Cisco ASA 5516 Firepower module (Nessus credentialed scans)

bills04ss · ‎09-14-2018

Does anyone know if there is a way to successfully get a credentialed scan on the FirePower module of an ASA 5516? I just recently had a CCRI (Command Cyber Readiness Inspection) and the auditor stated that I should be getting credentialed scans on my IPS/Firepower module. I'm able to login to the module using SSL, but I don't see anyway to get into enable mode. Any help would be greatly appreciated. thanks

V/r

Bill

Joel · ‎09-14-2018

The dedicated FirePower module is running Fire Linux OS (as it's called).

Once logged in you get the following:

configure Change to Configuration mode
exit       Exit this CLI session
expert     Invoke a shell
history    Display the current session's command line history
logout     Logout of the current CLI session
show       Change to Show Mode
system     Change to System Mode

Expert mode will get you into the actual Linux portion, where you can run standard Linux commands i.e. ls, cd, cat etc.

Joel

bills04ss · ‎09-18-2018

Joel,

I don't think this will work for a Nessus credentialed scan. While I can manually SSL into the Firepower module, You need to input "expert" to get to the Linux command line and then perform a SU or SUDO command. Hopefully, someone else can chime in for clarity. thanks

Bill

justin.hamilton · ‎01-28-2020

Was there ever a solution found to this issue? I too have the same need.