Key Release Changes: Difference between revisions
(65 intermediate revisions by the same user not shown) | |||
Line 24: | Line 24: | ||
However, it is still possible to perform a hard disk installation of the full NST distribution by starting with the [[NST Minimal]] ISO image. See the [[NST Minimal]] page if this applies to you. | However, it is still possible to perform a hard disk installation of the full NST distribution by starting with the [[NST Minimal]] ISO image. See the [[NST Minimal]] page if this applies to you. | ||
= Low Memory NST Installation = | |||
[[File:Thunderbolt.png|frame|left|'''[[Feature Release Symbol | <center>NST 2.16.0<br /> SVN: 3127</center>]]''']] Starting with '''NST 2.16.0''', the [http://en.wikipedia.org/wiki/Anaconda_(installer) anaconda] installer requires a minimum of '''768 MB''' of RAM for installation of '''NST'''. The '''NST''' installer: "'''nstliveinst'''", which uses '''anaconda''', will ''abort'' and fail to install '''NST Live''' to the hard drive if your system has less than '''768 MB''' of RAM installed. This limitation was probably set for running the [http://www.gnome.org/gnome-3/ Gnome 3 Desktop]. A headless '''NST''' system can still run many applications contained within the distribution using a minimum of '''512''' or '''640 MB''' of RAM installed. An unsupported method to circumvent this '''anaconda''' limitation is to remove the memory requirement check. Use these steps to accomplish this task: | |||
* Boot the NST Live Distro. | |||
* Edit the anaconda executable script: (''vi /usr/sbin/anaconda''). | |||
* Add a python ''''return'''' statement right after the "'''check_memory'''" function. | |||
* Make sure you left-justify the ''''return'''' statement with the "'''reason_strict'''" description string. | |||
* Save your edited script. | |||
<pre class="programListing"> | |||
def check_memory(anaconda, opts, display_mode=None): | |||
return | |||
reason_strict = _("%s requires %s MB of memory to install, but you only have " | |||
"%s MB on this machine.\n") | |||
</pre> | |||
* Now perform your '''NST''' Live installation using the "'''nstliveinst'''" installer. | |||
= New Boot Types = | = New Boot Types = | ||
Line 68: | Line 87: | ||
At the initial boot screen, you can now perform a media check at the start of the boot. This should be done to verify your media (especially in situations where the NST system does not boot cleanly or behave properly). | At the initial boot screen, you can now perform a media check at the start of the boot. This should be done to verify your media (especially in situations where the NST system does not boot cleanly or behave properly). | ||
= NST 18 Release Notes = | |||
== NST 18 Versioning == | |||
We have moved away from the "'''2.xx.0'''" version nomenclature to just a distribution integer release number. For example: "'''NST 2.18.0'''" becomes "'''NST 18'''". Intermediate "'''NST 18'''" releases will be distinguished by the current subversion number at time of release (e.g., '''NST 18, SVN: 4566'''). | |||
== New Anaconda Installer == | |||
When performing a hard disk installation using the new "'''anaconda'''" installer with "'''NST 18'''" be patient with the application. The installer takes some time to load when launched from the "'''NST Live'''" media. It appears that nothing is happening but eventually displays. Also after making any disk partitioning changes, be patient for any changes to take ''effect''. A suggestion to the author of the new installer would be to provide better feedback or status of its current operation. | |||
== HTTPS Access with a Configured Static IP Address == | |||
If one configures the NST system with a static IP Address, then the "'''Apache Web Service'''" will also need to be configured for access using "'''HTTPS'''". Edit the "'''SSL'''" configuration file:"'''/etc/httpd/conf.d/ssl.conf'''" and change these lines to the static "'''IP Address'''" or "'''Host Name'''". | |||
<pre class="programListing"> | |||
. | |||
. | |||
. | |||
## | |||
## SSL Virtual Host Context | |||
## | |||
<VirtualHost 10.222.222.10:443> | |||
# General setup for the virtual host, inherited from global configuration | |||
#DocumentRoot "/var/www/html" | |||
#ServerName www.example.com:443 | |||
ServerName 10.222.222.10:443 | |||
. | |||
. | |||
. | |||
</pre> | |||
= NST 20 Release Notes = | |||
== w3af Application == | |||
The '''[http://w3af.org/ w3af]''' Web Application Attack and Audit Framework application may need to be updated with the '''[http://en.wikipedia.org/wiki/Python_%28programming_language%29 python]''' '''[http://www.pip-installer.org pip]''' command prior to using it. This includes both the '''GUI''' and '''Console'''-based versions. Run the following command and follow any instructions related to running the '''[http://www.pip-installer.org pip]''' package installer: | |||
[root@shopper2 ~]# /usr/share/w3af/w3af_console | |||
= NST 22 Release Notes = | |||
