Network Security Toolkit (NST)

Some of the older news - which has manually scrolled off the front page.

Old News

2013-Apr-13
We are pleased to announce the latest NST release: "NST 18 SVN:4509". This release is based on Fedora 18 using Linux Kernel: "3.8.6-203.fc18". This is the most robust and stable release of NST to date. Significant effort has been devoted to integrate "systemd" service control support with all network services applications thus providing enhanced management and flexibility when using the NST WUI.
Here are some of the highlights for this release:
NST Network Bandwidth Monitor: Firewall Dirty Side
2012-Sep-03
We are pleased to announce the latest NST release: "v2.16.0-4104". This release is based on Fedora 16 using Linux Kernel: "3.4.9-2.fc16". This is a interim release which includes all of the NST and Fedora 16 package updates since 2012-Feb-27 rolled into a fresh ISO image. If you are building your own NST yum repository or have a subscription to the NST PRO yum repository, you may not need this ISO image as you should be able to simply yum update you NST system(s).
Here are some of the highlights for this release:
NST and CloudShark - Multi-Tap Network Packet Capture Setup
2012-Feb-27
We are pleased to announce the latest NST release: "v20". This release is based on Fedora 16 using Linux Kernel: "3.2.7-1.fc16" .
Here are some of the highlights for this release:
2011-Aug-09
We are pleased to announce the latest NST release: "v20". This release is based on Fedora 15 using Linux Kernel: "2.6.40-4.fc15 - Rebased from latest Linux Kernel: 3.0" .
Here are some of the highlights for this release:
2011-Jan-22
The NST project team is excited about a offering new enhancement service for NST users called NST Pro. NST is a large distribution which requires signifcant effort to maintain and develop. We have offered free maintenance and new feature development since 2003. This will continue, but access to NST updates and the introduction of features and application integration will be delayed for the general public NST user. We feel that the best way to continue to enrich NST and and keep the project current is to offer NST Pro as a subscription based service.
Summary of NST changes with the release of the NST Pro service: Thank you for your support and consideration in purchasing an NST Pro subscription.
Summary for the NST13 (v2.13.0-1713) maintenance release:
2010-Oct-06
We are pleased to announce the latest NST release: NST13 (v2.13.0) which is based on Fedora13 using Linux Kernel: 2.6.34.7-56.fc13. The release has focused on building a framework for the geolocation and rendering of network entities including the management and configuration of back-end geolocation methods and database repositories.
Here are some of the highlights for this release:
2010-Aug-05
Finalizing NST Release:13 (v2.13.0) is proceeding at a slower pace than we had anticipated. This release will include many geolocation enhancements for both Wireshark and Ntop. One can now geolocate Wireshark IPv4 Address conversations or Ntop hosts on a Mercator World Map projection or on an Earth Browser (i.e., Google Earth). See the Overview page on the NST Wiki Site for hourly generated maps demonstrating the Ntop hosts geolocation implementation.
Another major enhancement will be the inclusion of a Subversion (SVN) Manager. From the NST WUI one can easily generate and manage an SVN repository. Administrative tasks for backing up all repositories and configuring users are also provided.
2009-Sep-22
We are pleased to announce the latest NST release: "v2.11.0". This release is based on Fedora 11 using Linux Kernel: "2.6.30.5-43.fc11". The architecture for building an NST distribution has been completely redesigned and engineered. Starting with this release, All system, network and security applications are now included as RPM packages. This allowed us to take advantage of the Fedora Live CD Project for spinning off an "NST Live" distribution. This project will also help make it easier to develop future releases of NST.
We have created redundant repository sites for NST built RPM packages so that an NST system may be upgraded and revisioned via the internet. These capabilities continue to move NST towards being classified as an enterprise grade distribution that is both extensible and maintainable. With previous NST releases, it was difficult for users to add features and scope by compiling source code or adding new applications. Now one can simply YUM install their favorite applications (e.g., compilers, editors, X Window managers, etc...) via the command line or through the NST WUI.
