Linux Network Security Toolkit (NST) for Fedora 40
Kernel Version: 6.8.9-300.fc40.x86_64 Type: x86_64
NST Version: 40
NST Build Date: Sun May 12 18:52:30 UTC 2024
Authors: Ronald W. Henderson and Paul Blankenbaker

Welcome to the Network Security Toolkit (NST). This bootable ISO live USB flash drive (NST Live) is based on Fedora. The toolkit was designed to provide easy access to best-of-breed Open Source Network Security Applications and should run on most x86_64 platforms.

The main intent of developing this toolkit was to provide the security professional and network administrator with a comprehensive set of Open Source Network Security Tools. The majority of tools published in the article: Top 125 Security Tools by INSECURE.ORG are available in the toolkit. An advanced Web User Interface (WUI) is provided for system/network administration, navigation, automation, network monitoring, host geolocation, network analysis and configuration of many network and security applications found within the NST distribution. In the virtual world, NST can be used as a network security analysis validation and monitoring tool on enterprise virtual servers hosting virtual machines.

When booted in the default manner, there is no password set for the "root" and "nst" user accounts (just hit enter to log in). Remote access ("SSH" on port 22 and "HTTPS" on port 9943) to the running NST probe will be disabled until system passwords are set and services enabled via the "nstpasswd" script.

Access methods to a running NST probe:

If you do not know the IP address assigned to the running NST probe, you can use the "ifconfig" config command to determine it.

Use the NST script: "nstliveinst" for installation of NST Live to a hard disk

Notes below contain summary briefs on NST aliases, functions, and custom scripts.


The following aliases are available to get various services up and going quickly (Note: some default settings may not apply to your environment. Please review associated configuration files prior to starting a service):

Change to directory: "/etc/sysconfig/network-scripts" for manual IP configuration settings.
Run minicom on /dev/ttyS0 4800 none81.
Run minicom on /dev/ttyS0 9600 none81.
Run minicom on /dev/ttyS0 19200 none81.
Run minicom on /dev/ttyS0 57600 none81.
Run minicom on /dev/ttyS0 115200 none81.
A fast halt and shutdown the NST system now.
Start a VNC server session at: probe:6.0. see: "nstvncadmin --help" for advance VNC server setup.
A quick way to start an X Window session.
Reapply the administrative password, update all NST menus and apply all "NST Tweak" scripts after a "major" update to the NST system.
Mount USB flash RAM device: "/dev/sda1" @ /mnt/flash0



This function finds all files of size or greater and list them in descending order by size.

  Usage: lsfindfilesize FINDDIR FILESIZE

  Where: FINDDIR  - Start file find from this top level directory
         FILESIZE - Find all files of this size or greater in KiloBytes (KB)

         lsfindfilesize /usr 400
-rw-r--r--  1 root root 1096328 Mar 18  2005 /usr/lib/
-rwxr-xr-x  1 root root  468940 Sep 30  2005 /usr/bin/mkisofs


This function will start the ssh-agent daemon (if it hasn't already been started) and update the necessary environment variables such that any future use of ssh-add and/or ssh will be able to make use of the ssh-agent daemon. This is done such that all logins will be able to share the same instance of the ssh-agent (you only need to execute this the first time you login).


This function will facilitate a system move and shutdown when your NST system is booting from writable and removable media (such as a USB memory stick), it will likely persist information between boots. If you then move the installation to new hardware, it is likely that the persisted information (e.g., MAC Address) will be incorrect for the new hardware. It removes hardware specific configuration files so that they will be recreated at boot time. You will be prompted prior to moving and shutting down the NST system. See the NST script: "nstboot --help" for more information.


This function will display the NST README in HTML format if the HTML version of the README file is available. If not, the text version of the README file will be displayed via the less utility.

Scripts Found In: /root/bin


This script will create a RAM disk on the NST probe system. Type: "create_ramdisk --help" to display its usage.


This script will create a 64MB RAM disk at mount point: "/dev/ram4" on the NST probe system. It calls script: /root/bin/create_ramdisk with the following: "/root/bin/create_ramdisk -s 64 -d /dev/ram4"

Other Useful NST Scripts:


This script creates one or more zero filled files of a specified size.


        Usage: mkfile size[k|m] filename1 filename2 ...

        This script creates one or more zero filled files of a
        specified size. The file size will be a multiple of 1024.

        Example:  /sbin/mkfile 22m /tmp/largefile

          - This will create the zero filed file: /tmp/largefile
            with a size of: 23,068,672 bytes (22MByte file).


This script allows one to update the authorized_keys files for multiple users on multiple hosts with a single invocation. Use the following for additional information:

ssh-auth-keys --help | less


This simple utility returns the IP address of the selected interface. If no interface is specified, all IP addresses configured on this system including the public internet address will be displayed.

Help description for: getipaddr

getipaddr --help | less

Examples for: getipaddr

getipaddr -i eth0

getipaddr -p



This script will continuously display the current NST probe time each second on the same line with scrolling disabled.