Using the Network Security Toolkit Ronald Henderson rhenderson@unifiedholdings.com Paul Blankenbaker [email protected] Using the Network Security Toolkit by Ronald Henderson by Paul Blankenbaker Copyright © 2003, 2004 Respective Authors This document provides guidelines for the typical usage of the Network Security Toolkit for common problems. Table of Contents 1. Getting Started ..................................................................................................................1 Check the System Requirements................................................................................1 Downloading And Burning The ISO Image.............................................................3 On A Linux System ............................................................................................3 On A Windows System......................................................................................5 Examine the Boot Options ..........................................................................................5 Booting .................................................................................................................5 Booting Without a DHCP Server......................................................................6 The NST_CDROM_IDE Option (ide) ..............................................................6 Using A Serial Console At Boot........................................................................6 Choose a Access Method.............................................................................................9 Console Access....................................................................................................9 Serial Port Access..............................................................................................10 Access Via ssh/putty........................................................................................10 Use the Web User Interface .............................................................................10 Bring Up a X Desktop on the Local System..................................................10 Run a X Desktop Remotely (VNC).................................................................12 Changing the Password (nstpasswd)......................................................................14 Text Editors (vim, jed)................................................................................................15 Determine or Set the IP Address..............................................................................16 Automating Your Setup with lnstcustom...............................................................17 Preparing a Thumb Drive for lnstcustom.....................................................18 Using lnstcustom With a Web Server............................................................19 2. The Web User Interface (WUI) .....................................................................................23 Initial Connection.......................................................................................................23 Snort In Two Clicks ....................................................................................................26 Examining Snort Results ...........................................................................................28 Probing With Nessus .................................................................................................39 Traffic Monitoring With bandwidthd72....................................................................49 3. NST Scripts ......................................................................................................................59 Network Time Protocol (NTP) .................................................................................59 RAM Disk Creation....................................................................................................60 MySQL.........................................................................................................................62 Snort (NST v1.0.4) ......................................................................................................65 Snort (NST v1.0.5 and Above)..................................................................................75 Setup Snort Example: Standalone Configuration ........................................78 Setup Snort Example: Backend MySQL Snort Database With Remote IDS Snort Probes .............................................................................................87 Nessus........................................................................................................................101 ettercap.......................................................................................................................101 IFGraph......................................................................................................................101 Kismet ........................................................................................................................101 BandwidthD..............................................................................................................106 Nikto...........................................................................................................................106 NTop...........................................................................................................................106 setup_sendmail.........................................................................................................112 Checking sendmail Status.............................................................................114 Becoming a SMTP Server ..............................................................................118 Enabling Smart Host ......................................................................................119 4. File Systems ...................................................................................................................125 Finding Mounted File Systems...............................................................................125 Finding Unmounted Disks .....................................................................................125 Using File Systems ...................................................................................................126 Making Use of Swap Space ...........................................................................126 Mounting Local Hard Disks..........................................................................127 Mounting USB Thumb Drives ......................................................................128 iii Making SMB (Windows Shares)...................................................................128 Mounting NFS Drives....................................................................................130 Loopback Tricks........................................................................................................131 Mounting A File As A Filesystem ................................................................131 Mounting a ISO Image...................................................................................133 Mounting a Initial RAM Disk .......................................................................133 Mounting A Encrypted Filesystem (**Note: Fedora Core 2 and Above Only) .......................................................................................................134 5. System Recovery ...........................................................................................................137 Windows XP Recovery ............................................................................................137 Using a DVD+RW Drive .........................................................................................138 6. Using NST In The Wild...............................................................................................143 Overview ...................................................................................................................143 Basic Simple: 1 ..........................................................................................................143 Basic Simple: 2 ..........................................................................................................143 Mobile Wireless Monitoring ...................................................................................143 Small Business Configuration ................................................................................144 Enterprise Configuration ........................................................................................144 7. Using VPNs With NST ................................................................................................147 Overview ...................................................................................................................147 The VPN PPP Tunneled Over SSH Script: vpn-pppssh......................................147 VPN: PPP Tunneled Over SSH...............................................................................152 VPN: Tunnelling Multiple PPP Links Over SSH .................................................153 VPN: PPP Tunneled Over SSH Overhead Discussion ........................................154 VPN: PPP Tunneled Over SSH Effective Throughput Rate Discussion...........158 Effective Throughput Rate: NST Probe - NST Probe Same Fast Ethernet LAN Segment ........................................................................................159
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages192 Page
-
File Size-