Key Release Changes

From NST Wiki
Jump to: navigation, search

Package Management

Full Package Management

You can now easily add packages to the NST distribution using standard yum and rpm commands. This allows you to start with a initial NST distribution and then enhance it for your custom purposes.

This is only recommended after performing a hard disk installation of the NST.

Live Systems Can Be Updated

You can perform package management commands using yum and rpm commands even if you boot NST Live (off of a DVD or USB drive). However, since the media is not writable, new packages which are downloaded and added will consume RAM.

Because of this, you should only install a few packages at a time for experimental purposes. If you were to attempt a full system update on a Live system, it is likely it will run out of memory.

NST System Maintenance And Updates

NST is maintained via yum updates from Fedora and the Network Security Toolkit repositories. These sites are rundundantly located in case of system or network failures. See the section: " Maintaining And Updating NST" on the Getting Started page for detailed information on upgrading and maintaining an NST system.

Distribution Size - NST Minimal

In order to update the NST distribution to support full package management, the full ISO distribution has increased significantly in size (over 1.2GB). The full distribution can no longer be burned to CD media (you must burn it to a DVD or a USB drive).

If you have a system which can only boot from CD media (i.e., it can't read DVD media and does not support booting from a USB drive), you will not be able to run a full NST Live distribution.

However, it is still possible to perform a hard disk installation of the full NST distribution by starting with the NST Minimal ISO image. See the NST Minimal page if this applies to you.

Low Memory NST Installation

Starting with NST 2.16.0, the anaconda installer requires a minimum of 768 MB of RAM for installation of NST. The NST installer: "nstliveinst", which uses anaconda, will abort and fail to install NST Live to the hard drive if your system has less than 768 MB of RAM installed. This limitation was probably set for running the Gnome 3 Desktop. A headless NST system can still run many applications contained within the distribution using a minimum of 512 or 640 MB of RAM installed. An unsupported method to circumvent this anaconda limitation is to remove the memory requirement check. Use these steps to accomplish this task:
  • Boot the NST Live Distro.
  • Edit the anaconda executable script: (vi /usr/sbin/anaconda).
  • Add a python 'return' statement right after the "check_memory" function.
  • Make sure you left-justify the 'return' statement with the "reason_strict" description string.
  • Save your edited script.
def check_memory(anaconda, opts, display_mode=None):
    return
    reason_strict = _("%s requires %s MB of memory to install, but you only have "
                      "%s MB on this machine.\n")
  • Now perform your NST Live installation using the "nstliveinst" installer.

New Boot Types

One may boot an NST system using a USB drive for systems capable of booting from USB. There are 2 different types of NST USB installs. First, Fedora provides a "Live USB Creator" application that allows NST Live to be installed to a USB drive from an already booted NST Live system. Secondly, one can use the "nstliveinst" NST script to perform a hard disk install to a USB drive.

Once either one of the above USB installs is completed, one can simply plug in the USB drive into a system capable of booting from USB and bring up an instance of NST booted from USB.

Initial Boot

Disabled Services

The following services are disabled until the default NST password is changed upon booting NST Live or after a fresh NST hard disk install. Run the nstpasswd script to set the password for the root user and then both the sshd and httpd service will automatically be enabled.

sshd
The SSH daemon providing secure encrypted communications between two untrusted hosts over an insecure network.
httpd
The Apache Hypertext Transfer Protocol Server (HTTP) - Web server.

Default Password

The default password is still nst2003.

In prior releases, you had to set the password of the NST system each time you booted a system from the ISO image. This was a good practice as the https and sshd services were enabled by default when logging into system.

Starting with the new release, we no longer require you to set the NST password when the system boots. However, we no longer enable the https and sshd services until you run the nstpasswd script to set the system passwords.

Hence, the NST system acts as a client system (you won't be able to connect to it from other systems) until you secure it by running the nstpasswd script.


Graphical Desktop Session

You now have the option on the boot screen to go directly to a graphical desktop session (you can choose between the Fluxbox or the GNOME desktop manager). The GNOME gdm graphical login screen manager is used. To login as the "root" user, choose "Other...", type in the Username: "root", type in your NST Password and select a desktop manager (Fluxbox or GNOME) on the bottom task bar.

See the section: " Graphical Desktop Session" on the Getting Started page for detailed information on logging on to a desktop session.

Media Check

At the initial boot screen, you can now perform a media check at the start of the boot. This should be done to verify your media (especially in situations where the NST system does not boot cleanly or behave properly).

NST 18 Release Notes

NST 18 Versioning

We have moved away from the "2.xx.0" version nomenclature to just a distribution integer release number. For example: "NST 2.18.0" becomes "NST 18". Intermediate "NST 18" releases will be distinguished by the current subversion number at time of release (e.g., NST 18, SVN: 4566).

New Anaconda Installer

When performing a hard disk installation using the new "anaconda" installer with "NST 18" be patient with the application. The installer takes some time to load when launched from the "NST Live" media. It appears that nothing is happening but eventually displays. Also after making any disk partitioning changes, be patient for any changes to take effect. A suggestion to the author of the new installer would be to provide better feedback or status of its current operation.

HTTPS Access with a Configured Static IP Address

If one configures the NST system with a static IP Address, then the "Apache Web Service" will also need to be configured for access using "HTTPS". Edit the "SSL" configuration file:"/etc/httpd/conf.d/ssl.conf" and change these lines to the static "IP Address" or "Host Name".

.
.
.
##
## SSL Virtual Host Context
##

<VirtualHost 10.222.222.10:443>

# General setup for the virtual host, inherited from global configuration
#DocumentRoot "/var/www/html"
#ServerName www.example.com:443
ServerName 10.222.222.10:443
.
.
.

NST 20 Release Notes

w3af Application

The w3af Web Application Attack and Audit Framework application may need to be updated with the python pip command prior to using it. This includes both the GUI and Console-based versions. Run the following command and follow any instructions related to running the pip package installer:

[root@shopper2 ~]# /usr/share/w3af/w3af_console

NST 22 Release Notes

Mate Desktop: User: root

If one logs into NST using the Mate desktop as the "root" user, the pulseaudio daemon will not startup automatically thus no sound output will occur. This may also cause continual warning messages to accumulate in the "/root/.xsession-errors" file. A work around is to manually startup the pulseaudio daemon. Audio output should now work normally.

[root@ronbo ~]# pulseaudio --start
W: [pulseaudio] main.c: This program is not intended to be run as root (unless --system is specified).
Note: The above Warning message is normal when running the pulseaudio daemon as the rooot' user.