CCSAT (Cisco Configuration Security Auditing Tool) is a tool for automated audit of configuration security of large numbers of Cisco routers and switches. The tool is based upon industry best practices, including Cisco, NSA, and SANS security guides and recommendations. It is flexible and can report details down to individual device interfaces, lines, ACLs, and ASs, etc. CCSAT has been tested, and used for real audits, on FreeBSD, Solaris 8 and Linux. It should also work on all other major UNIX platforms (POSIX.2).
Running it without any argument or option (./ccsat) will display its usage. "file-rename" is an example script if you need to rename and/or add .ext extension to the config files.
Download CCSAT from ccsat.sourceforge.net/ccsat or from hotunix.com/tools (last updated: Jan 10, 2010).
alphan3 at users.sourceforge.net