|
Linux Network Security Toolkit (NST) for Fedora 8
|
Welcome to the Network Security Toolkit (NST). This bootable ISO CD is based on Fedora 8. The toolkit was designed to provide easy access to best-of-breed Open Source Network Security Applications and should run on most x86 platforms.
When booted in the default manner, access to the running (NST) probe system can be accomplished in the following manner:
If you do not know the IP address assigned to the running NST probe, you can use the "ifconfig" config command to determine it.
Notes below contain summary briefs on NST aliases, functions, and custom scripts.
The following aliases are available to get various services up and going quickly (Note: some default settings may not apply to your environment. Please review associated configuration files prior to starting a service):
***NOTE*** alias lutils must be run first if the NST Linux utility programs are not installed.
This function finds all files of size or greater and list them in descending order by size.
Usage: lsfindfilesize FINDDIR FILESIZE
Where: FINDDIR - Start file find from this top level directory
FILESIZE - Find all files of this size or greater in KiloBytes (KB)
Example:
lsfindfilesize /usr 400
-rw-r--r-- 1 root root 1096328 Mar 18 2005 /usr/lib/libslang-utf8.so.1.4.9
-rwxr-xr-x 1 root root 468940 Sep 30 2005 /usr/bin/mkisofs
|
Use this function to load in a NST site location custom configuration. A USB removable storage device, a file system on a hard disk, or a URL reference can be used to store custom NST probe system configurations for a site. The ${NSTHOME} environment variable will be set. The /root/bin/setup_nst_custom script will be used to find the appropriate location for any custom scripts to run. If the file: ${NSTHOME}/setup.sh is found, it will be sourced.
Usage: lnstcustom SITENAME [ DEV [ FSTYPE ] ]
lnstcustom SITENAME URL
Where: SITENAME - name of subdirectory under ${NSTHOME} of setup
(site name)
DEV - name of dev (default sda1) to mount
FSTYPE - type of file sytem (default auto)
URL - URL of tar.gz file to extract under ${NSTHOME}
Example:
lnstcustom home
lnstcustom home http://192.168.0.2/nst.tgz
lnstcustom work hdd1 ext2
|
This function will start the ssh-agent daemon (if it hasn't already been started) and update the necessary environment variables such that any future use of ssh-add and/or ssh will be able to make use of the ssh-agent daemon. This is done such that all logins will be able to share the same instance of the ssh-agent (you only need to execute this the first time you login).
This function is a quick way to start an X Windows session if a saved X configuration file exists. If not, /root/bin/setup_x will be run to create the X configuration file. The default X Windows display manager is: "fluxbox".
Usage: lx [X system configuration name at site location] |
Note: "lnstcustom SITENAME" must be run first.
This function will display the NST README in HTML format if the HTML version of the README file is available. If not, the text version of the README file will be displayed via the less utility.
This script will look for already defined swap space on the current NST probe system and use it. The 'fdisk -l' command is used to identify all disk drives that currently contain an existing Linux swap partition. All Linux swap partitions found will be used. This command is useful for systems that contain a small amount of physical RAM.
This script will first try to start the klogd/syslogd daemons. Then all installed network devices will be identified by script: /root/bin/auto_modprobe_net. Next the "dhclient" program will be run on interface: "eth0" via the /root/bin/setup_dhcp script. Lastly the loopback interface: "lo" is configured via script: /root/bin/setup_lo.
This script will first try to start the klogd/syslogd daemons. Then all installed network devices will be identified by script: /root/bin/auto_modprobe_net. Next the interface: "eth0" will be configured with IP address: "192.168.1.101" network: "192.168.1.0" via script: /root/bin/setup_net192. Lastly the loopback interface: "lo" is configured via script: /root/bin/setup_lo.
This script initially tries to mount the first detected CDROM drive for installation of the NST Linux utility programs into RAM. The script: /root/bin/auto_mnt_cdrom is used for this task. Next the /root/bin/load_utils script is run to install the full features of a NST system. Lastly the klogd/syslogd daemons are started.
This script loads the correct modules to access the CDROM and then mounts the CDROM to /mnt/cdrom.
