On 4/3/09, Subba Rao <castellan2004-nsm@yahoo.com> wrote:
I did see a few false positives too with Nipper. What do you think about Router Audit Tool (RAT) instead?
RAT is the approved IOS security audit tool at $work, so it doesn't matter what I think about it :) But it is fairly nice ... as long as you keep in mind it's limitations. I looked at Nipper a while back; it had some nice features but not enough to keep me from uninstalling it. The problem I have with both RAT and Nipper is they're geared towards security and I'm more interested in verifying that the routers are configured correctly. What kind of tools are people using for that? For an example of the type of thing I'm interested in, see filter_audit in the presentation at http://www.nanog.org/mtg-0210/abley.html
I downloaded ncat (aka RAT), but it does not have a global configuration file which I can use for all the routers and switches I have.
Works for me.. just remember that RAT is pretty old & fails miserably on things like 6500s that are both routers and switches. So figure out what's common to all your routers and configure RAT to check that set of parameters. Then create another RAT config for L2/L3 switches that doesn't check as much (eg. don't check for proxy-arp being disabled) Regards, Lee