For information on quickly using this new NST release, see the "Getting Started" page on the "NST Wiki".
Here are some of the highlights for this release:
2009-Jan-08
We are pleased to announce the latest NST release: "v1.8.1". This release is based on Fedora 8 using Linux Kernel: "2.6.26.8-57.fc8".
Here are some of the highlights for this release:
2008-Jun-27
We are pleased to announce the latest NST release: "v1.8.0". This release is based on Fedora 8 using the Linux Kernel: "2.6.25.6-27.fc8". Here are some of the highlights for this release:
2008-Jun-12
Its been a long haul, be we have finally completed most of work on the new additions and enhancements to the NST WUI. We encourage NST v1.5.0 users to give it a spin (look for the: "NST WUI Update Management" link on the NST WUI index page).
While we will continue to clean up and refine the NST WUI, we are now concentrating on nailing down the v1.8.0 release.
2008-Mar-01
Our revamp of the NST Web User Interface (WUI) is still on going. We have added a new menu based navigation system to both the NST WUI and Web Site. We are thinking two months until the next release (which will be based on Fedora 8). Here are some of the things you may be interested in:
2007-Nov-13
Our revamp of the NST Web User Interface (WUI) is taking a long time (We are greatly enhancing the documentation via the use of DOM Tooltips). We still don't have an estimate for the next release (which will be based on Fedora 7), but we have had several users build there own ISO images via notes found on the: "NST Wiki".
2007-May-30
There have been two NST development tracks currently underway over the last few months:
  1. Enhancements to the NST WUI which is complete.
  2. Porting NST to FC6 which is now almost complete.
2007-May-30
A new stable update for the NST WUI management interface is now available for the NST v1.5.0 release. This update includes many enhancements to the Network Packet Capture Interface and bug fixes to the NST WUI. See the README associated with the update for further details. Use the "System" => "NST WUI Update Management" page for installation.
2007-Mar-15
A stable update for the NST WUI management interface is now available for the NST v1.5.0 release. This update include many enhancements and bug fixes to the NST WUI. See the README associated with the update for further details. Use the "System" => "NST WUI Update Management" page for installation.
2007-Feb-25
We have just added an NST Wiki site. NST users please feel free to setup an account and share your experiences, advice and/or interesting topics associated with the NST distribution.
2007-Feb-23
The shell services at SourceForge have been down for the past 11 days. Unfortunately this occurred right in the middle of the NST 1.5.0 release. While we have been unable to update the web server during this time period, we were able to upload the files associated with the 1.5.0 release. These files, as many of you have already discovered, have been available for the past 11 days. We will finalize the release today by updating the on-line documentation files at the web server (what you are reading now).
2007-Feb-12
We are pleased to announce the latest NST release: "v1.5.0". This release is based on Fedora Core 5 using the Linux Kernel: "2.6.18-1.2257.fc5". Here are some of the highlights for this release:
2007-Feb-1
We're closing in on the v1.5.0 release. We are currently in the testing and review stage and anticipate finishing up in a few weeks.
2006-Aug-17
We are pleased to announce the latest NST release: v1.4.2. This release is based on Fedora Core 4 using the Linux Kernel: 2.6.17-1.2142_FC4 or 2.6.17-1.2142_FC4smp. Many new NST WUI features and capabilities have been included with this distribution:
2006-July-18
NST has transitioned from the network protocol analyzer: Ethereal to the new Wireshark version: 0.99.2. This will be available in the pending NST v1.4.2 release.
2006-July-13
We've moved the web site to a new web hosting service. The site may be temporarily unreachable during the 13th-14th as we make the move.
2006-June-22
We've made it possible to download the Network Security Toolkit (NST) Virtual Machine v1.4.1 using a normal browser from the SourceForge Files Page as well as using the Torrent method provided at the VMware website.