== Mate Desktop: User: root == | |||
If one logs into '''NST''' using the '''[https://en.wikipedia.org/wiki/MATE_(software) Mate]''' desktop as the "'''root'''" user, the '''pulseaudio''' daemon will not startup automatically thus no sound output will occur. This may also cause continual warning messages to accumulate in the "'''/root/.xsession-errors'''" file. A work around is to manually startup the '''pulseaudio''' daemon. Audio output should now work normally. | |||
[root@ronbo ~]# pulseaudio --start | |||
W: [pulseaudio] main.c: This program is not intended to be run as root (unless --system is specified). | |||
<div class="centerBlock"><div class="noteMessage">'''Note:''' The above '''Warning''' message is normal when running the '''pulseaudio''' daemon as the '''rooot' user.</div></div> | |||
= NST 28 Release Notes = | |||
== Errata == | |||
=== Missing Font for gm convert === | |||
<div class="centerBlock"><div class="noteMessage">'''Note:''' This has been fixed in the NST 28 Interim release.</div></div> | |||
Post distribution of the NST 28 ISO: '''[https://sourceforge.net/projects/nst/files/NST/NST%2028-10234/ nst-28-10234.x86_64.iso]''', it was determined that a font change occurred. This issue effects the use of '''gm convert''' when rendering world mercator maps with '''[https://www.ntop.org/products/ntop ntopng]'''. Below is a fix for this issue: | |||
[root@shopper2 ~]# dnf install urw-base35-fonts-legacy; | |||
[root@shopper2 default]# cd "/usr/share/fonts"; | |||
[root@shopper2 fonts]# mkdir -p "default"; | |||
[root@shopper2 fonts]# cd "default"; | |||
[root@shopper2 default]# ln -s "/usr/share/X11/fonts/urw-fonts" "Type1"; | |||
[root@shopper2 default]# ls -al; | |||
total 4 | |||
drwxr-xr-x 2 root root 19 Jul 2 16:41 . | |||
drwxr-xr-x 47 root root 4096 Jul 2 16:40 .. | |||
lrwxrwxrwx 1 root root 30 Jul 2 16:41 Type1 -> /usr/share/X11/fonts/urw-fonts | |||
[root@shopper2 default]# |
Latest revision as of 10:23, 24 August 2018
Package Management
Full Package Management
You can now easily add packages to the NST distribution using standard yum and rpm commands. This allows you to start with a initial NST distribution and then enhance it for your custom purposes.
This is only recommended after performing a hard disk installation of the NST.
Live Systems Can Be Updated
You can perform package management commands using yum and rpm commands even if you boot NST Live (off of a DVD or USB drive). However, since the media is not writable, new packages which are downloaded and added will consume RAM.
Because of this, you should only install a few packages at a time for experimental purposes. If you were to attempt a full system update on a Live system, it is likely it will run out of memory.
NST System Maintenance And Updates
NST is maintained via yum updates from Fedora and the Network Security Toolkit repositories. These sites are rundundantly located in case of system or network failures. See the section: " Maintaining And Updating NST" on the Getting Started page for detailed information on upgrading and maintaining an NST system.
Distribution Size - NST Minimal
In order to update the NST distribution to support full package management, the full ISO distribution has increased significantly in size (over 1.2GB). The full distribution can no longer be burned to CD media (you must burn it to a DVD or a USB drive).
If you have a system which can only boot from CD media (i.e., it can't read DVD media and does not support booting from a USB drive), you will not be able to run a full NST Live distribution.
However, it is still possible to perform a hard disk installation of the full NST distribution by starting with the NST Minimal ISO image. See the NST Minimal page if this applies to you.
Low Memory NST Installation
Starting with NST 2.16.0, the anaconda installer requires a minimum of 768 MB of RAM for installation of NST. The NST installer: "nstliveinst", which uses anaconda, will abort and fail to install NST Live to the hard drive if your system has less than 768 MB of RAM installed. This limitation was probably set for running the Gnome 3 Desktop. A headless NST system can still run many applications contained within the distribution using a minimum of 512 or 640 MB of RAM installed. An unsupported method to circumvent this anaconda limitation is to remove the memory requirement check. Use these steps to accomplish this task:
- Boot the NST Live Distro.
- Edit the anaconda executable script: (vi /usr/sbin/anaconda).
- Add a python 'return' statement right after the "check_memory" function.
- Make sure you left-justify the 'return' statement with the "reason_strict" description string.
- Save your edited script.
def check_memory(anaconda, opts, display_mode=None): return reason_strict = _("%s requires %s MB of memory to install, but you only have " "%s MB on this machine.\n")
- Now perform your NST Live installation using the "nstliveinst" installer.
