Happy New Year All!!!
I'm trying to perform STIG compliancy on various Cisco equipment. Has anybody used the Router Assessment Tool (RAT) for routers and switches? Any cheap (free) recommendations? As a last ditch effort I could use NMAP.
Thanks,
Tim
uunet did for a time use a variant of RAT... you may get some mileage
asking George Jones about it.
I think it is actually Router Audit Tool rather than assessment no? I'm not
sure that NMAP is an appropriate substitute for for a configuration audit
tool, but it's not a bad idea to do some accounting of what ports are open
for business on your devices. I have had some limited success with RAT at
prior jobs, and in fact at UUNet/VzB, but IIRC it really was not a tool
which could be readily used to build new audit rules. Although it is an
okay starting point for some generic audits, you may be best served by
rolling your own, which is what I did there.