Tuesday, December 13, 2011

DIY: Get top-quality open source security tools in one distro


Takeaway: Once you use the open source Network Security Toolkit distribution, Jack Wallen predicts you’ll wonder how you ever did without it.
If you could have one point of contact for network security, what would it be? I’m not talking one piece of hardware that you must deploy on your network; I’m talking about one toolkit that offered you everything you needed for tracking down problems and securing, analyzing, monitoring, and validating your network. After you read about the Network Security Toolkit (NST), I think it just might be your top pick.

What comes with NST

The NST contains a lot of powerful tools that you won’t find in other distributions. Here are some of the tools that come with NST:
  • Aircrack NG: A wireless sniffer and WEP/WPA-PSK key cracker
  • Airsnort: A wireless LAN (WLAN) tool that recovers encryption keys.
  • Amap: A next-generation scanning tool that identifies applications and services even if they are not listening on the default port by creating a bogus communication and analyzing the responses.
  • Argus/Argus-Clients/Argus-Monitor: An audit record generation and utilization system
  • Arp-Scan: A scanning and fingerprinting tool
  • Arpwatch: Network monitoring tools for tracking IP addresses on a network.
  • Awstats: Advanced Web statistics
  • Bandwidthd: Tracks network usage and builds HTML and graphs
  • Beecrypt: An open source cryptography library
  • Bit-twist: A simple yet powerful libpcap-based Ethernet packet generator
  • BlackOwlMIBBrowser: A Visual SNMP MIB browser with MIB variable graphing.
  • Cadaver: A command-line WebDAV client
  • CheckDNS: A Domain Name Server analysis and reporting tool
  • Chkrootkit: A tool to locally check for signs of a rootkit
  • ClamAV: Antivirus
  • Conntrack-tools: Tools to manipulate netfilter connection tracking table
  • DNScap: A DNS traffic capture utility
  • DNSenum: The tool gathers as much information as possible about a domain.
  • DNSmap: A network tool that performs brute force search/query of domains.
  • DNSwalk: A DNS debugger
  • Dsniff: Tools for network auditing and penetration testing.
  • Etherape: A graphical network viewer modeled after etherman.
  • Firewalk: Active reconnaissance network security tool.
  • Foremost: Recover files by carving them from a raw disk.
  • Freeradius: A high-performance and highly configurable free RADIUS server
  • Fwbuilder: A firewall builder
  • Geoclue: A modular geoinformation service
  • GPGme: GnuPG Made Easy — a high level crypto API
  • Greenbone-Security-Assistant: A Web-based interface to the Open Vulnerability Assessment Scanner
  • GSD: A desktop (GUI) interface to the Open Vulnerability Assessment Scanner
  • Honeyd: A honeypot daemon
  • Hunt: A tool for demonstrating well-known weaknesses in the TCP/IP protocol suite.
  • Kismet: Kismet is an 802.11 layer2 wireless network detector, sniffer, and IDS.
  • Mbrowse: A GUI SNMP MIB browser
  • Nagios: Nagios monitors hosts and services and yells if something breaks.
  • NBTScan: A tool to gather NetBIOS info from Windows networks.
  • Netmask: A utility for determining network masks.
  • Netwag: The GUI for the network toolbox Netwox
  • Nload: Monitor network traffic and bandwidth usage in real-time.
All of this network administrator and security goodness isn’t packed into a command-line only Linux distribution; NST is based on Fedora 15 and sports the GNOME 3 interface, which means you’ve got both command line and full-blown GUI tools at your disposal. If your hardware won’t support GNOME 3 (or you don’t like the newest iteration of GNOME), you can opt to fall back to Classic GNOME (Figure A).
Figure A

You can choose from one sub-menu full of network tools.

Installing NST

The installation of NST is as simple as any Linux live distribution install. (Note: This installable distribution can be run as a Live distro, from a virtual machine, or from a USB device.) Download the latest ISO image, burn the image to a DVD, insert the DVD, and boot. When you see the boot menu (Figure B), select either the console or graphical boot options, and let it boot.
Figure B

If you want to test your install media, select Verify and Boot.
Once the login prompt appears, select the default Live user and then enter the password nst2003 to authenticate. After the Live distribution has completely booted, you can test it out or immediately jump to the installation. To install to the hard disk, go to Applications | System Tools | Install NST To Hard Drive. The installation shouldn’t be troublesome to anyone who has installed an operating system.
After installation is complete (or the live version is up and running), it’s time to start checking out the tools. You will find hundreds of available tools on this desktop to help you monitor, secure, analyze, and do just about anything else you need on your network. In fact, there are so many tools included with this distribution that you will want to either look up each individual application or start by checking out the NST Wiki Howtos for information on specific tasks.

Conclusion

Once you start using NST, I bet you’ll be wondering how you ever did without it. It could also potentially save your company a tremendous amount of money. I encourage you to deploy this distribution into your network, and see if it improves your security and saves you time and money.
Get IT Tips, news, and reviews delivered directly to your inbox by subscribing to TechRepublic’s free newsletters.

No comments:

Post a Comment