# This configuration file is for Nipper
# http://www.sourceforge.net/projects/nipper


# Configuration File Usage
# ------------------------
# These settings set the Nipper defaults. They can be overridden
# on the command line. If you remove a settings value or delete
# it, Nipper will return to its internal default setting.
#
# On/Off settings can be specified using "on", "off", "true",
# "false", "yes" or "no". The On/Off settings are case insensitive.
#
# A line begining with a # is a comment line and will be ignored.


####################
# General Settings #
####################

[General]

# This changes the default device type. The choices are:
#      Cisco Router (IOS)
#      Cisco Switch (IOS)
#      Cisco Catalyst (IOS)
#      Cisco Catalyst (NMP)
#      Cisco Catalyst (CatOS)
#      Cisco Firewall (PIX)
#      Cisco Firewall (ASA)
#      Cisco Firewall (FWSM)
#      Cisco Content Services Switch (CSS)
#      Juniper ScreenOS Firewall
#      Nortel Passport
#      Checkpoint Firewall-1
#      SonicWall SonicOS Firewall
Device Type = Cisco Router (IOS)

# Device Model
# Model = <device model, such as 7200VXR>

# This option will bypass any device type checking
Force Type = No

# Where is the device on the network (on the edge or internal)
# Location = Edge
Location = Internal


###################
# Report Settings #
###################

[Report]

Company Name = Nipper
Show Passwords In Report = yes
Expand ACL In Report = no
Convert Names To IP Addresses = no

# The default report format. The options are HTML, XML, LATEX or
# TEXT. The Nipper default is HTML.
Report Format = HTML


###############################
# HTML Report Format Settings #
###############################
# These are the HTML report format settings.

[HTML]

# Style Sheet File = <file name>


################################
# Latex Report Format Settings #
################################
# These are the Latex report format settings. Refer to the Latex
# documentation for alternatives.

[Latex]

Paper Size = a4paper
Document Class = article


###########################
# Report Section Settings #
###########################
# Modify these settings to include or exclude various sections from
# the report output. However, it is worth noting that when enabled
# these sections will still only appear if they have content.

[Report Sections]

Configuration Report = on
Security Audit = on
Appendix = on
Abbreviations = on
Common Ports = on
Logging Levels = on
Time Zones = on
Nipper Details = on
Glossary = on


################################
# Configuration Audit Settings #
################################
# These settings determine how different elements of a
# configuration are audited.

[Audit]

# Dictionary to use with password strength testing. If no
# dictionary is specified, a small built-in dictionary of
# common/defaults is used. A dictionary file will contain
# one password per line.

# Dictionary File = <file name>

# Password / key audit options
Minimum Password Length = 8
Passwords Must Include Uppercase = off
Passwords Must Include Lowercase = off
Passwords Must Include Lowercase or Uppercase = on
Passwords Must Include Numbers = on
Passwords Must Include Special Characters = off

# Filtering / ACL audit options
Check For Any Source = yes
Check Source Rules Do Not Include Networks = yes
Check For Any Source Service = no
Check For Any Destination = yes
Check Destination Rules Do Not Include Networks = yes
Check For Any Destination Service = yes
Check That All Rules Log = no
Check That All Deny Rules Log = yes
Check For Disabled Rules = yes
Check Rule Lists End With Deny All And Log = yes
Check For Reject Rules = yes
Check For Bypass Rules = yes
Check For Default Rules = yes

# Misc audit options
Minimum Timeout (Seconds) = 600


##################################
# SNMP Retrival Section Settings #
##################################
# These settings will be used when connecting to an SNMP server
# to remotely retrieve a device configuration. This is only supported
# on a number of device types.

[SNMP]

# The read/write community string to use
Community String = private

# Set this to yes for really old Cisco devices
Old Cisco Method = no

# The local TFTP server root
TFTP Server Root = /tftproot/

# Your local IP address
# Local IP Address = <Local IP address>

# The remote device IP address
# Remote IP Address = <Remote IP address>