Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Using CIS RAT program for a PIX firewall and getting the following error: No matching rules found.

Posted on 2005-02-24
7
Medium Priority
?
1,891 Views
Last Modified: 2013-11-16
Here is the output of the Rat program when I try to audit a PIX configuration file.  Does anyone know what I am dong wrong?

Thanks,
Benje02

C:\CIS\RAT\bin>rat -t cisco-pix pix_config.txt
auditing pix_config.txt...
Parsing: /C:\CIS\RAT/etc/configs/cisco-pix/common.conf/
Parsing: /C:\CIS\RAT/etc/configs/cisco-pix/cis-level-1.conf/
Parsing: /C:\CIS\RAT/etc/configs/cisco-pix/cis-level-2.conf/
Checking: pix_config.txt
done checking pix_config.txt.
Parsing: /C:\CIS\RAT/etc/configs/cisco-pix/common.conf/
Parsing: /C:\CIS\RAT/etc/configs/cisco-pix/cis-level-1.conf/
Parsing: /C:\CIS\RAT/etc/configs/cisco-pix/cis-level-2.conf/
ncat_report: skipping pix_config.txt.ncat_out.txt.  No matching rules found.
ncat_report: writing rules.html (cisco-pix-benchmark.html).
ncat_report: skipping all.  No matching rules found.


0
Comment
Question by:benje02
  • 4
  • 3
7 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 1000 total points
ID: 13398603
Personal opinion - RAT tool sucks. I would never use it for any purpose.
I've tried the latest ver 2.2 specifically says for PIX and I get the same result.
If you open the rules.html, it still says 2.1 and everything is for a router, not a pix..
0
 

Author Comment

by:benje02
ID: 13415234
Irmoore,

What do you use for this purpose?  

Thanks,
Benje02
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 13415267
I use the same basis as a guide only, experience, and a complete understanding of capabilities of the products and requirements of the implementation.

NSA publishes their router security guide which is what the RAT tool is based on
http://www.nsa.gov/snac/downloads_cisco.cfm

My problem with this is that it was published over 18 months ago, the research and writing done over 2 years ago. Cisco IOS and products have changed dramatically since then with a slew of new capabilites, new vulnerabilities, and new features.

There is no published "best practices" for PIX firewall, which, by the way, will have a new version 7.0 coming out soon with 23 pages of descriptions of new features.

What, exactly, are you looking for?
0
The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

 

Author Comment

by:benje02
ID: 13419594
I was looking for something similar to the IOS AutoSecure for the PIX.  I have about one years experience with routers and firewalls and was looking for information to help me determine if my configuration was as secure as possbile and guide me on the general security practices for these devices.

Thanks for your help.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 13419672
The thing about a pix is that it is secure out of the box, designed to be a world class firewall. Any changes are explicit, but you can compromise the security. A lot of "features" of $50 soho boxes can't be enabled on a PIX because they would compromise the security features.

A router on the other hand was designed to pass packets back and forth. Security was sort of an afterthought. That's why the security guides were published and the autosecure feature included after how many years on the market?

You can always post your pix config here (just mask out any passwords and real public IP's) if you want us to look it over for you.
0
 

Author Comment

by:benje02
ID: 13419790
Thanks, I will do that in the future.  You have been a great help to me over the past two years answering questions and I really appreciate the help.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 13419801
Glad to be here. Thanks!
0

Featured Post

IT Degree with Certifications Included

Aspire to become a network administrator, network security analyst, or computer and information systems manager? Make the most of your experience as an IT professional by earning your B.S. in Network Operations and Security.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When speed and performance are vital to revenue, companies must have complete confidence in their cloud environment.
There’s a movement in Information Technology (IT), and while it’s hard to define, it is gaining momentum. Some call it “stream-lined IT;” others call it “thin-model IT.”
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question