Network Security Toolkit (NST v2.11.0)

Welcome to the Network Security Toolkit (NST). This bootable ISO live CD/DVD (NST Live) is based on Fedora. The toolkit was designed to provide easy access to best-of-breed Open Source Network Security Applications and should run on most x86/x86_64 platforms.

The main intent of developing this toolkit was to provide the network security administrator with a comprehensive set of Open Source Network Security Tools. The majority of tools published in the article: Top 100 Security Tools by INSECURE.ORG are available in the toolkit. An advanced Web User Interface (WUI) is provided for system administration, navigation, automation and configuration of many network and security applications found within the NST distribution. In the virtual world, NST can be used as a network security analysis, validation and monitoring tool on enterprise virtual servers hosting virtual machines.

What we find rather fascinating with NST is that we can transform most x86/x86_64 systems into a system designed for network traffic analysis, intrusion detection, network packet generation, wireless network monitoring, virtual session serving, or a sophisticated network/host scanner. This can all be done without disturbing or modifying any underlying system storage. NST can be up and running on a typical x86/x86_64 notebook in less than a minute by just rebooting NST Live. The notebook's hard disk will not be altered in any way.

NST also makes an excellent tool to help one with crash recovery troubleshooting scenarios and diagnostics.

Latest News

2009-Sep-22
We are pleased to announce the latest NST release: "v2.11.0". This release is based on Fedora 11 using Linux Kernel: "2.6.30.5-43.fc11". The architecture for building an NST distribution has been completely redesigned and engineered. Starting with this release, All system, network and security applications are now included as RPM packages. This allowed us to take advantage of the Fedora Live CD Project for spinning off an "NST Live" distribution. This project will also help make it easier to develop future releases of NST.
We have created redundant repository sites for NST built RPM packages so that an NST system may be upgraded and revisioned via the internet. These capabilities continue to move NST towards being classified as an enterprise grade distribution that is both extensible and maintainable. With previous NST releases, it was difficult for users to add features and scope by compiling source code or adding new applications. Now one can simply YUM install their favorite applications (e.g., compilers, editors, X Window managers, etc...) via the command line or through the NST WUI.
For information on quickly using this new NST release, see the "Getting Started" page on the "NST Wiki".
Here are some of the highlights for this release:
  • The entire NST distribution is RPM based and an NST system can be maintained using reduntant RPM repositories.
  • NST is now extensible. Add new applications with YUM install.
  • "NST Live" allows for read/write rootfs file system access so that new applications can be installed even though it was booted from a DVD device.
  • "NST Live" can be installed to a USB device for creation of a "NST Live USB Disk". One can then boot the "NST Live USB Disk" from a system capable of booting from USB devices.
  • An "NST Live USB Disk" may contain data persistence allowing session information to be maintained across system reboots and/or system moves.
  • For systems that lack a DVD device or can not boot from USB devices, the following solution was created for installation of NST to the system hard disk. The "NST Live" distribution is too big to fit on a CD. An "NST Minimal" ISO is provided and was designed to fit on CD media. One can boot the "NST Minimal" ISO, perform a hard disk installation using the NST script: "nstliveinst" and then YUM install the "nst-live" RPM package to completely build out the full NST distribution.
  • A new NST script: "nsttraceroute" has been created that Geocodes output from the traceroute utility in KML format for rendering with Google Earth.
  • Added 2 network content capture applications: "driftnet" and "tcpxtract". Driftnet is used to capture and display graphic images (i.e., GIF, JPEG and PNG). TCPxTract is used to capture complete documents including PDF or Microsoft Word docs.
  • The Multi-Tap Network Packet Capture page has been enhanced with the integration of ngrep and dsniff.
  • Many new applications have been added to this distribution release. Previous existing networking and security applications have been updated to their latest revision.
2009-Jan-08
We are pleased to announce the latest NST release: "v1.8.1". This release is based on Fedora 8 using Linux Kernel: "2.6.26.8-57.fc8".
Here are some of the highlights for this release:
  • Enhanced the management of snort IDS systems via the NST WUI. It is much easier to setup a federation of snort IDS sensors with backend mysql IDS collector(s).
  • The addition of the "WebDAV Resources" packages. This allows interacting with devices such as the Apple iPod touch using the Air Sharing application.
  • Major updates to nmap and its related tools including better support in the NST WUI for managing nmap results.
  • Added access terminal server functionality using minicom from the NST WUI. This allows one to manage and connect to many serial ports remotely.
  • Enhanced the monitoring of serial data streams using the NST WUI. This includes detailed documentation and diagram.
  • Support for saving and loading packet capture and display filters in the single and multi-tap network packet capture sections of the NST WUI.
  • Added support scripts for using a USB modem to connect to the Sprint PCS Mobile Broadband service.
  • Updated the NST WUI with support for taking GPS enhanced kismet capture files and producing KML output files which can be viewed in Google Earth or Google Maps.
  • Many clean ups and minor enhancements have been made to the NST WUI.
  • As always, the networking and security applications included have been updated to their latest version (See the "Change Log" page for individual package updates).
Old News
Follow this link for old news.
Getting
Started
-- Or --
Network Security
Latest NST Changes
  NST Change Log  

In The News
2009-Jan-21
NST in top 10 Virtual Appliance list: Most popular VMWare Virtual Appliances for IT Administrators
2008-Jul-23
Network Security Toolkit distribution aids network security administrators
2008-Feb-08
Tom Bowers' Network Security Toolkit presentation at SearchSecurity.com.
2006-Jun-15
SECURITY MATTERS NST Goes Virtual Too
2005-Dec-01
Toolkits: All-in-one Approach to Security
2004-Dec-08
Tutorial on Installing and configuring Snort on Fedora core 2: An Intrusion Analyst's, developer's & a researcher's perspective
2004-Dec
A Bootable Network Security Toolkit
2004-May-2
Wilders Security Forums
2004-Apr-30
GEEK.com
2004-Apr-30
Insecure.Org
2004-Apr-28
Windows & .NET Magazine

CRYPTOGRAPHY DISCLAIMER

EXPORT/IMPORT AND/OR USE OF STRONG CRYPTOGRAPHY SOFTWARE, PROVIDING CRYPTOGRAPHY HOOKS OR EVEN JUST COMMUNICATING TECHNICAL DETAILS ABOUT CRYPTOGRAPHY SOFTWARE IS ILLEGAL IN SOME PARTS OF THE WORLD. WHEN YOU IMPORT THE PREBUILT NST ISO TO YOUR COUNTRY, RE-DISTRIBUTE IT FROM THERE OR EVEN JUST EMAIL TECHNICAL SUGGESTIONS OR EVEN SOURCE PATCHES TO THE AUTHOR OR OTHER PEOPLE YOU ARE STRONGLY ADVISED TO PAY CLOSE ATTENTION TO ANY EXPORT/IMPORT AND/OR USE LAWS WHICH APPLY TO YOU. THE AUTHORS OF NST ARE NOT LIABLE FOR ANY VIOLATIONS YOU MAKE.