About Nipper

Nipper is a Network Infrastructure Parser (with an extra P for good measure). It takes it's input from a network devices configuration file(s), processes it/them and generates a nice friendly report. Nipper is platform independent, supports a range of network devices from different manufacturers and the report output can be in a variety of formats.

This page describes where Nipper came from, where it is going to, some of the key features and who is this guy anyway?

The History Of Nipper

Nipper began life in May 2006 as a simple C program called CiscoParse. It started because I needed a tool to quickly extract settings and reverse Cisco type-7 passwords from a large batch of Cicso router configuration files. I did not like the idea of going through each one manually.

Over a period of months following its birth, CiscoParse expanded with more and more settings and I added the facility to output the results in a nicely formatted HTML document. At the time I was using the tool for performing security audits and eventually added the code to write the security issues for me. Within a year CiscoParse not only supported configuration files from several types of Cisco devices and output reports in several formats, but the first non-Cisco device type was added (Juniper NetScreen). So CiscoParse became Nipper.

Originally Nipper, and CiscoParse before it, was distributed between myself and other security professionals for use in our everyday work. It had started to become very popular and I had some great feedback as more people were using it in their work, so I decided to create a Source Forge project to distribute Nipper to a wider community. The first version of Nipper available through Source Forge was 0.9.0 on the 23rd March 2007.

Since its Source Forge debut, Nipper has continued to grow in popularity and functionality. Furthermore, Nipper has now been integrated in to a number of different software tools developed by Open Source projects and commercial companies.

Some Key Features

Nipper has a large number of features, below are some that I like the most.

Reporting

The report output generated by Nipper can be customised to fit a particular requirement. The report can contain a security audit, detail configuration settings and include appendicies of relevent additional information. The reports are written as if Nipper was the one doing the writing, because it did. However, if you want the reports to be written as if Acme Inc had written them, thats no problem either.

Nipper supports several different report formats with a good chance that more will be added in the future. The current supported formats are:

Additional options are available depending on the format, such as a custom Cascading Style Sheet for HTML reports or different paper types for Latex documents. Latex documents also provide an easy path for creating PDF documents.

For custom solutions based around XML documents, a developers guide to the XML format is provided.

Device Support

Nipper supports a variety of different types of device from different manufacturers. With each new version of Nipper, this support is enhanced, expanded and more device types added. The current version of Nipper supports the following different types of device:

Security Auditing

Nipper can perform a security audit of a devices configuration. The security audit can include checks of the network filtering, password strength, routing protocols, software versions, management services and a host of other settings. A number of these checks are fully customisable, so that the audit can meet a specific requirement.

Each security issue that Nipper identifies is uniquely described in the report. The security report will describe what was found, why it is a security risk and what the alternatives are for mitigating the risk. The security report also provides a conclusion which gives an overview of the findings.

Device Configuration

Nipper can include a report section detailing the configuration settings that were extracted from the report. These can include, depending on the configuration and device, network interfaces, remote management services, routing protocol, network filtering, logging and more.

The Future Of Nipper

Future developments for Nipper includes support for additional devices, more report output options, other reporting features and be easier to use. It is no secret where Nipper is heading, the subversion repository can be accessed by anyone who is curious.

If you would like to see something in a future release, add it as a feature request.

Who Are You?

I am a qualified security professional with years of experience of perfoming penetration testing of networks, applications and security auditing of network devices. Just like many other security professionals, over the years I have written a number of tools to help me perform my work, some of which I provide freely for others to use (others I cannot due to various reasons). These tools include:

Banner Grab
A network service banner grabbing tool with triggers and more.
SSL Scan
A very fast SSL service scanner with additional features.
Viewstate
A tool for analysing .Net viewstate data, both old and new.
Data Sources
An ODBC Data Sources configuration tool for Linux. Developed in Qt, it provides an easy to use graphical interface similar to those provided as standard on other platforms. I will finish the KDE 4 version in the future.
Sun Patch Check
It does exactly what it says on the tin and includes an online update.
SQL Query
A Linux SQL Query tool. Written in Qt, it provides a GUI interface and makes use of ODBC and Qt database drivers.

I also develop code for other Open Source projects when I can, though I do not always have the time. I do try to squeeze in some fun as well. :-)

Ian Ventura-Whiting