Brainbump.net has an excellent and very complete how to emulate ASA using just the following components:
- Ubuntu 9.10 – 32 bit Edition
- Dynamips 0.2.8-RC2 binary for Linux x86 platforms
- ASA Binary Version 8.0(2) – (asa802-k8.bin)
How-to is divided in 3 video tutorial parts for easy understanding and start with the most basic installation on GNS3 under Ubuntu 9.10 and continue with the actually configuration on the emulation.
If you are interested in security or you just want to test ASA and don’t have access to real hardware you definetely will want to try Brainbump.net tutorial.
Cisco ASA 5500 Series Adaptive Security Appliances are affected by the following vulnerabilities:
* TCP Connection Exhaustion Denial of Service Vulnerability
* Session Initiation Protocol (SIP) Inspection Denial of Service Vulnerabilities
* Skinny Client Control Protocol (SCCP) Inspection Denial of Service Vulnerability
* WebVPN Datagram Transport Layer Security (DTLS) Denial of Service Vulnerability
* Crafted TCP Segment Denial of Service Vulnerability
* Crafted Internet Key Exchange (IKE) Message Denial of Service Vulnerability
* NT LAN Manager version 1 (NTLMv1) Authentication Bypass Vulnerability
These vulnerabilities are not interdependent; a release that is affected by one vulnerability is not necessarily affected by the others.
There are workarounds for some of the vulnerabilities disclosed in this advisory.
Cisco has released free software updates that address these vulnerabilities.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20100217-asa.shtml