HowTo Setup A Wireless Notebook With Multiple Network Interface Adapters Using: "nstnetcfg"

From NST Wiki
Jump to navigationJump to search


This page demonstrates how to setup networking with an NST wireless notebook that is configured with multiple network interface adapters for performing simultaneous network computing surveillance tasks. The NST script: "nstnetcfg" command line software utility was designed to make this task easy to accomplish using a combination of both the "NetworkManager" and "network" services.

Note: One of the design goals of the "NetworkManager" service was to make setting up a wireless adapter in Linux a much simpler process.

The diagram below will be used as a reference for setting up a wireless notebook configured with multiple network interface adapters using NST. The notebook is shown with USB 3.0 Gigabit NIC attachments to the network infrastructure for security tasks and the wireless interface used for management connectivity. This configuration is typical for a Network Security Professional to perform mobile network surveillance tasks and penetration analysis tests.

A Multi-Network Interface Adapter NST Notebook Configuration
Note: The USB 3.0 Specification defines the "SuperSpeed" mode with a signalling speed of 5 Gb/s and a usable data rate of up to 4 Gb/s. Based on this, a USB 3.0 Gigabit NIC Adapter should be capable of providing Full Line Rate Gigabit Data to the NST system.
Warning.png Following the instructions on this page may cause a issue with the NetworkManager applet in regards to selecting wireless networks. You might not be able to select wireless networks directly from the list presented by the applet after following the steps on this page. You should still be able to select wireless networks by selecting the Network Settings option that appears at the bottom on the NetworkManager applet on a GNOME 3 desktop.
Use Network Settings To Select A Wireless Network

Network Interface Setup Configuration Information

In this section we will identify each network interface and how it should be setup using the "Wireless Notebook" configuration illustrated in the reference diagram above. The NetworkManager service by default will use "DHCP" to derive its network parameters (i.e., IPv4 Adress, Subnet Mask, Host Name, Gateway Address, Name Servers, Time Servers, etc...) The table below depicts values that will be used by the nstnetcfg script.

Interface / Parameter Configuration Values Network Service
wlan0 Network parameters derived from: DHCP NetworkManager
p2p1 IPv4 Address: stealth network
p4p1 IPv4 Address: stealth network


Note: After a DHCP lease is obtained, NST uses a custom dhclient exit hook script: "/etc/dhcp/dhclient.d/" to set the system Host Name, update the static table lookup file: "/etc/hosts" and perform updates to the Apache Web Server SSL configuration file: "/etc/httpd/conf.d/ssl.conf" for proper NST WUI access using HTTPS.


Network Interface Configuration: nstnetcfg

The NST script: "nstnetcfg" will now be used for setting up networking on this notebook. This script will enable the "NetworkManager" service for the wireless adapter: "wlan0" and enable the "network" service for "stealth" interfaces: "p2p1" and "p4p1". Use the sequence of nstnetcfg invocations below to serve as an example for setting up networking on your particular wireless notebook with NST.

Note: The reader is encouraged to use the man page for "nstnetcfg" as reference material prior to its use. One can also use the "--verbose" output parameter for greater visibility on the progress of the nstnetcfg during its configuration stages.

Warning.png The "nstnetcfg" script should only be run on a Serial Console or a Desktop Terminal due to the fact that the "IPv4 Address" for this NST system will most likely change.

Initialize All Network Interfaces

The nstnetcfg mode: --init will put the networking setup posture in a known initialized state. Both the "NetworkManager" service and the "network" service will be disabled with their associated configuration files and/or entries removed. The "LoopBack" interface device is never altered or removed with this mode. The Name Service Switch configuration file: "/etc/nsswitch.conf" will have its hosts entry set to: "files dns". It is wise to first use this mode prior to setting up networking so that any lingering "NetworkManager" configuration files will Not interfere with the "network" service operation.

