09-14-2018 03:31 AM - edited 03-12-2019 04:11 AM
Does anyone know if there is a way to successfully get a credentialed scan on the FirePower module of an ASA 5516? I just recently had a CCRI (Command Cyber Readiness Inspection) and the auditor stated that I should be getting credentialed scans on my IPS/Firepower module. I'm able to login to the module using SSL, but I don't see anyway to get into enable mode. Any help would be greatly appreciated. thanks
V/r
Bill
09-14-2018 04:44 AM
The dedicated FirePower module is running Fire Linux OS (as it's called).
Once logged in you get the following:
configure Change to Configuration mode
exit Exit this CLI session
expert Invoke a shell
history Display the current session's command line history
logout Logout of the current CLI session
show Change to Show Mode
system Change to System Mode
Expert mode will get you into the actual Linux portion, where you can run standard Linux commands i.e. ls, cd, cat etc.
Joel
09-18-2018 04:19 AM
Joel,
I don't think this will work for a Nessus credentialed scan. While I can manually SSL into the Firepower module, You need to input "expert" to get to the Linux command line and then perform a SU or SUDO command. Hopefully, someone else can chime in for clarity. thanks
Bill
01-28-2020 07:57 AM
Was there ever a solution found to this issue? I too have the same need.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide