Powershell / Cisco – Compliance checking with regex

Automate the checking of your configurations with a script that will scrub txt files.  Useful for those sites that may not have a management system.

V-3012: Does a username and secret exist?

 

V-3013: Does a login banner exist?

 

V-3014: Is the timeout set too high? (10 is default, so anything above “10 0” is matched)

 

V-3020: Is the device configured to either resolve to a server or is the service disabled?

 

V-3021: Does SNMPv1/v2c exist?  Let’s hope not! (be sure to also check “show snmp user” for old garbage usernames)

 

V-3043: Pending testing – snmp-server.*?v3.*?read

V-3056:  Need to revisit – ^username

V-3057:  Need to revisit – ^username.*?privilege\s+0

V-3058: Pending testing – ^username

 

V-3062: Is the password encryption service enabled?

 

V-3069: Are any unacceptable protocols enabled? (http, tftp, telnet)

 

V-3070: Pending

V-3072: Pending

V-3078:  Are garbage TCP and UDP servers enabled?  I hope not!

 

V-3079: Is the finger service enabled?  I hope not!

 

V-3085: Is unencrypted http server enabled?

 

V-3143: Need revisit – ^username\s+(admin|cisco)

V-3160: Pending

V-3175: Do management connections have authentication configured?

 

V-3196: Check output from “show snmp users” for any hash or encryption other than SHA or AES:

Regex pending.

 

V-3210: See: V-3021, eliminate SNMP v1/v2c and encrypt SNMPv3 with SHA/AES

 

V-3966: Pending

 

V-3967: Similar to V-3014, is there a timeout set to high? (over 10 mins)

 

V-3969: See: V-3021, eliminate SNMP v1/v2c and encrypt SNMPv3 with SHA/AES

 

V-3971: Is there a Vlan1 that is not shutdown??

 

V-3972: Pending
V-3973
V-3984
V-4582
V-4584
V-5611
V-5612
V-5613
V-5614
V-5615
V-5622
V-5623
V-5626
V-5628
V-7011
V-14669
V-14671
V-14717
V-15432
V-15434
V-17820
V-17821
V-17824
V-17825
V-17826
V-17827
V-17832
V-18544
V-18565
V-18566
V-23747
V-28784

 

 

 

 

 

 

 

Inject it into a script, note the CSV column names, etc:

 

Leave a Reply

Your email address will not be published. Required fields are marked *