Welcome to http://ncat.sourceforge.net/

This is the homepage for development versions of NCAT, the Network Config Audit Tool and RAT, the Router Audit Tool. They were written to facilitate checking of security configuration settings on large numbers of Cisco IOS configurations, but it is simple and general enough to check for required/forbidden settings for any arbitrary config/text file. Examples are given for checking IOS, Cat6k and HTML

I have developed a wrapper to NCAT called rat (Router Audit Tool). It contains a simple tool (snarf) to download configurations and a report generation tool. The rat distribution contains the latest NCAT. The current version contains rules to check configurations against the NSA IOS Rules.

To download the latest production release, including the latest rules, please go to the Center for Internet Security at:

Here is a link to a Power Point presentation about the Router Audit Tool

Here is a link to the postscript version of a presentation about the Router Audit Tool

Here is a link to sample rat output

Here is a link to rat documentation

Here are the the rat README file and rat INSTALL.txt file

Here is a link to the rules file

Here is an HTTP link to Rob Thomas' excellent security tools.
His Secure IOS config template inspired the creation of this tool


Also see Cisco's Improving Security on Cisco Routers

gmj@users.sourceforge.net
Mon Nov 26 07:22:08 PST 2001