switches, etc.DescriptionThese scripts are designed to automate sending commands to a Cisco ASA firewall. The intended purpose here is to eliminate the need to manually log in to a firewall to make changes. This code can be run directly via command line or it can be incorporated into other scripts. These scripts were created with automation/orchestration in mind – if done securely, these scripts could ingest security intelligence data to automatically block malicious IPs based on certain criteria.ConfigurationRun bash install.sh to set helpful aliases and enable loggingConfigure “config" in a text editor to add firewall address(es), authentication, & any other applicable options such as:add multiple firewalls to configure them all simultaneouslyconfigure email alerting to be alerted when an IP is blocked or un-blockedwhitelist IPs that you never want to get blockedoptional logging feature for audit capabilityblockipThe "blockip" script is designed to quickly block a host by simply providing the IP address.Just type blockip and then the ip address that you want to block.Example usage:# blockip 12.34.56.78[-] (firewall01) Added IP ‘12.34.56.78’ to firewall group ‘Deny_All_Group’removeipThis script works in the same way as blockip, except it removes an IP block from the firewall. It can be used to quickly "undo" a block made by blockip.Example usage:# removeip 12.34.56.78[-] (firewall01) Successfully removed IP ‘12.34.56.78’ from firewall group ‘Deny_All_Group’Dependencies"paramiko" must be installed for this program to run. To install paramiko, try running "pip install paramiko". On Macs, you may have to install a version of Python that has "pip". To do this, you can use either easy_install or homebrew (run "sudo easy_install pip" or "brew install python")Download Firecall

Link: http://feedproxy.google.com/~r/PentestTools/~3/ocGRQjqPkHg/firecall-automate-ssh-communication.html