INTRODUCTION

This document describes the steps necessary to install the Router
Audit Tool (RAT) on the Windows platform using Cygwin Perl.


PREREQUISITES

To install RAT under Cygwin, you will first need to install both
Cygwin and Perl for Cygwin.  RAT has been tested with the Cygwin Perl
distribution available from:

	     http://sources.redhat.com/cygwin/setup.exe

To get RAT working on Windows, you will need to install Perl for
Cygwin.  RAT has been tested with the Cygwin distribution of Perl
v5.6.1-2.  To retrieve it, download the setup.exe tool from above and
re-run after Cygwin is installed, then install Interpreters/Perl.


TESTED PLATFORMS

We have successfully tested RAT on the following Microsoft platforms:

- Cygwin Perl v5.6.1-2 on
	Cygwin 1.3.10 on Windows 2000 Professional
	Cygwin 1.3.10 on Windows 2000 Server Edition
	Cygwin 1.3.10-1 on Windows 2000 Professional
	Cygwin 1.3.10-1 on Windows 2000 Server Edition
	
We are always interested to hear reports of people using RAT on other
platforms.  Please send your platform information and the output of
"perl -v" to rat-feedback@cisecurity.org.  Thank you for your
assistance.


INSTALLATION

1.  Install Cygwin Perl version 5.6.1 or better.  Make sure the
    path to the perl executable is in your path (this is the normal
    installation procedure).

[similar to the Unix instructions...]

2. Get/unpack rat-1.1.tar.gz

   % cd ~
   % gunzip rat-1.1.tar.gz
   % tar -xvf rat-1.1.tar
   .
   .
   .
   % cd rat-1.0


3. Decide if you want/need to install "snarf" to retrieve
   configurations.  

   Some people have reported problems installing the Perl modules
   required by the "snarf" program.  If you already have other ways of
   of retrieving configurations (tftp, telnet, etc.), you may want to
   install without the "snarf" program.

4. Install

4.1 Install rat without snarf

   In order to install and use this package you will need Perl version
   5.6.1 or better.  You may need to be root if you intend to install
   in the system directories (/usr/...), which is the default.

   Installation as usual:

     perl Makefile-nosnarf.PL [PREFIX=/home/you]
     make
     make test
     make install

   Skip to step 4.

4.2 Install with snarf     

4.2.1 Install the required Perl Modules.

  # perl -MCPAN -e shell
  cpan> install Net::Telnet
  [answer the questions]
  cpan> install Term::ReadKey
  [answer the questions]
  cpan> install Test::Simple
  [answer the questions]
  cpan> install Net::Telnet::Cisco
  [answer the questions]

  If you have trouble using the CPAN module, as shown above (for
  instance if your firewall won't allow FTP), you can obtain the
  modules using a web browser directly from the URLs below.

       http://search.cpan.org/search?module=Net::Telnet
       http://search.cpan.org/search?module=Term::ReadKey
       http://search.cpan.org/search?module=Net::Telnet::Cisco
       http://search.cpan.org/search?module=Test::Simple

  and then after unpacking install with

      gunzip MODULE
      tar -xvf MODULE
      cd MODULE
      perl Makefile.PL
      make
      make test
      make install

4.2.2 Install rat with snarf.

   Installation as usual:

     perl Makefile.PL [PREFIX=/home/you]
     make
     make test
     make install


5. Check your path.

   Make sure that the PREFIX/bin is in your shell's search path.

   You can test to see if your path is correct by typing

      which rat

   You should see

      PREFIX/bin/rat

   If you do not, then see your shells documentation for 
   instructions on adding a directory to your default path.

6. Localize addresses, interfaces names, etc. as needed.

   This can be done by running "ncat_config".  See LOCALIZE.txt for details.

7. Pick a working directory

   % mkdir ~/tmp/
   % cd ~/tmp

8. run rat.

   This example assumes that you have an IOS configuration already stored in
   a file called 1.2.3.4.  Use "rat --snarf 1.2.3.4" if you need to
   pull the config (and you installed snarf).

   % rat 1.2.3.4
   auditing 1.2.3.4...done.
   ncat_report: Guide file rscg.pdf not found in current directory.  Searching...
   CONFIG GUIDE PATH: /usr/doc /usr/local/doc $HOME/doc ./doc
   Linking to guide fond at $HOME/doc/rscg.pdf
   ncat_report: writing 1.2.3.4.ncat_fix.txt.
   ncat_report: writing 1.2.3.4.ncat_report.txt.
   ncat_report: writing 1.2.3.4.html.
   ncat_report: writing rules.html (cisco-ios-benchmark.html).
   ncat_report: writing all.ncat_fix.txt.
   ncat_report: writing all.ncat_report.txt.
   ncat_report: writing all.html.


   % ls -l
   total 120
   -r--r--r--   1 jns   jns     25084 Mar  3 17:35 1.2.3.4
   -rw-r--r--   1 jns   jns     14609 Mar  3 17:41 1.2.3.4.html
   -rw-r--r--   1 jns   jns      2203 Mar  3 17:41 1.2.3.4.ncat_fix.txt
   -rw-r--r--   1 jns   jns      1813 Mar  3 17:41 1.2.3.4.ncat_out.txt
   -rw-r--r--   1 jns   jns      4770 Mar  3 17:41 1.2.3.4.ncat_report.txt
   -rw-r--r--   1 jns   jns     12333 Mar  3 17:41 all.html
   -rw-r--r--   1 jns   jns      2203 Mar  3 17:41 all.ncat_fix.txt
   -rw-r--r--   1 jns   jns      4766 Mar  3 17:41 all.ncat_report.txt
   lrwxrwxrwx   1 jns   jns        10 Mar  3 17:41 cisco-ios-benchmark.html -> rules.html
   -rw-r--r--   1 jns   jns       440 Mar  3 17:41 index.html
   lrwxrwxrwx   1 jns   jns        35 Mar  3 17:41 rscg.pdf -> /somepath/doc/rscg.pdf
   -rw-r--r--   1 jns   jns     28059 Mar  3 17:41 rules.html

9. Examine the results and start fixing things.

10. Be paranoid

   If you're paranoid (and you should be) and don't want to type your
   login and enable passwords into a strange program and let it log
   into your routers, you have two options (other than not running the
   program at all).

     1. Examine the code to snarf.  It's fairly simple.

     2. Get a copy of the config(s) you want to audit by 
        some other means, place them in the directory
        you're running the programs from.



FEEDBACK

We are always interested to hear reports of people using RAT on other
platforms.  Please send your platform information and the output of
"perl -v" to 

      rat-feedback@cisecurity.org

Thank you for your assistance.


$Id: INSTALL.cygwin.txt,v 1.3 2002/03/21 16:43:41 gmj Exp $
