Boot Matrix: Difference between revisions
(4 intermediate revisions by the same user not shown) | |||
Line 55: | Line 55: | ||
|<span style="color:green;">Yes</span> | |<span style="color:green;">Yes</span> | ||
|<span style="color:green;">Yes</span> | |<span style="color:green;">Yes</span> | ||
|<span style="color:red;">No</span> | |<span style="color:red;">No</span>¹ | ||
|<span style="color:red;">No</span> | |<span style="color:red;">No</span>¹ | ||
|- | |- | ||
Line 67: | Line 67: | ||
|<span style="color:green;">Yes</span> | |<span style="color:green;">Yes</span> | ||
|- | |- | ||
<!-- | |||
|[[#No_Overlay|No Overlay]] | |[[#No_Overlay|No Overlay]] | ||
Line 76: | Line 78: | ||
|<span style="color:green;">Yes</span> | |<span style="color:green;">Yes</span> | ||
|- | |- | ||
--> | |||
|[[#Compressed_FS|Compressed FS]] | |[[#Compressed_FS|Compressed FS]] | ||
Line 86: | Line 90: | ||
|- | |- | ||
|[[# | |[[#System_Relocate|System Relocate]] | ||
|<span style="color:red;">No</span> | |<span style="color:red;">No</span> | ||
|<span style="color:green;">Yes</span> | |||
|<span style="color:green;">Yes</span> | |||
|<span style="color:red;">No</span> | |<span style="color:red;">No</span> | ||
|<span style="color:red;">No</span> | |<span style="color:red;">No</span> | ||
|<span style="color:green;">Yes</span> | |<span style="color:green;">Yes</span> | ||
|- | |- | ||
|[[# | |[[#Inline_Tap|Inline Tap]] | ||
|<span style="color:red;"> | |<span style="color:red;">n/a</span> | ||
|<span style="color:red;"> | |<span style="color:red;">n/a</span> | ||
|<span style="color:red;"> | |<span style="color:red;">n/a</span> | ||
|<span style="color:red;"> | |<span style="color:red;">n/a</span> | ||
|<span style="color:green;">Yes</span> | |<span style="color:green;">Yes</span> | ||
|<span style="color:green;">Yes</span> | |<span style="color:green;">Yes</span> | ||
Line 105: | Line 109: | ||
|} | |} | ||
¹ - Some USB wireless devices like the [http://www.tp-link.com/products/productDetails.asp?pmodel=TL-WN821N&content=spe TP-LINK TL-WN821N] Atheros based USB adapter can be used in a virtual environment. | |||
== Header Definitions == | == Header Definitions == | ||
Line 147: | Line 153: | ||
=== Persistence === | === Persistence === | ||
Able to persist (save information) directly to the NST file system between boots. | Able to persist (save information) directly to the NST file system between boots. | ||
<!-- | |||
=== No Overlay === | === No Overlay === | ||
This will be "Yes" if you don't have to manage a overlay area. It will be "No" if the persistence mechanism fills and needs to be periodically cleared (reset to the initial system state) at the boot prompt. | This will be "Yes" if you don't have to manage a overlay area. It will be "No" if the persistence mechanism fills and needs to be periodically cleared (reset to the initial system state) at the boot prompt. | ||
--> | |||
=== Compressed FS === | === Compressed FS === | ||
This indicates that the file system is compressed. While a compressed file system may add a bit of additional CPU load, it reduces the storage space requirements and increases the effective throughput on slower I/O devices (like DVD media and USB disks). | This indicates that the file system is compressed. While a compressed file system may add a bit of additional CPU load, it reduces the storage space requirements and increases the effective throughput on slower I/O devices (like DVD media and USB disks). | ||
=== | === System Relocate === | ||
This indicates that the NST system | This indicates that the NST system can be run on one system to collect data, then shutdown and booted on another system to use the analysis. | ||
=== Inline === | === Inline Tap === | ||
NST Virtual machines can be run "inline" on the system they are installed on. This means that they can be configured to monitor all of the network traffic of the host operating system as well as other virtual machines running on the system without the addition of any hardware. | NST Virtual machines can be run "inline" on the system they are installed on. This means that they can be configured to monitor all of the network traffic of the host operating system as well as other virtual machines running on the system without the addition of any hardware. |
Latest revision as of 14:25, 27 December 2010
NST Boot Comparison Table
The NST system is capable of being booted in many different ways. The following comparison table shows what features you can expect depending upon how you boot your NST system ("Yes" is used for positive attributes and "No" for negative attributes).
Feature | Live | Persistent | Movable | Fixed | Virtual Live | Virtual Fixed |
---|---|---|---|---|---|---|
Device | ||||||
Install | Yes | Yes | No | No | Yes | No |
Updates | Limited | Limited | Yes | Yes | Limited | Yes |
Password Retained | No | Yes | Yes | Yes | No | Yes |
Wireless Tools | Yes | Yes | Yes | Yes | No¹ | No¹ |
Persistence | No | Yes | Yes | Yes | No | Yes |
Compressed FS | Yes | Yes | No | No | Yes | No |
System Relocate | No | Yes | Yes | No | No | Yes |
Inline Tap | n/a | n/a | n/a | n/a | Yes | Yes |
¹ - Some USB wireless devices like the TP-LINK TL-WN821N Atheros based USB adapter can be used in a virtual environment.
Header Definitions
- Live
- Booting from ISO image on DVD or USB drive without a persistent overlay.
- Persistence
- Booting the NST ISO image from a USB drive with a persistent overlay which periodically fills up and must be cleared.
- Movable
- Full NST hard disk installation to a external drive which can easily moved from system to system.
- Fixed
- Full NST hard disk installation to permanent internal disk drive.
- Virtual Live
- Booting the NST ISO image within a virtual environment (such as VMware).
- Virtual Install
- Full NST hard disk installation running within a virtual environment (such as VMware).
Feature Definitions
The following explains the meaning of the row headers that appear at the left side of each row in the Boot Matrix comparison table.
Device
The device used to boot the NST distribution from.
Install
Able to perform a full hard disk installation after boot.
Updates
Able to fully use the package manager to perform system updates and add additional software packages to the system (ie yum update and yum install). While all NST boot mechanisms support the use of yum, if you are booting a Live NST system (even if using the USB overlay feature), you have to be very careful when managing packages as you will consume resources quickly.
Password Retained
Indicates if the password is remembered between boots (if "No", then you must run the nstpasswd command after each boot).
Wireless Tools
Able to access wireless cards and run wireless tools like Kismet.
Persistence
Able to persist (save information) directly to the NST file system between boots.
Compressed FS
This indicates that the file system is compressed. While a compressed file system may add a bit of additional CPU load, it reduces the storage space requirements and increases the effective throughput on slower I/O devices (like DVD media and USB disks).
System Relocate
This indicates that the NST system can be run on one system to collect data, then shutdown and booted on another system to use the analysis.
Inline Tap
NST Virtual machines can be run "inline" on the system they are installed on. This means that they can be configured to monitor all of the network traffic of the host operating system as well as other virtual machines running on the system without the addition of any hardware.