Network Security Toolkit (NST) 32 SVN:11992 releases
Network Security Toolkit (NST) is a bootable ISO image (Live DVD/USB Flash Drive) based on Fedora 28 providing easy access to best-of-breed Open Source Network Security Applications and should run on most x86_64 systems.
The main intent of developing this toolkit was to provide the security professional and network administrator with a comprehensive set of Open Source Network Security Tools. The majority of tools published in the article: Top 125 Security Tools by INSECURE.ORG are available in the toolkit. An advanced Web User Interface (WUI) is provided for system/network administration, navigation, automation, network monitoring, host geolocation, network analysis and configuration of many network and security applications found within the NST distribution. In the virtual world, NST can be used as a network security analysis, validation and monitoring tool on virtual enterprise servers hosting virtual machines.
- Multi-Tap Network Packet Capture
- Web-Based Network Security Tools Management
- Host/IPv4 Address Geolocation
- Network/System Monitoring
- Network Intrusion Detection
- Network Interface Bandwidth Monitor
- Web-based Snort IDS Integration
- Active Connections Monitor
- Network Segment ARP Scanner
- Network Packet Capture CloudShark Upload Support
- Multi-Port Terminal Server
- VNC / RDP Desktop Session Management
Changelog 32 SVN:11992
Here are some of the highlights and new tools added for this release:
- A new NST WUI page for displaying Wireshark tshark Statistics Conversations has been developed (See the example: tshark Statistics Conversations page shown below.). This page focuses on displaying network conversations between two specific endpoints in tabular format and results can be further analyzed with the NST Network Tools Widgets. One can choose a Conversation Type and Display filter to isolate traffic of interest. The table output also contains the ability to create stream display filters for packet capture decode analysis. Many other actions and features can be found on this page.
- Added a new NST WUI page for the next generation the Kismet Wireless Surveillance application. This new version features a massively rewritten code base, a new web UI, support for non-WiFi capture types, and much more.
- The NST Network Interface Bandwidth Monitor has been updated to version: 3. It now supports a new nodejs-based web socket interface to achieve higher query data rates. A new load archived monitor widget has also been integrated.
- Added a new NST WUI page for fast directory scanning using dirble. A word list derived from CeWL has been integrated with the dirble page.
- The NST Multi-Traceroute: mtraceroute application now integrates into the scapy project. Minor enhancements / fixes has been made to the application.
- Updated the theHarvester OSINT application with supporting NST WUI page. This is an effective tool to be used in the early stages of a penetration test.
- Added the fwknop application to the NST distribution. fwknop stands for the FireWall KNock OPerator and implements an authorization scheme called Single Packet Authorization (SPA).
- Added a new NST WUI page for the MeshCommander – IntelÂ® AMT Remote Management application. This is an entirely web based remote management tool for vPro supported computers.
- The Dump1090 – Aircraft Surveillance application has been integrated into the NST WUI. One can view location information of all aircrafts broadcasting on their ADS-B Mode S transponder that has been detected by an attached USB RTL-SDR dongle.
- A copy to the system clipboard action has been sprinkled throughout the NST WUI.
- As always, the networking and security applications included have been updated to their latest version which can be found in the manifest.
- For more details related to the code changes for this release, refer to the “Change Log” page or review the change log for an individual RPM package.