Download NST Virtual Machine
2006-June-5
The latest NST release: v1.4.1 is now available as a VMware virtual machine download. See the Network Security Toolkit (NST) Virtual Machine page at the VMware website to download.


This release is based on Fedora Core 4 using the Linux Kernel: 2.6.16-1.2108_FC4 or 2.6.16-1.2108_FC4smp. Some of the highlights for the new release include:
2006-Apr-30
It had taken awhile, but we have a much better understanding of what is required to make the NST run well within a VMware virtual machine. We will be including a new nstvmware script in the 1.4.1 release as well as the necessary VMware modules and tools to enhance the performance of the NST when run from within VMware.
2006-Mar-01
We are pleased to announce the latest NST release: v1.4.0. This release is based on Fedora Core 4 using the Linux Kernel: 2.6.15-1.1831_FC4 or 2.6.15-1.1831_FC4smp. Many new NST WUI features and capabilities have been included with this distribution: Most networking and security applications have been updated to their latest version.
2006-Feb-07
We are still testing the 1.4.0 release. Things are progressing well.
2006-Jan-11
Before we finished the 1.4.0 release, we decided that we would update the source code to support the x86_64 architecture as well as the i386 architecture. This has resulted in a considerable delay in finishing the 1.4.0 release. This is due to the fact that Ron and have been going through what we call dog days where we update and test hundreds of scripts to support non-Intel architectures. We had hoped to finish by the end of January, but this is optimistic.
2005-Nov-06
We are closing in the 1.4.0 release of the NST (maybe within the next 30 days). It took us awhile to get everything up and running under Fedora Core 4, but we are satisfied that it was worth the effort. Ron is really excited about his enhancements to the network capture page in the NST WUI (its a really good sign when Ron gets excited about a network tool).
2005-Sep-09
We have started the process of moving the NST to Fedora Core 4 from Fedora Core 2. We are not certain how long the transition will take. Please be advised that the manifest for the NST under development (1.4.0) will be in a state of flux. Please refer to the 1.2.3 manifest for a list of tools available on the released ISO image.
2005-Sep-05
We are pleased to announce the 1.2.3 release of the NST. We have spent a considerable amount of time enhancing the management capabilities of the NST probe in addition to bringing the security tools up to date. In particular:
2005-Aug-10
We are steadily closing in on the 1.2.3 release and expect it to occur in roughly three weeks. In addition to the normal freshening and adding of packages, we've been spending a lot of time enhancing the management features of the NST with custom scripts and a lot of new web based management pages. Review the change log for more details.
2005-May-10
A new article/tutorial on using the NST on a wireless network is available (click here to view article). This article will be of most interest to those that use the NST in a wireless LAN environment.
2005-Apr-16
We have finished up our testing and are releasing version 1.2.2 of the NST. You should be able to download the newest version once it makes it way out to the SourceForge mirrors.
2005-Apr-11
We are closing in on the 1.2.2 release of the NST. There have been many more enhancements and updates - see the change log for details. The major highlights include:
2005-Mar-25
We are starting to standardize the way in which scripts are written for the NST project. As a result, the documentation for these scripts will be accessible on-line.
2005-Feb-12
We are pleased to announce the release of v1.2.1 of the NST. There have been a lot of package updates and additions since v1.2.0 and you are encouraged to give it a spin.
2005-Feb-05
We are closing in on the 1.2.1 release. There have been many package updates and additions. Feel free to browse the change log for details of what's coming.
2004-November-19
We are pleased to announce the release of v1.2.0 of the NST. This is the first public release of the NST based upon the Fedora Core 2 distribution. You will find many additions in this release. The change log has details about what has changed since v1.0.6. In general:
2004-October-14
We are getting closer to a Fedora Core 2 NST v1.2.0 release. A significant number of packages have been added to this NST distribution. We are now using the transparent-compression ISO 9660/Rock Ridge filesystem which has allowed us to use almost double the CDROM disk capacity. We've also added a Screen Shots section to the web site. Expect to see things like PostgreSQL, the BASE interface for snort, @jreLink("Java run time support"), the ability to install NST to a hard disk partition, and a lot more in the v1.2.0 release.
2004-September-21
A lot of progress has been made towards the v1.2.0 release. We have a pretty solid build going. In addition to the Fedora migration, we have updated the window manager to fluxbox, we have added a nsthdinstall script allowing one to install the NST to a hard disk partion, and have starting looking at several other packages which one might find handy while working on network security.
2004-August-27
This release v1.0.6 is mostly a maintenace distribution. Significant work was done on making the nessus network security scanner application easy to use from both the command line and NST Web User Interface (WUI). The latest versions of snort, ethereal, and nmap are including in the ISO.
2004-July-11
We are releasing the 1.0.5 version of the NST. There have been MANY updates and additions - you can check the change log for details. IMPORTANT: This release starts the 'No Default Password' policy. If you simply fetch ISO image and burn it to disk, you will be prompted to set the password each time you boot the CD. You can avoid this by specifying a custom password PRIOR to burning the ISO image to disk. Refer to the Using the Network Security Toolkit and FAQ for additional details.
