Track security vulnerabilities with Network Security Toolkit

Web-Based: WUI

Because the tools listed in the menus by no means reflect the complete inventory of tools – including all of these applications would clutter the menus – the NST developers have outsourced most of the packages to what they call the Web User Interface (WUI), which can be opened in any browser.

To use this interface, you first need to modify the authentication data on the NST system. This is done in the terminal with the nstpasswd command or alternatively in the splash screen by clicking on the Set NST System Passwords button. Customizing the authentication data in the terminal at the same time starts the SSH and HTTPS servers so that you can log in from remote machines over an encrypted connection. When you install on a hard disk, you only need to change the authentication data once; if you rely on an optical disk as the boot medium, you need to create passwords at each restart.

Next, open the web browser, which already has the NST interface as its home page, and enter the authentication data that you defined previously. If you want secure access instead of the open HTTP connection you are offered, go to https://127.0.0.1:9943. The insecure connection uses port 9980.

In the rustic-looking overview window of the toolkit (Figure 3), you will find data and instructions at the bottom and a menubar at the top. It contains the individual tools in hierarchically organized submenus. For command-line tools, you get a terminal display with the appropriate input and output below the menubar, in many cases supplemented by context-sensitive information.

Figure 3: It may look frumpy, but it is functional: the main window of the NST web-based interface.

From the Docs menu, you can reach the comprehensive program documentation. Some is available in wiki format; other parts deal with specific scripts and explain the use of the Toolkit. You will also find contact links for the developers, as well as lists of existing packages.

The Tools menu adds system tools to the desktop. These include file converters, terminals, and editors, as well as developer tools. The System menu holds applications for system configuration and customizing services such as CUPS or Apache. You will also find expansions and updates for NST and can launch the installers from here if necessary. You do not typically need to configure the services. This menu also includes tools for virtual environments, viewers for logfiles, and various file managers.

The Network menu deals with network-specific problems. Here you will find monitoring software and analysis programs, various applications for NFS and CIFS services, and various tools for WiFi. The Security menu contains numerous security applications, broken down into intrusion detection systems (submenu Intrusion Detection), active and passive network scanners, and virus scanners.

The toolbox includes EtherApe, Hping, InetVis, OpenVAS, Nikto, Nmap, and Xprobe 2, as well as virus scanners for use in heterogeneous environments, ClamAV, ClamWin, McAfee, and Norton. This is also where you will find references to useful information.

The Geolocation Tools section is where NST organizes programs that let you locate and display individual computers or entire networks around the globe – and in a visually appealing way. Various tools for generating hashes and passwords complete the offering.

The Database submenu is far less extensive, focusing on tools for MySQL and MariaDB databases. The last menu item on the right, an X, summarizes the above-mentioned groups and integrates individual applications for network and system management from the standard Mate menu (Figure 4).

Figure 4: The menus in NST are generally well filled and include many important tools out of the box.

Directly above the menubar, you'll see several buttons on the left; of these, the screen button at the edge of the screen opens a view with the documentation and – grouped by the menu labels – also shows the applications as executable links in a table view. Here, you will find some basic statistical data, such as the number of users logged on to the system and the number of running processes. You can also call the applications grouped here directly via the links. This eliminates the long-winded approach via the very full menus.

Unique Selling Points

IT security does not need to be a boring affair at the command line, reserved only for geeks – as NST proves with its geolocation option. It lets you determine the locations of various hosts between which connections exist and shows a world map where changes appear almost in real time. This is all based on Google services, proprietary scripts, and databases, as well as Traceroute and Ntop.

Discovering locations is a convenient process in the web-based interface – no need to type console commands. The wiki explains in detail what geolocation features NST offers and how to use them [4]. Screencasts get newcomers off to a good start (Figure 5).

Figure 5: Visualizing connections with NST's geolocation features.

Performance

Beginners and less experienced admins might feel overwhelmed on first contact with NST because of the vast range of applications. The menu structure in the WUI, which is quite complicated in part, can present a considerable learning curve, especially for less experienced users searching for a particular application. To mitigate this shortcoming, there is an optional simplified interface, which you can access from the splash screen by pressing the NST WUI (Simplified) button.

The routine branches to a list view with only four groups of tools: Network Tools, System Information, System Administration, and Serial Port Tools (Figure 6). Because the developers have also cleaned up the subgroups here, this view is much better suited for getting started.

Figure 6: The simplified NST WUI view.

More intuitive names for the subgroups help you find specific tools faster: For example, the Network Tools group includes the subgroups Network Sniffer, Network Scanning, and Network Monitoring. Network Penetration Testing takes you to applications for performing security checks. Thanks to this view, both new and experienced users can start production operations with the applications within a very short time.

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Network Security Toolkit Gets General Overhaul

    The Network Security Toolkit (NST), a live DVD with countless security tools, is available in version 2.11.0. Much of the work focused on the installation and update mechanisms.

  • Web Security Dojo

    Protecting your own websites from attack either costs a lot of money or requires a lot of expertise. Web Security Dojo helps you learn to think like an expert.

  • YaST

    One of the highlights of openSUSE is YaST, the Swiss Army knife of configuration tools for Linux. YaST will help you with everything from managing hardware to configuring users.

  • BackTrack

    The BackTrack live distribution lets you act like an intruder to test your network’s security.

  • Wifislax 4.6

    Almost every wireless LAN has some potential security weaknesses. The Wifislax Slackware derivative helps detect and eliminate them.

comments powered by Disqus

Direct Download

Read full article as PDF:

News