Hard Disk Installation: Difference between revisions
(7 intermediate revisions by 2 users not shown) | |||
Line 2: | Line 2: | ||
= How Much Hard Disk Space Is Required? = | = How Much Hard Disk Space Is Required? = | ||
The recommended minimum install of the NST distribution is '''16 GB'''. However, this will leave your disk about 50% full. If you plan on doing much of anything with the NST, you will want additional space for: | |||
* Logging data. | * Logging data. | ||
Line 9: | Line 9: | ||
* Room for updating the packages on the system. | * Room for updating the packages on the system. | ||
* Room for allocating a swap partition (unless you are using a USB flash drive). | * Room for allocating a swap partition (unless you are using a USB flash drive). | ||
= Why Would I Want The NST On A Hard Disk? = | = Why Would I Want The NST On A Hard Disk? = | ||
Line 67: | Line 63: | ||
Since the '''2.11.0''' release of the NST, we've been using the kernel and initial RAM file system provided by Fedora. There are very few situations that require any modifications to the initial RAM file system. | Since the '''2.11.0''' release of the NST, we've been using the kernel and initial RAM file system provided by Fedora. There are very few situations that require any modifications to the initial RAM file system. | ||
If your hardware struggles with booting the NST and you are a Linux expert, you may want to experiment with the contents and scripts contained in the initial RAM file | If your hardware struggles with booting the NST and you are a Linux expert, you may want to experiment with the contents and scripts contained in the initial RAM file system. | ||
The process of updating the initial RAM file system goes as follows: | The process of updating the initial RAM file system goes as follows: | ||
Line 78: | Line 74: | ||
* Next, you need to determine the name of the initial RAM file system and use '''[http://en.wikipedia.org/wiki/Gzip gzip]''' and '''cpio''' to extract the current contents of the initial RAM disk. The following example extracts this to a new working directory of ''/tmp/initrd'' (notice that we made a backup copy of the original file before we started messing around with it). | * Next, you need to determine the name of the initial RAM file system and use '''[http://en.wikipedia.org/wiki/Gzip gzip]''' and '''[http://en.wikipedia.org/wiki/Cpio cpio]''' to extract the current contents of the initial RAM disk. The following example extracts this to a new working directory of ''/tmp/initrd'' (notice that we made a backup copy of the original file before we started messing around with it). | ||
[root@probe ~] ls /mnt/nstboot/*.img | [root@probe ~] ls /mnt/nstboot/*.img | ||
Line 94: | Line 90: | ||
[root@probe initrd] | [root@probe initrd] | ||
* At this point you are free to add, remove and or edit files which make up the initial RAM file system. Most likely you will want to modify the '''init''' script as this controls how the Operating System is brought up by loading modules and mounting the file system. | * At this point you are free to add, remove and or edit files which make up the initial RAM file system. Most likely you will want to modify the "'''init'''" script as this controls how the Operating System is brought up by loading modules and mounting the file system. | ||
* Finally, you need to use '''[http://en.wikipedia.org/wiki/Gzip gzip]''' and '''cpio''' to save our updates back into the initial RAM file system that the Network Security Toolkit will use the next time it boots. | * Finally, you need to use '''[http://en.wikipedia.org/wiki/Gzip gzip]''' and '''[http://en.wikipedia.org/wiki/Cpio cpio]''' to save our updates back into the initial RAM file system that the Network Security Toolkit will use the next time it boots. | ||
[root@probe initrd] find . | cpio -oc | gzip -c -9 >| /mnt/nstboot/initramfs-2.6.34.7-61.fc13.i686.img | [root@probe initrd] find . | cpio -oc | gzip -c -9 >| /mnt/nstboot/initramfs-2.6.34.7-61.fc13.i686.img | ||
Line 106: | Line 102: | ||
At this point, you can try booting the system and observe the results of your changes. | At this point, you can try booting the system and observe the results of your changes. | ||
= How Can I Optimize My SSD Set Up? = | |||
At this point in time, we haven't spent time trying to optimize Solid State Disk (SSD) performance on a NST system. However, we have come across a interesting article with some general suggestions related to optimizing SSD performance on Linux systems. See the CNET article: [http://www.zdnet.com/blog/perlow/geek-sheet-a-tweakers-guide-to-solid-state-drives-ssds-and-linux/9190?tag=nl.e540 Geek Sheet: A Tweaker's Guide to Solid State Drives (SSDs) and Linux]. |
Latest revision as of 12:35, 8 February 2015
How Much Hard Disk Space Is Required?
The recommended minimum install of the NST distribution is 16 GB. However, this will leave your disk about 50% full. If you plan on doing much of anything with the NST, you will want additional space for:
- Logging data.
- Database storage for tools like ntop and snort.
- Room for adding additional packages to customize your NST system.
- Room for updating the packages on the system.
- Room for allocating a swap partition (unless you are using a USB flash drive).
Why Would I Want The NST On A Hard Disk?
There are numerous advantages to installing the NST on a hard disk.
- You can adjust configuration files without losing your edits when you reboot.
- You can adjust the default startup of the NST. For example, you could have the NST come up with snort enabled and checking the packets coming across the eth1 interface and have Nessus started and ready for use.