This srcipt will try to install all audio device loadable kernel modules (LKM) found based on the results returned from the "/usr/sbin/kudzu -c audio -p" hardware detection utility command.
This srcipt will automatically scan and install the correct device loadable kernel modules (LKM) for use of SATA and SCSI attached disk.
This srcipt will try to install all network device loadable kernel modules (LKM) found based on the results returned from the "/usr/sbin/kudzu -c network -p" hardward detection utility command.
Note: No network devices attached via PCMCIA or USB will be installed via this script. The hotplug facility will handle installation of network device LKM drivers for those attached devices.
This script will first try to start the klogd/syslogd daemons. Then the "sshd" daemon will be started for secure command line access to the NST probe system.
This script will create a RAM disk on the NST probe system. Type: "create_ramdisk --help" to display its usage.
This script will create a 64MB RAM disk at mount point: "/dev/ram4" on the NST probe system. It calls script: /root/bin/create_ramdisk with the following: "/root/bin/create_ramdisk -s 64 -d /dev/ram4"
This script searches the NST distribution for any unresolved symbolic links that point to files or directories that do not exist. The location of the unresolved symbolic links will be printed out. This script is useful for developers of the NST project.
This script loads necessary scsi kernel modules to run the "cdrecord" program for writing iso9660 images to CD-RWs or CD-Rs. Typically this script is used when the NST Linux extended utility programs are not loaded and the CDROM drive has not been mounted. On a single CDROM drive system system, use this script when access to the CDROM drive is needed for recording to CD-RWs or CD-Rs CDs with the "cdrecord" program.
Run the "dhclient" program on interface: "eth0". Then display the IP interface configuration for: "eth0" ("/sbin/ifconfig eth0").
Configure a loopback interface "lo" on the NST probe system. Then display the IP interface configuration for: "lo" ("/sbin/ifconfig lo").
This script is used to setup the MySQL multi-user, multi-threaded SQL database server for the NST distribution. A 64MB RAM disk at mount point: "/dev/ram4" will be created for MySQL's database files at directory location: "/mnt/ram4/var/lib/mysql". A web administration interface using: "phpMyAdmin" for MySQL database is available via the NST Web User Interface (WUI) URL: "https://localhost/nstwui/cgi-bin/server/sql.cgi".
Interface: "eth0" will be configured with IP address: "10.222.222.101", network: "10.222.222.0". Then display the IP interface configuration for: "eth0" ("/sbin/ifconfig eth0").
Interface: "eth0" will be configured with IP address: "192.168.1.101", network: "192.168.1.0". Then display the IP interface configuration for: "eth0" ("/sbin/ifconfig eth0").
This script will start the portmapper and NFSD services on a NST probe system. A default NFS export file system at mount point: "/mnt/ram4" is configured in file: "/etc/exports".
This script will setup NIS client services to attach to a NIS domain.
Usage: setup_nis NIS_DOMAIN |
This script is typically called by the lnstcustom shell function for loading in a NST site location custom configuration. A USB removable storage device (Ex: thumb drive), a file system on a hard disk, or a URL reference can be used to store custom NST probe system configurations for a site. The "${NSTHOME}" environment variable must be set prior to using this script. This script will find the appropriate location for any custom scripts to run. If the file: "${NSTHOME}/setup.tgz" is found, it will be uncompressed.
Usage: export NSTHOME=/mnt/nst/NAME
lnstcustom NAME [ DEV [ FSTYPE ] ]
lnstcustom NAME URL
Where: NAME - name of subdirectory under ${NSTHOME} of setup
DEV - name of dev (default sda1) to mount
FSTYPE - type of file sytem (default auto)
URL - URL of tar.gz file to extract under ${NSTHOME}
Example:
export NSTHOME=/mnt/nst/NAME
lnstcustom home
export NSTHOME=/mnt/nst/NAME
lnstcustom home http://192.168.0.2/nst.tgz
export NSTHOME=/mnt/nst/NAME
lnstcustom work hdd1 ext2
|
This script will manually start PCMCIA services on a NST probe system. PCMCIA services can also be started at NST boot time by using the "NST_PCMCIA" boot parameter.
