Linux Network Security Toolkit (NST) for Fedora 24
Welcome to the Network Security Toolkit (NST). This bootable ISO live CD/DVD (NST Live) is based on Fedora. The toolkit was designed to provide easy access to best-of-breed Open Source Network Security Applications and should run on most x86/x86_64 platforms.
The main intent of developing this toolkit was to provide the network security administrator with a comprehensive set of Open Source Network Security Tools. The majority of tools published in the article: Top 100 Security Tools by INSECURE.ORG are available in the toolkit. An advanced Web User Interface (WUI) is provided for system administration, navigation, automation and configuration of many network and security applications found within the NST distribution. In the virtual world, NST can be used as a network security analysis, validation and monitoring tool on enterprise virtual servers hosting virtual machines.
What we find rather fascinating with NST is that we can transform most x86/x86_64 systems into a system designed for network traffic analysis, intrusion detection, network packet generation, wireless network monitoring, virtual session serving, or a sophisticated network/host scanner. This can all be done without disturbing or modifying any underlying system storage. NST can be up and running on a typical x86/x86_64 notebook in less than a minute by just rebooting NST Live. The notebook's hard disk will not be altered in any way.
NST also makes an excellent tool to help one with crash recovery troubleshooting scenarios and diagnostics.
When booted in the default manner, there is no password set for the "root" and "nst" user accounts (just hit enter to log in). Remote access ("SSH" on port 22 and "HTTPS" on port 9943) to the running NST probe will be disabled until system passwords are set and services enabled via the "nstpasswd" script.
Access methods to a running NST probe:
If you do not know the IP address assigned to the running NST probe, you can use the "ifconfig" config command to determine it.
Use the NST script: "nstliveinst" for installation of NST Live to a hard disk
Notes below contain summary briefs on NST aliases, functions, and custom scripts.
The following aliases are available to get various services up and going quickly (Note: some default settings may not apply to your environment. Please review associated configuration files prior to starting a service):
This function finds all files of size or greater and list them in descending order by size.
Usage: lsfindfilesize FINDDIR FILESIZE Where: FINDDIR - Start file find from this top level directory FILESIZE - Find all files of this size or greater in KiloBytes (KB) Example: lsfindfilesize /usr 400 -rw-r--r-- 1 root root 1096328 Mar 18 2005 /usr/lib/libslang-utf8.so.1.4.9 -rwxr-xr-x 1 root root 468940 Sep 30 2005 /usr/bin/mkisofs
This function will start the ssh-agent daemon (if it hasn't already been started) and update the necessary environment variables such that any future use of ssh-add and/or ssh will be able to make use of the ssh-agent daemon. This is done such that all logins will be able to share the same instance of the ssh-agent (you only need to execute this the first time you login).
This function will facilitate a system move and shutdown when your NST system is booting from writable and removable media (such as a USB memory stick), it will likely persist information between boots. If you then move the installation to new hardware, it is likely that the persisted information (e.g., MAC Address) will be incorrect for the new hardware. It removes hardware specific configuration files so that they will be recreated at boot time. You will be prompted prior to moving and shutting down the NST system. See the NST script: "nstboot --help" for more information.
This function will display the NST README in HTML format if the HTML version of the README file is available. If not, the text version of the README file will be displayed via the less utility.
This script will create a RAM disk on the NST probe system. Type: "create_ramdisk --help" to display its usage.
This script will create a 64MB RAM disk at mount point: "/dev/ram4" on the NST probe system. It calls script: /root/bin/create_ramdisk with the following: "/root/bin/create_ramdisk -s 64 -d /dev/ram4"
This script creates one or more zero filled files of a specified size.
Usage: mkfile size[k|m] filename1 filename2 ... This script creates one or more zero filled files of a specified size. The file size will be a multiple of 1024. Example: /sbin/mkfile 22m /tmp/largefile - This will create the zero filed file: /tmp/largefile with a size of: 23,068,672 bytes (22MByte file).
This script allows one to update the authorized_keys files for multiple users on multiple hosts with a single invocation. Use the following for additional information:
ssh-auth-keys --help | less
This script is used to change the hostname of a NST system. All appropriate places within the Linux Operating System will be updated to reflect the hostname change.
nsthostname --help | less
This simple utility returns the IP address of the selected interface. If no interface is specified, all IP addresses configured on this system including the public internet address will be displayed.
Help description for: getipaddr
getipaddr --help | less
Examples for: getipaddr
getipaddr -i eth0 172.16.1.44 getipaddr -p 126.96.36.199 getipaddr 127.0.0.1 172.16.1.44 188.8.131.52
This script will continuously display the current NST probe time each second on the same line with scrolling disabled.