I think it is actually Router Audit Tool rather than assessment no? I'm not sure that NMAP is an appropriate substitute for for a configuration audit tool, but it's not a bad idea to do some accounting of what ports are open for business on your devices. I have had some limited success with RAT at prior jobs, and in fact at UUNet/VzB, but IIRC it really was not a tool which could be readily used to build new audit rules. Although it is an okay starting point for some generic audits, you may be best served by rolling your own, which is what I did there. On Thu, Jan 5, 2012 at 4:09 PM, Christopher Morrow <morrowc.lists@gmail.com>wrote:
On Thu, Jan 5, 2012 at 12:11 PM, Green, Timothy <Timothy.Green@mantech.com> wrote:
Happy New Year All!!!
I'm trying to perform STIG compliancy on various Cisco equipment. Has anybody used the Router Assessment Tool (RAT) for routers and switches? Any cheap (free) recommendations? As a last ditch effort I could use NMAP.
uunet did for a time use a variant of RAT... you may get some mileage asking George Jones about it.