This script will manually load USB LKMs on a NST probe system. By default this is normally done at NST boot time. The NST "NST_USB" boot parameter is set when a NST probe system is started.
Use this script to setup a VNC server running a virtual X Windows System on a NST probe system at display: ":6" (port: 5906). The default setting is to use a geometry of: "1000x720" with a color depth of: "24". The default X Windows display manager is: "vtwm".
Example 1 (unencrypted method):
Server Side (NST probe) run: /root/bin/setup_vnc -or- lvnc
Client Side run: vncviewer probe:6
|
Example 2 (encrypted method using ssh tunneling):
Client Side run: ssh -p 22 -L 5906:127.0.0.1:5906 root@probe
Server Side (NST probe) run: /root/bin/setup_vnc -or- lvnc
Client Side run: vncviewer 127.0.0.1:6
|
This helper script is used to setup the @xorg_x11Link("X.Org Foundation") X Window System on a NST probe system. If an existing X configuration file can be found under the ${NSTHOME} directory (set by shell function: "lnstcustom") or the directory: "/etc/X11", it will be used. If the X configuration file is not found, the RedHat: "/usr/bin/redhat-config-display -v" X configuration utility program will be started for creation of the X configuration file. A copy of the X configuration file will also be saved under the ${NSTHOME} directory which may found on a removable USB storage device. One can also set the screen size diagonal dimension in inches. The effect of this setting can be used to shrink or enlarge character fonts that scale based on the horizontal and vertical "DPI" (Dots Per Inch) setting for the X display.
Usage:
Usage: setup_x [X system configuration name at site location]
[-d [X Width Pixels] [Y Height Pixels] [Diagonal Inches]]
Note: For larger fonts, fake the actual size of the diagonal screen
dimension in inches to be smaller than it actually is.
Example: /root/bin/setup_x striker -d 1600 1200 18
- Enlarge screen fonts for X display system (striker):
Lets say the actual physical diagonal dimension of the LCD screen
is 20.1 inches with a native "1600x1200" screen resolution.
In this example we would fake the actual LCD screen size dimension
smaller (i.e. 18 inches) to achieve a larger screen font X display
appearance.
|
This script creates one or more zero filled files of a specified size.
Usage:
Usage: mkfile size[k|m] filename1 filename2 ...
This script creates one or more zero filled files of a
specified size. The file size will be a multiple of 1024.
Example: /sbin/mkfile 22m /tmp/largefile
- This will create the zero filed file: /tmp/largefile
with a size of: 23,068,672 bytes (22MByte file).
|
This script changes all of the access passwords (root, ssh keys, http, etc) for the running NST probe. If you downloaded the public ISO from the web site, it is highly recommended that you run this script to change the passwords from their public default values. Use the following for additional information:
nstpasswd --help | less |
This script allows one to update the authorized_keys files for multiple users on multiple hosts with a single invocation. Use the following for additional information:
ssh-auth-keys --help | less |
This script is used to change the hostname of a NST system. All appropriate places within the Linux Operating System will be updated to reflect the hostname change.
nsthostname --help | less |
This simple utility returns the IP address of the selected interface. If no interface is specified, all IP addresses configured on this system including the public internet address will be displayed.
Help description for: getipaddr
getipaddr --help | less |
Examples for: getipaddr
getipaddr -i eth0 172.16.1.44 getipaddr -p 24.33.22.187 getipaddr 127.0.0.1 172.16.1.44 24.33.22.187 |
This script is useful for starting up a USB wireless network adapter that uses the wlan drivers. This script uses the p80211/wlan hotplug policy agent for wlan wireless network adapter registration. The use of this script has the same effect as "hotplugging" a USB wireless network adapter when plugged into a USB port. It has been our experience that the hotplug operation is not always reliable. Therefore if one wants to bring up a USB wireless network adapter during bootup without physically plugging it into the USB port, one can substitute this script to simulate a "hotplugging" event.
Usage: wlan_register [wlan driver]
Default wlan driver: prism2_usb
Default wlan interface: wlan0
|
This script will continuously display the current NST probe time each second on the same line with scrolling disabled.