Difference between revisions of "Boot Matrix"

From NST Wiki
Jump to navigationJump to search
(NST Boot Comparison Table)
(NST Boot Comparison Table)
 
(7 intermediate revisions by the same user not shown)
Line 14: Line 14:
 
|-
 
|-
  
|Device
+
|[[#Device|Device]]
 
![[Image:dvd.jpg|DVD Media]]<br />[[Image:usb-thumb-drive.jpg|USB Thumb Drive]]
 
![[Image:dvd.jpg|DVD Media]]<br />[[Image:usb-thumb-drive.jpg|USB Thumb Drive]]
 
![[Image:usb-thumb-drive.jpg|USB Thumb Drive]]
 
![[Image:usb-thumb-drive.jpg|USB Thumb Drive]]
Line 23: Line 23:
 
|-
 
|-
  
|Install
+
|[[#Install|Install]]
 
|<span style="color:green;">Yes</span>
 
|<span style="color:green;">Yes</span>
 
|<span style="color:green;">Yes</span>
 
|<span style="color:green;">Yes</span>
Line 32: Line 32:
 
|-
 
|-
  
|Updates
+
|[[#Updates|Updates]]
|<span style="color:red;">No</span>
+
|<span style="color:red;">Limited</span>
|<span style="color:red;">No</span>
+
|<span style="color:red;">Limited</span>
 
|<span style="color:green;">Yes</span>
 
|<span style="color:green;">Yes</span>
 
|<span style="color:green;">Yes</span>
 
|<span style="color:green;">Yes</span>
|<span style="color:red;">No</span>
+
|<span style="color:red;">Limited</span>
 
|<span style="color:green;">Yes</span>
 
|<span style="color:green;">Yes</span>
 
|-
 
|-
  
|Password
+
|[[#Password_Retained|Password Retained]]
 
|<span style="color:red;">No</span>
 
|<span style="color:red;">No</span>
 
|<span style="color:green;">Yes</span>
 
|<span style="color:green;">Yes</span>
Line 50: Line 50:
 
|-
 
|-
  
|Wireless Tools
+
|[[#Wireless_Tools|Wireless Tools]]
 
|<span style="color:green;">Yes</span>
 
|<span style="color:green;">Yes</span>
 
|<span style="color:green;">Yes</span>
 
|<span style="color:green;">Yes</span>
 
|<span style="color:green;">Yes</span>
 
|<span style="color:green;">Yes</span>
 
|<span style="color:green;">Yes</span>
 
|<span style="color:green;">Yes</span>
|<span style="color:red;">No</span>
+
|<span style="color:red;">No</span>&sup1;
|<span style="color:red;">No</span>
+
|<span style="color:red;">No</span>&sup1;
 
|-
 
|-
  
|Persistence
+
|[[#Persistence|Persistence]]
 
|<span style="color:red;">No</span>
 
|<span style="color:red;">No</span>
 
|<span style="color:green;">Yes</span>
 
|<span style="color:green;">Yes</span>
Line 68: Line 68:
 
|-
 
|-
  
|No Overlay
+
<!--
 +
 
 +
|[[#No_Overlay|No Overlay]]
 
|<span style="color:green;">Yes</span>
 
|<span style="color:green;">Yes</span>
 
|<span style="color:red;">No</span>
 
|<span style="color:red;">No</span>
Line 77: Line 79:
 
|-
 
|-
  
|Compressed FS
+
-->
 +
 
 +
|[[#Compressed_FS|Compressed FS]]
 
|<span style="color:green;">Yes</span>
 
|<span style="color:green;">Yes</span>
 
|<span style="color:green;">Yes</span>
 
|<span style="color:green;">Yes</span>
Line 86: Line 90:
 
|-
 
|-
  
|Quick udev
+
|[[#System_Relocate|System Relocate]]
 
|<span style="color:red;">No</span>
 
|<span style="color:red;">No</span>
 +
|<span style="color:green;">Yes</span>
 +
|<span style="color:green;">Yes</span>
 
|<span style="color:red;">No</span>
 
|<span style="color:red;">No</span>
 
|<span style="color:red;">No</span>
 
|<span style="color:red;">No</span>
 
|<span style="color:green;">Yes</span>
 
|<span style="color:green;">Yes</span>
|<span style="color:red;">No</span>
+
|-
 +
 
 +
|[[#Inline_Tap|Inline Tap]]
 +
|<span style="color:red;">n/a</span>
 +
|<span style="color:red;">n/a</span>
 +
|<span style="color:red;">n/a</span>
 +
|<span style="color:red;">n/a</span>
 +
|<span style="color:green;">Yes</span>
 
|<span style="color:green;">Yes</span>
 
|<span style="color:green;">Yes</span>
 
|-
 
|-
  
 
|}
 
|}
 +
 +
&sup1; - Some USB wireless devices like the [http://www.tp-link.com/products/productDetails.asp?pmodel=TL-WN821N&content=spe TP-LINK TL-WN821N] Atheros based USB adapter can be used in a virtual environment.
  
 
== Header Definitions ==
 
== Header Definitions ==
Line 103: Line 118:
  
 
;Persistence
 
;Persistence
:Booting from USB drive with a persistent overlay which periodically fills up and must be cleared.
+
:Booting the NST ISO image from a USB drive with a persistent overlay which periodically fills up and must be cleared.
  
 
;Movable
 
;Movable
Line 119: Line 134:
 
== Feature Definitions ==
 
== Feature Definitions ==
  
;Device
+
The following explains the meaning of the row headers that appear at the left side of each row in the Boot Matrix comparison table.
:The device used to boot the NST distribution from.
 
  
;Install
+
=== Device ===
:Able to perform a full hard disk installation after boot.
+
The device used to boot the NST distribution from.
  
