Network Security Toolkit

Network Security Toolkit (NST) è un live CD  basato su Fedora Core. Il toolkit  è sviluppato per fornire un facile accesso al miglior software open source per la rete. La maggior parte dei sistemi x86 (anche Pentium II) possono diventare strumenti per l’analisi del traffico, monitoraggio reti wireless, server di sistemi virtuali.

Questa nuova versione è la più robusta e stabile tra quelle sfornate e la maggior parte dello sviluppo è stata quello di integrare systemd nel sistema.

Versione 26-9267

Questa versione contiene (in Inglese):

• The Ntopng Hosts page has been enhanced for the geolocation of top active traffic flow connections. The Map below depicts top flow connections emanating from a site in Albany, N.Y. to web and compute cloud services data centers located in Ashburn, Va. (Amazon – AWS) and Cambridge, Ma. (Akamai – Cloud Delivery Platform). A host marker spreading feature allows one to expose flows to load balancing servers at those locations. The combination of host marker spreading with the superimposition of flows is similar to the Etherape application but with the enhancement of geolocation. Flows can be filtered for fine-grained analysis. Each host marker has an associated information window popup that includes nDPI – Ntop Deep Packet Inspection protocol detection, traffic flow rates and the accumulated data sent and received totals. An “Active Flow Connections Editor” is also provided for configuring flow appearance and filter control.
• The Snort IDS NST WUI page now uses the Snorby application for the visual presentation of IDS events. NST Snort integration can simultaneously manage multiple instances of Snort IDS sensors using different rule sets.
• A new NST script: nstringbufcap has been created to facilitate the capturing of network traffic as a service with integration to the NST WUI Single and Multi-Tap Network Packet Captures pages. Both the dumpcap and the netsniff-ng capture engine tools are supported.
• NST 26 supports the OpenVAS open source vulnerability scanner and manager with the Greenbone security assistant. See the NST Wiki page: OpenVAS for details.
• Improved the performance of the NST Network Interface Bandwidth Monitor significantly with the use of the WebSocket and PHP native code. One can now achieve a query rate period in the sub-millisecond range.
• A new NST WUI page for the exploration of zero configuration devices using Avahi which facilitates service discovery on the local network via the mDNS / DNS-SD protocol suite was developed.
• A new NST WUI page for the discovery of UPnP devices on the network using the gssdp-discover utility which implements SSDP was added.
• Added a package for the “Sleuth Kit” library and command suite. The Sleuth Kit is an open source digital forensic toolkit for analyzing file systems, storage devices and smart phones.
• Many NST WUI bug fixes were completed and enhancements were added including PHP 7.1 integration
  As always, the networking and security applications included have been updated to their latest version which can be found in the manifest.
• For more details related to the code changes for this release, refer to the “Change Log” page or review the change log for an individual RPM package.

Risorse

La distribuzione (3,2GB) può essere scaricata da: http://downloads.sourceforge.net/nst/nst-26-9267.x86_64.iso

Il sito web della distribuzione è: http://www.networksecuritytoolkit.org/nst/

Il sito web per sviluppatori è http://sourceforge.net/projects/nst/

Screenshot

Network Security Toolkit 20-5663

Conclusioni

Questa versione è basata su Fedora 26.