Router Audit Tool Rat
Hi, I chanced upon this tool on the internet some days back and have been trying to use it without any success.I have looked everywhere without any troubleshooting documents as well.I have installed Active Perl as well as the RAT on the C drive as follows with the default unstallations. C: Perl and C: CIS. I have a sample configuration file called SampleIOSConfig.txt in the path C: CIS RAT etc configs cisco-ios as well as the local.conf file. The rat.exe is in the pathC: CIS RAT bin.When I run C: CIS RAT bin rat -r local.conf SampleIOSconfig.txt, I get this message: C: >CIS RAT bin rat -r local.conf SampleIOSConfig.txt No configuration files available to audit at rat line 897.Yet,when I put the files in the temp directory and run I get it run successfully as shown: C: >cd temp C: Temp>C: CIS RAT bin rat -r local.conf SampleIOSConfig.txt auditing SampleIOSConfig.txt. Parsing: /local.conf/ Checking: SampleIOSConfig.txt done checking SampleIOSConfig.txt. Parsing: /local.conf/ ncat_report: writing SampleIOSConfig.txt.ncat_fix.txt.
Ncat_report: writing SampleIOSConfig.txt.ncat_report.txt. Ncat_report: writing SampleIOSConfig.txt.html. Ncat_report: writing rules.html (cisco-ios-benchmark.html).
Ncat_report: writing all.ncat_fix.txt. Anime like trinity seven. Ncat_report: writing all.ncat_report.txt.
Ncat_report: writing all.html. C: Temp> How do I get it run correctly? Any assistance please.
The Center for Internet Security (CIS) has provided a tool to do just that. The Router Audit Tool or rat was designed to help audit the configurations of Cisco. This video is a walkthrough for one of the labs in the SANS Advanced System and Network Auditing course. In this video we'll compare and demonstrate the CIS router audit tool and the open source.
CIS Router Audit Tool - Project Underway to Update Config Rules CIS Router Audit Tool - Project Underway to Update Config Rules Michael Hertrick Fri Mar 12 14:27:33 CST 2010 • Previous message: • Next message: • Messages sorted by: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Greetings, I've recently begun updating the config rules for the CIS Router Audit Tool (RAT) distribution. For those who have never heard of RAT, it is a perl-based utility written by George M. Jones to audit router configurations. It can be used to audit virtually any text file by writing custom rules. Until now, the CIS RAT distribution did not support any Cisco Firewall configs beyond v6.x. I've added a new cisco-firewall config type that supports the latest Cisco PIX/ASA/FWSM configurations.
The new rules are based on the CIS Benchmark for Cisco Firewall Devices v2.0 (NOV2007). They've only been tested on my own PIX/ASA/FWSM configurations. If anyone is interested in helping test and improve these rules before they're included in an official distribution, you can join the CIS Community Project - CIS Router Audit Tool at: You can either checkout the latest from SVN or download one of the archives attached to the latest discusson 'REQUESTED ACTION: Verify that RAT is able to consume your Cisco PIX, ASA, and FWSM configurations.' Please post your results, comments, and questions to the CIS Router Audit Tool Community Project Discussions page along with pertinent information such as device model, OS version, and the rule names/numbers that were tested. Also include any other information that could be useful such as whether the firewall is in multi-context or transparent mode. For anyone wondering about Cisco IOS, soon we will also begin updating the cisco-ios config rules to better support newer IOS versions and bring the rules up to the latest CIS benchmark. I'd like to see other config types added, too, like JunOS for example.
Essentially all it takes to write a RAT config-type for CIS is a benchmark, some patience, and the ability to write regular-expressions. If you're up for it, let me know. Regards, Michael Hertrick Neovera, Inc. - -- () ascii ribbon campaign - against html e-mail / www.asciiribbon.org - - against proprietary attachments -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - iEYEARECAAYFAkuao7UACgkQcJVdtfpkLb+tVQCeLV6MWJAARiF7FG6NS1TnJ8lN aPQAn2KDSfJuDytYcgU24ZLnx8lY2WSk =S2BB -----END PGP SIGNATURE----- • Previous message: • Next message: • Messages sorted.