2004-May-4
The popularity of the NST and relatively large size of our documentation files, were causing us to hit our bandwidth limit. As a result, we have had to relocate many of the larger documents to the http://nst.sourceforge.net/nst/ mirror. If you have any bookmarks to documentation, you will want to reset them (otherwise the information you view will be dated - and eventually disappear).
2004-Apr-26
Added the ability to create MD5 message digest information for current and future released files. This includes both the NST ISO and source files. The MD5 digests are located under the associated Manifest release.
2004-Apr-26
In the NST Using documentation, a new section on 'Getting Started' was written by Paul.
2004-Apr-23
In the NST Using documentation, the section: 'NST Scripts: Kismet' was completed.
2004-Apr-18
In the NST Using documentation, the section: 'VPN: PPP Tunneled Over SSH Effective Throughput Rate Discussion' was completed.
2004-Apr-17
The NST project was mentioned on the front page of http://www.snort.org/ - it has triggered quite a bit of interest in the project. I'm sure it's nothing in comparison to what a site like snort experiences - but still, its exciting and encouraging for the developers working on this project.
2004-Apr-06
NST Version: 1.0.4 has been released. A NST ISO image file and the source code for building version 1.0.4 of the NST distribution is now available at SourceForge.net for download. This was released a little bit earlier than planned. We felt that improvements by the ethereal, snort and ntop developers as well as additional security patches from RedHat made the release worthwhile.
2004-Mar-16
NST Version: 1.0.3 has been released. A NST ISO image file and the source code for building version 1.0.3 of the NST distribution is now available at SourceForge.net for download.
2004-Mar-15
Due to a manifest problem that surfaced during the build of NST v1.0.2, we will be re-releasing a new build (NST v1.0.3) shortly. Please be patient and wait for the new release before downloading
2004-Feb-14
Paul finally finished a Getting Started with snort and ACID section in the User's Guide. Ron's been creating scripts and documentation for using two NSTs to build a VPN. He's been busy measuring throughput and creating some beautiful diagrams.
2004-Jan-19
Paul spent a lot of Sunday, setting up a system with Fedora and was excited to see how far he got in the NST build process. He was able to produce a bootable CD image without changing the NST source code, he was even able to log in as root after booting the new CD. However, the sshd and httpd servers did not come (probably missing some shared library).
2004-Jan-07
Added a Internet utility at the main web site (http://www.networksecuritytoolkit.org/nst/tools/ip.php) which provides a simple mechanism to allow one to create cron jobs to track the IP address (as seen by the Internet) of hosts which are behind a firewall. See the Check IP page for more information.
2003-Dec-05
NST Version: 1.0.1 has been released. A NST ISO image file and source code for building the NST distribution is available at SourceForge.net for download.
2003-Nov-25
Ron talked Paul into adding a HTML interface for ntop prior to the next release. In addition, Paul came across the firefox browser, which is a bit slow to load, but full featured.
2003-Nov-22
Paul has been working on a simple HTML interface to the snort and MySQL scripts which Ron has prepared (Ron made it trivial to setup both MySQL and snort). Paul is very impressed at the power of Open Source software like MySQL, snort, the phpMyAdmin interface for MySQL and the ACID interface for snort.
2003-Oct-28
Paul has been playing with more HTML for the Web User Interface (and has even tried to document the process in the Technical manual). Has really been fighting with httpd, sudo and xinetd to provide a means to configure a NST probe such that one can use telnet to run minicom and Ron's monitor_serial program. Its working to some degree, but does seem to have issues if the telnet connection is closed (sometimes the underlying process doesn't clean up). However, its at least worth playing with.
2003-Sep-30
The source tree is close to stable now. We are in the process of adding additional security packages and Paul has a decent start at a web based user interface for some of the common NST tasks. He's almost to the point of wanting to have the httpd daemon start up automatically on a default boot.
2003-Sep-25
Ron made the mistake of adding the kismet package to the NST distribution. He's been having too much fun driving around his neighborhoods mapping out all of the 802.11b access points. Its scary to see how few people enable WEP.
2003-Aug-06
Skeleton scripts for automating the building of NST and its associated documents are in place. Now we just need to flesh them out.
2003-Aug-04
The laddswap command was added to scan the hard disk for available Linux swap partitions. The following demonstrates its usage:

[root@probe root]# laddswap
 
*** Swap space prior to adding...
/sbin/swapon -s
Filename                        Type            Size    Used    Priority
 
*** Detecting existing swap areas...
 
*** Swap space after adding...
/sbin/swapon -s
Filename                        Type            Size    Used    Priority
/dev/hda8                       partition       538136  0       -1
[root@probe root]# free
             total       used       free     shared    buffers     cached
Mem:        319792     203220     116572          0       2060     180020
-/+ buffers/cache:      21140     298652
Swap:       538136          0     538136
[root@probe root]#