
UNIX installation instructions for the Router Audit Tool (rat).

1. Get/unpack rat-1.1.tar.gz

   % cd ~
   % gunzip rat-1.1.tar.gz
   % tar -xvf rat-1.1.tar
   .
   .
   .
   % cd rat-1.1


2. Decide if you want/need to install "snarf" to retrieve
   configurations.  

   Some people have reported problems installing the Perl modules
   required by the "snarf" program.  If you already have other ways of
   of retrieving configurations (tftp, telnet, etc.), you may want to
   install without the "snarf" program.

3. Install

3.1 Install rat without snarf

   In order to install and use this package you will need Perl version
   5.004 or better.  You may need to be root if you intend to install
   in the system directories (/usr/...), which is the default.

   Installation as usual:

     perl Makefile-nosnarf.PL [PREFIX=/home/you]
     make
     make test
     make install

   Skip to step 4.

3.2 Install with snarf     

3.2.1 Install the required Perl Modules.

  # perl -MCPAN -e shell
  cpan> install Net::Telnet
  [answer the questions]
  cpan> install Term::ReadKey
  [answer the questions]
  cpan> install Test::Simple
  [answer the questions]
  cpan> install Net::Telnet::Cisco
  [answer the questions]

  If you have trouble using the CPAN module, as shown above (for
  instance if your firewall won't allow FTP), you can obtain the
  modules using a web browser directly from the URLs below.

       http://search.cpan.org/search?module=Net::Telnet
       http://search.cpan.org/search?module=Term::ReadKey
       http://search.cpan.org/search?module=Net::Telnet::Cisco
       http://search.cpan.org/search?module=Test::Simple

  and then after unpacking install with

      gunzip MODULE
      tar -xvf MODULE
      cd MODULE
      perl Makefile.PL
      make
      make test
      make install

3.2.2 Install rat with snarf.

   Installation as usual:

     perl Makefile.PL [PREFIX=/home/you]
     make
     make test
     make install


4. Check your path.

   Make sure that the PREFIX/bin is in your shell's search path.

   You can test to see if your path is correct by typing

      which rat

   You should see

      PREFIX/bin/rat

   If you do not, then see your shells documentation for 
   instructions on adding a directory to your default path.

5. Localize addresses, interfaces names, etc. as needed.

   This can be done by running "ncat_config".  See LOCALIZE.txt for details.

6. Pick a working directory

   % mkdir ~/tmp/
   % cd ~/tmp

7. run rat.

   This example assumes that you have an IOS configuration already stored in
   a file called 1.2.3.4.  Use "rat --snarf 1.2.3.4" if you need to
   pull the config (and you installed snarf).

   % rat 1.2.3.4
   auditing 1.2.3.4...done.
   ncat_report: Guide file rscg.pdf not found in current directory.  Searching...
   CONFIG GUIDE PATH: /usr/doc /usr/local/doc $HOME/doc ./doc
   Linking to guide fond at $HOME/doc/rscg.pdf
   ncat_report: writing 1.2.3.4.ncat_fix.txt.
   ncat_report: writing 1.2.3.4.ncat_report.txt.
   ncat_report: writing 1.2.3.4.html.
   ncat_report: writing rules.html (cisco-ios-benchmark.html).
   ncat_report: writing all.ncat_fix.txt.
   ncat_report: writing all.ncat_report.txt.
   ncat_report: writing all.html.


   % ls -l
   total 120
   -r--r--r--   1 gjones   gjones     25084 Feb  4 17:35 1.2.3.4
   -rw-r--r--   1 gjones   gjones     14609 Feb  4 17:41 1.2.3.4.html
   -rw-r--r--   1 gjones   gjones      2203 Feb  4 17:41 1.2.3.4.ncat_fix.txt
   -rw-r--r--   1 gjones   gjones      1813 Feb  4 17:41 1.2.3.4.ncat_out.txt
   -rw-r--r--   1 gjones   gjones      4770 Feb  4 17:41 1.2.3.4.ncat_report.txt
   -rw-r--r--   1 gjones   gjones     12333 Feb  4 17:41 all.html
   -rw-r--r--   1 gjones   gjones      2203 Feb  4 17:41 all.ncat_fix.txt
   -rw-r--r--   1 gjones   gjones      4766 Feb  4 17:41 all.ncat_report.txt
   lrwxrwxrwx   1 gjones   gjones        10 Feb  4 17:41 cisco-ios-benchmark.html -> rules.html
   -rw-r--r--   1 gjones   gjones       440 Feb  4 17:41 index.html
   lrwxrwxrwx   1 gjones   gjones        35 Feb  4 17:41 rscg.pdf -> $HOME/doc/rscg.pdf
   -rw-r--r--   1 gjones   gjones     28059 Feb  4 17:41 rules.html

8. Examine the results and start fixing things.

9. Be paranoid

   If you're paranoid (and you should be) and don't want to type your
   login and enable passwords into a strange program and let it log
   into your routers, you have two options (other than not running the
   program at all).

     1. Examine the code to snarf.  It's fairly simple.

     2. Get a copy of the config(s) you want to audit by 
        some other means, place them in the directory
        you're running the programs from.

Please send bugs/feedback to 

    rat-feedback@cisecurity.org

$Id: INSTALL.unix.txt,v 1.4 2002/03/27 14:27:02 gmj Exp $