;Updates
+
=== Install ===
:Able to fully use the package manager to perform system updates and add additional software packages to the system (ie '''yum update''' and '''yum install'''). While all NST boot mechanisms support the use of '''yum''', if you are booting a Live NST system (even if using the USB overlay feature), you have to be very careful when managing packages as you will consume resources quickly.
+
Able to perform a full hard disk installation after boot.
  
;Password
+
=== Updates ===
:Indicates if the password is remembered between boots (if "No", then you must run the '''nstpasswd''' command after each boot).
+
Able to fully use the package manager to perform system updates and add additional software packages to the system (ie '''yum update''' and '''yum install'''). While all NST boot mechanisms support the use of '''yum''', if you are booting a Live NST system (even if using the USB overlay feature), you have to be very careful when managing packages as you will consume resources quickly.
 +
 
 +
=== Password Retained ===
 +
Indicates if the password is remembered between boots (if "No", then you must run the '''nstpasswd''' command after each boot).
 
   
 
   
;Wireless Tools
+
=== Wireless Tools ===
:Able to access wireless cards and run wireless tools like '''Kismet'''.
+
Able to access wireless cards and run wireless tools like '''Kismet'''.
  
;Persistence
+
=== Persistence ===
:Able to persist (save information) directly to the NST file system between boots.
+
Able to persist (save information) directly to the NST file system between boots.
 +
 
 +
<!--
 +
 
 +
=== No Overlay ===
 +
This will be "Yes" if you don't have to manage a overlay area. It will be "No" if the persistence mechanism fills and needs to be periodically cleared (reset to the initial system state) at the boot prompt.
 +
 
 +
-->
  
;No Overlay
+
=== Compressed FS ===
:This will be "Yes" if you don't have to manage a overlay area. It will be "No" if the persistence mechanism fills and needs to be periodically cleared (reset to the initial system state) at the boot prompt.
+
This indicates that the file system is compressed. While a compressed file system may add a bit of additional CPU load, it reduces the storage space requirements and increases the effective throughput on slower I/O devices (like DVD media and USB disks).
  
;Compressed FS
+
=== System Relocate ===
:This indicates that the file system is compressed. While a compressed file system may add a bit of additional CPU load, it reduces the storage space requirements and increases the effective throughput on slower I/O devices (like DVD media and USB disks).
+
This indicates that the NST system can be run on one system to collect data, then shutdown and booted on another system to use the analysis.
  
;Quick udev
+
=== Inline Tap ===
:This indicates that the NST system is installed on permanent hardware and can cache '''udev''' information between boots (it doesn't need to try and auto-detect the underlying hardware each time the system is booted).
+
NST Virtual machines can be run "inline" on the system they are installed on. This means that they can be configured to monitor all of the network traffic of the host operating system as well as other virtual machines running on the system without the addition of any hardware.

Latest revision as of 14:25, 27 December 2010

NST Boot Comparison Table

The NST system is capable of being booted in many different ways. The following comparison table shows what features you can expect depending upon how you boot your NST system ("Yes" is used for positive attributes and "No" for negative attributes).


Feature Live Persistent Movable Fixed Virtual Live Virtual Fixed
Device DVD Media
USB Thumb Drive
USB Thumb Drive USB Thumb Drive
Hard disk drive
Hard disk drive NST Virtual Machine (Live Boot) NST Virtual Machine (Full Install)
Install Yes Yes No No Yes No
Updates Limited Limited Yes Yes Limited Yes
Password Retained No Yes Yes Yes No Yes
Wireless Tools Yes Yes Yes Yes No¹ No¹
Persistence No Yes Yes Yes No Yes
Compressed FS Yes Yes No No Yes No
System Relocate No Yes Yes No No Yes
Inline Tap n/a n/a n/a n/a Yes Yes

¹ - Some USB wireless devices like the TP-LINK TL-WN821N Atheros based USB adapter can be used in a virtual environment.

Header Definitions

Live
Booting from ISO image on DVD or USB drive without a persistent overlay.
Persistence
Booting the NST ISO image from a USB drive with a persistent overlay which periodically fills up and must be cleared.
Movable
Full NST hard disk installation to a external drive which can easily moved from system to system.
Fixed
Full NST hard disk installation to permanent internal disk drive.
Virtual Live
Booting the NST ISO image within a virtual environment (such as VMware).
Virtual Install
Full NST hard disk installation running within a virtual environment (such as VMware).

Feature Definitions

The following explains the meaning of the row headers that appear at the left side of each row in the Boot Matrix comparison table.

Device

The device used to boot the NST distribution from.

Install

Able to perform a full hard disk installation after boot.

Updates

Able to fully use the package manager to perform system updates and add additional software packages to the system (ie yum update and yum install). While all NST boot mechanisms support the use of yum, if you are booting a Live NST system (even if using the USB overlay feature), you have to be very careful when managing packages as you will consume resources quickly.

Password Retained

Indicates if the password is remembered between boots (if "No", then you must run the nstpasswd command after each boot).

Wireless Tools

Able to access wireless cards and run wireless tools like Kismet.

Persistence

Able to persist (save information) directly to the NST file system between boots.


Compressed FS

This indicates that the file system is compressed. While a compressed file system may add a bit of additional CPU load, it reduces the storage space requirements and increases the effective throughput on slower I/O devices (like DVD media and USB disks).

System Relocate

This indicates that the NST system can be run on one system to collect data, then shutdown and booted on another system to use the analysis.

Inline Tap

NST Virtual machines can be run "inline" on the system they are installed on. This means that they can be configured to monitor all of the network traffic of the host operating system as well as other virtual machines running on the system without the addition of any hardware.