- It simplifies the process of persisting your data.
- You can add additional packages to your NST system and customize as you like.
- You can run yum update to keep your system up to date (if you try this on a live boot you will likely run out of memory).
- You can use the NST hard disk installation as a emergency boot partition should the operating system on your main partition fail to boot.
Can I Install The NST From The DVD I Booted?
Yes, you can install the NST to a disk partition after booting from the Live DVD media. The installation process should take less than 15 minutes.
Can I Install The NST From A USB Memory Stick?
Installing the NST to a hard disk partition requires booting a "live image" of the NST.
So, if your USB memory stick contains the "live image" of the NST, you will be able to install the NST to a disk partition after booting. The installation process should take less time than booting from DVD media.
However, if your USB memory stick contains a full installation of the NST (as opposed to a "live image"), you will not be able to install the NST to a disk partition.
See the "USB Live" and "USB Full Install" sections in the NST USB FAQ for more details.
What Command Does One Run To Install NST To A Hard Disk?
You can run the nstliveinst script from the command line to install the NST onto a hard disk partition.
Alternatively, if you boot to Graphical Desktop mode and log in using the GNOME desktop manager, you should find a icon on the desktop which can be used to perform the hard disk installation.
What Command Do I Run To Partition My Hard Disk?
The nstliveinst uses the standard Fedora installation tools. You will have the opportunity to partition your disk during the installation process.
If you would like to partition your disk prior to starting the installation process, you can use standard command line tools like cfdisk or fdisk.
For a graphical interface, you can use the gparted utility. If you are using a GNOME desktop, you should find "Gparted Partition Editor" under the "System Tools" menu.
What Is The Password After A Hard Disk Install?
Most likely you will have had the chance to choose a new root login password during the installation process.
However, it is possible to run the nstliveinst script such that the step of choosing a new initial root password is skipped. In this situation, the initial password will be: nst2003.
In either case, this initial password on pertains to logging into the system as the root user. The installation process does NOT update the other passwords on your system (like the one used to access the NST WUI). These passwords will be left at their factory default setting of: nst2003 and must be changed!
So regardless of the initial installation password, one of the first things you should do after booting from your new installation is to log in as root and run the nstpasswd command. This is required to set all of the other passwords associated with accessing your NST system (like the NST WUI).
How Do I Modify The Initial RAM Disk?
Since the 2.11.0 release of the NST, we've been using the kernel and initial RAM file system provided by Fedora. There are very few situations that require any modifications to the initial RAM file system.
If your hardware struggles with booting the NST and you are a Linux expert, you may want to experiment with the contents and scripts contained in the initial RAM file system.
The process of updating the initial RAM file system goes as follows:
- First, you need to mount the /boot partition from the Network Security Toolkit installation (obviously this is only required if it isn't yet mounted). In this example, its assumed that the /boot partition is /dev/sda1.
[root@probe ~] mkdir /mnt/nstboot [root@probe ~] mount /dev/sda1 /mnt/nstboot [root@probe ~]
- Next, you need to determine the name of the initial RAM file system and use gzip and cpio to extract the current contents of the initial RAM disk. The following example extracts this to a new working directory of /tmp/initrd (notice that we made a backup copy of the original file before we started messing around with it).
[root@probe ~] ls /mnt/nstboot/*.img /mnt/nstboot/initramfs-2.6.34.7-61.fc13.i686.img [root@probe ~] mkdir /tmp/initrd [root@probe ~] cd /tmp/initrd [root@probe initrd] cp /mnt/nstboot/initramfs-2.6.34.7-61.fc13.i686.img /mnt/nstboot/initramfs-2.6.34.7-61.fc13.i686.img.orig [root@probe initrd] gzip -dc < /mnt/nstboot/initramfs-2.6.34.7-61.fc13.i686.img | cpio --extract 63156 blocks [root@probe initrd] ls bin emergency initqueue-finished pre-pivot sbin usr cmdline etc initqueue-settled pre-trigger sys var dev init lib pre-udev sysroot dracut-005-5.fc13 initqueue mount proc tmp [root@probe initrd]
- At this point you are free to add, remove and or edit files which make up the initial RAM file system. Most likely you will want to modify the "init" script as this controls how the Operating System is brought up by loading modules and mounting the file system.
- Finally, you need to use gzip and cpio to save our updates back into the initial RAM file system that the Network Security Toolkit will use the next time it boots.
[root@probe initrd] find . | cpio -oc | gzip -c -9 >| /mnt/nstboot/initramfs-2.6.34.7-61.fc13.i686.img 63156 blocks [root@probe initrd] cd [root@probe ~] rm -fr /tmp/initrd [root@probe ~] umount /mnt/nstboot [root@probe ~]
At this point, you can try booting the system and observe the results of your changes.
How Can I Optimize My SSD Set Up?
At this point in time, we haven't spent time trying to optimize Solid State Disk (SSD) performance on a NST system. However, we have come across a interesting article with some general suggestions related to optimizing SSD performance on Linux systems. See the CNET article: Geek Sheet: A Tweaker's Guide to Solid State Drives (SSDs) and Linux.