Track security vulnerabilities with Network Security Toolkit
Web-Based: WUI
Because the tools listed in the menus by no means reflect the complete inventory of tools – including all of these applications would clutter the menus – the NST developers have outsourced most of the packages to what they call the Web User Interface (WUI), which can be opened in any browser.
To use this interface, you first need to modify the authentication data on the NST system. This is done in the terminal with the nstpasswd
command or alternatively in the splash screen by clicking on the Set NST System Passwords button. Customizing the authentication data in the terminal at the same time starts the SSH and HTTPS servers so that you can log in from remote machines over an encrypted connection. When you install on a hard disk, you only need to change the authentication data once; if you rely on an optical disk as the boot medium, you need to create passwords at each restart.
Next, open the web browser, which already has the NST interface as its home page, and enter the authentication data that you defined previously. If you want secure access instead of the open HTTP connection you are offered, go to https://127.0.0.1:9943
. The insecure connection uses port 9980.
In the rustic-looking overview window of the toolkit (Figure 3), you will find data and instructions at the bottom and a menubar at the top. It contains the individual tools in hierarchically organized submenus. For command-line tools, you get a terminal display with the appropriate input and output below the menubar, in many cases supplemented by context-sensitive information.
From the Docs menu, you can reach the comprehensive program documentation. Some is available in wiki format; other parts deal with specific scripts and explain the use of the Toolkit. You will also find contact links for the developers, as well as lists of existing packages.
The Tools menu adds system tools to the desktop. These include file converters, terminals, and editors, as well as developer tools. The System menu holds applications for system configuration and customizing services such as CUPS or Apache. You will also find expansions and updates for NST and can launch the installers from here if necessary. You do not typically need to configure the services. This menu also includes tools for virtual environments, viewers for logfiles, and various file managers.
The Network menu deals with network-specific problems. Here you will find monitoring software and analysis programs, various applications for NFS and CIFS services, and various tools for WiFi. The Security menu contains numerous security applications, broken down into intrusion detection systems (submenu Intrusion Detection), active and passive network scanners, and virus scanners.
The toolbox includes EtherApe, Hping, InetVis, OpenVAS, Nikto, Nmap, and Xprobe 2, as well as virus scanners for use in heterogeneous environments, ClamAV, ClamWin, McAfee, and Norton. This is also where you will find references to useful information.
The Geolocation Tools section is where NST organizes programs that let you locate and display individual computers or entire networks around the globe – and in a visually appealing way. Various tools for generating hashes and passwords complete the offering.
The Database submenu is far less extensive, focusing on tools for MySQL and MariaDB databases. The last menu item on the right, an X, summarizes the above-mentioned groups and integrates individual applications for network and system management from the standard Mate menu (Figure 4).
Directly above the menubar, you'll see several buttons on the left; of these, the screen button at the edge of the screen opens a view with the documentation and – grouped by the menu labels – also shows the applications as executable links in a table view. Here, you will find some basic statistical data, such as the number of users logged on to the system and the number of running processes. You can also call the applications grouped here directly via the links. This eliminates the long-winded approach via the very full menus.
Unique Selling Points
IT security does not need to be a boring affair at the command line, reserved only for geeks – as NST proves with its geolocation option. It lets you determine the locations of various hosts between which connections exist and shows a world map where changes appear almost in real time. This is all based on Google services, proprietary scripts, and databases, as well as Traceroute and Ntop.
Discovering locations is a convenient process in the web-based interface – no need to type console commands. The wiki explains in detail what geolocation features NST offers and how to use them [4]. Screencasts get newcomers off to a good start (Figure 5).
Performance
Beginners and less experienced admins might feel overwhelmed on first contact with NST because of the vast range of applications. The menu structure in the WUI, which is quite complicated in part, can present a considerable learning curve, especially for less experienced users searching for a particular application. To mitigate this shortcoming, there is an optional simplified interface, which you can access from the splash screen by pressing the NST WUI (Simplified) button.
The routine branches to a list view with only four groups of tools: Network Tools, System Information, System Administration, and Serial Port Tools (Figure 6). Because the developers have also cleaned up the subgroups here, this view is much better suited for getting started.
More intuitive names for the subgroups help you find specific tools faster: For example, the Network Tools group includes the subgroups Network Sniffer, Network Scanning, and Network Monitoring. Network Penetration Testing takes you to applications for performing security checks. Thanks to this view, both new and experienced users can start production operations with the applications within a very short time.
« Previous 1 2 3 Next »
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Latest Cinnamon Desktop Releases with a Bold New Look
Just in time for the holidays, the developer of the Cinnamon desktop has shipped a new release to help spice up your eggnog with new features and a new look.
-
Armbian 24.11 Released with Expanded Hardware Support
If you've been waiting for Armbian to support OrangePi 5 Max and Radxa ROCK 5B+, the wait is over.
-
SUSE Renames Several Products for Better Name Recognition
SUSE has been a very powerful player in the European market, but it knows it must branch out to gain serious traction. Will a name change do the trick?
-
ESET Discovers New Linux Malware
WolfsBane is an all-in-one malware that has hit the Linux operating system and includes a dropper, a launcher, and a backdoor.
-
New Linux Kernel Patch Allows Forcing a CPU Mitigation
Even when CPU mitigations can consume precious CPU cycles, it might not be a bad idea to allow users to enable them, even if your machine isn't vulnerable.
-
Red Hat Enterprise Linux 9.5 Released
Notify your friends, loved ones, and colleagues that the latest version of RHEL is available with plenty of enhancements.
-
Linux Sees Massive Performance Increase from a Single Line of Code
With one line of code, Intel was able to increase the performance of the Linux kernel by 4,000 percent.
-
Fedora KDE Approved as an Official Spin
If you prefer the Plasma desktop environment and the Fedora distribution, you're in luck because there's now an official spin that is listed on the same level as the Fedora Workstation edition.
-
New Steam Client Ups the Ante for Linux
The latest release from Steam has some pretty cool tricks up its sleeve.
-
Gnome OS Transitioning Toward a General-Purpose Distro
If you're looking for the perfectly vanilla take on the Gnome desktop, Gnome OS might be for you.