New Boot Types
One may boot an NST system using a USB drive for systems capable of booting from USB. There are 2 different types of NST USB installs. First, Fedora provides a "Live USB Creator" application that allows NST Live to be installed to a USB drive from an already booted NST Live system. Secondly, one can use the "nstliveinst" NST script to perform a hard disk install to a USB drive.
Once either one of the above USB installs is completed, one can simply plug in the USB drive into a system capable of booting from USB and bring up an instance of NST booted from USB.
Initial Boot
Disabled Services
The following services are disabled until the default NST password is changed upon booting NST Live or after a fresh NST hard disk install. Run the nstpasswd script to set the password for the root user and then both the sshd and httpd service will automatically be enabled.
- sshd
- The SSH daemon providing secure encrypted communications between two untrusted hosts over an insecure network.
- httpd
- The Apache Hypertext Transfer Protocol Server (HTTP) - Web server.
Default Password
The default password is still nst2003.
In prior releases, you had to set the password of the NST system each time you booted a system from the ISO image. This was a good practice as the https and sshd services were enabled by default when logging into system.
Starting with the new release, we no longer require you to set the NST password when the system boots. However, we no longer enable the https and sshd services until you run the nstpasswd script to set the system passwords.
Hence, the NST system acts as a client system (you won't be able to connect to it from other systems) until you secure it by running the nstpasswd script.
Graphical Desktop Session
You now have the option on the boot screen to go directly to a graphical desktop session (you can choose between the Fluxbox or the GNOME desktop manager). The GNOME gdm graphical login screen manager is used. To login as the "root" user, choose "Other...", type in the Username: "root", type in your NST Password and select a desktop manager (Fluxbox or GNOME) on the bottom task bar.
See the section: " Graphical Desktop Session" on the Getting Started page for detailed information on logging on to a desktop session.
Media Check
At the initial boot screen, you can now perform a media check at the start of the boot. This should be done to verify your media (especially in situations where the NST system does not boot cleanly or behave properly).
NST 18 Release Notes
NST 18 Versioning
We have moved away from the "2.xx.0" version nomenclature to just a distribution integer release number. For example: "NST 2.18.0" becomes "NST 18". Intermediate "NST 18" releases will be distinguished by the current subversion number at time of release (e.g., NST 18, SVN: 4566).
New Anaconda Installer
When performing a hard disk installation using the new "anaconda" installer with "NST 18" be patient with the application. The installer takes some time to load when launched from the "NST Live" media. It appears that nothing is happening but eventually displays. Also after making any disk partitioning changes, be patient for any changes to take effect. A suggestion to the author of the new installer would be to provide better feedback or status of its current operation.
HTTPS Access with a Configured Static IP Address
If one configures the NST system with a static IP Address, then the "Apache Web Service" will also need to be configured for access using "HTTPS". Edit the "SSL" configuration file:"/etc/httpd/conf.d/ssl.conf" and change these lines to the static "IP Address" or "Host Name".
. . . ## ## SSL Virtual Host Context ## <VirtualHost 10.222.222.10:443> # General setup for the virtual host, inherited from global configuration #DocumentRoot "/var/www/html" #ServerName www.example.com:443 ServerName 10.222.222.10:443 . . .
NST 20 Release Notes
w3af Application
The w3af Web Application Attack and Audit Framework application may need to be updated with the python pip command prior to using it. This includes both the GUI and Console-based versions. Run the following command and follow any instructions related to running the pip package installer:
[root@shopper2 ~]# /usr/share/w3af/w3af_console
NST 22 Release Notes
Mate Desktop: User: root
If one logs into NST using the Mate desktop as the "root" user, the pulseaudio daemon will not startup automatically thus no sound output will occur. This may also cause continual warning messages to accumulate in the "/root/.xsession-errors" file. A work around is to manually startup the pulseaudio daemon. Audio output should now work normally.
[root@ronbo ~]# pulseaudio --start W: [pulseaudio] main.c: This program is not intended to be run as root (unless --system is specified).
NST 28 Release Notes
Errata
Missing Font for gm convert
Post distribution of the NST 28 ISO: nst-28-10234.x86_64.iso, it was determined that a font change occurred. This issue effects the use of gm convert when rendering world mercator maps with ntopng. Below is a fix for this issue:
[root@shopper2 ~]# dnf install urw-base35-fonts-legacy; [root@shopper2 default]# cd "/usr/share/fonts"; [root@shopper2 fonts]# mkdir -p "default"; [root@shopper2 fonts]# cd "default"; [root@shopper2 default]# ln -s "/usr/share/X11/fonts/urw-fonts" "Type1"; [root@shopper2 default]# ls -al; total 4 drwxr-xr-x 2 root root 19 Jul 2 16:41 . drwxr-xr-x 47 root root 4096 Jul 2 16:40 .. lrwxrwxrwx 1 root root 30 Jul 2 16:41 Type1 -> /usr/share/X11/fonts/urw-fonts [root@shopper2 default]#