[root@probe ~]# nstnetcfg --mode init;
[root@probe ~]#


"NetworkManager Service" Configured Interface

The example NST notebook shown above uses the wireless network interface: "wlan0" for network connectivity to and from this NST system.

Interface: wlan0

The configuration for this interface is shown below. Once the "wlan0" network interface is under the control of the NetworkManager service, One will need configure the wireless interface using the NetworkManager applet located on your Desktop.

[root@probe ~]# nstnetcfg --mode netmgr --interface wlan0;
[root@probe ~]#


Stealth Configured Interfaces

The "Stealth" network interfaces (i.e., An interface in the "UP" state with No binding IPv4 Address) will now be configured using the network service. These interfaces are strategically network attached throughout the network infrastructure for surveillance monitoring.

Interface: p2p1

This network interface: "p2p1" is used to monitor specific "Intranet" traffic on a SPAN (Switched Port Analyzer) port.

[root@probe ~]# nstnetcfg --mode stealth --interface p2p1;
[root@probe ~]#

Interface: p4p1

This network interface: "p4p1" is used to monitor specific "Firewall" traffic on a SPAN (Switched Port Analyzer) port.

[root@probe ~]# nstnetcfg --mode stealth --interface p4p1;
[root@probe ~]#

Stealth Interface Combo Setting Command

The output below is a compact way of using a Bash "for loop " statement to configure all "Stealth" interfaces in one command line invocation.

[root@probe ~]# for i p2p1 p4p1; do nstnetcfg --mode stealth --interface ${i}; done
[root@probe ~]#


Using A Bash Script With "nstnetcfg"

It may be better to use a Bash script given the numerous invocations of "nstnetcfg" with this NST network configuration setup. A good location to store your script would be in directory: "/etc/nst". This will allow one to easily make changes to your network configuration by editing the script and running it. An example script below is shown for: "/etc/nst/" using the above invocations of "nstnetcfg". One can copy and paste this script as a starter template file for your usage.


# Script: ""

# Description: Helper script for setting up the configuration of network interfaces
#              on a wireless notebook using: "nstnetcfg".

# Short Usage: "nstnetcfg"
#   nstnetcfg [-m|--mode TEXT] [-i|--interface DEVICE]
#          [-a|--ipv4-addr-prefix IPv4ADDR/PREFIX] [-g|--gateway IPv4ADDR]
#          [--mac-addr MACADDR] [--host-name TEXT] [--domain-name TEXT]
#          [--name-servers IPv4ADDRLIST] [--hosts-file-only [true]|false]
#          [--virtual-host TEXT] [--server-name TEXT]
#          [-h|--help [true]|false] [-H|--help-long [true]|false]
#          [-v|--verbose [true]|false] [--version [true]|false]
#   Available Modes: ipv4, dhcp, ssl, stealth, netmgr, rmint, init, show

# Uncomment to enable verbosity 
#VERBOSE=" --verbose";

# Network Interface: Initialization
/usr/bin/nstnetcfg --mode init${VERBOSE};

# Network Interface: wlan0
/usr/bin/nstnetcfg --mode netmgr --interface wlan0${VERBOSE}; 

# Network Interface: p2p1
/usr/bin/nstnetcfg --mode stealth --interface p2p1${VERBOSE};

# Network Interface: p4p1
/usr/bin/nstnetcfg --mode stealth --interface p4p1${VERBOSE};

# Uncomment for using a Stealth Interface Combo Setting
#for i in p2p1 p4p1;
#  do /usr/sbin/nstnetcfg --mode stealth --interface ${i};

Script Invocation

Make sure the script has it's execute permissions set:

[root@probe ~]# chmod +x "/etc/nst/";
[root@probe ~]#

Execute the script:

[root@probe ~]# /etc/nst/;
[root@probe ~]#


NetworkManager Command Line Status

The output below show the NetworkManager device status using the command line utility: "nmcli" after running the example "nstnetcfg" invocations above.

[root@probe ~]# nmcli device status;
DEVICE     TYPE              STATE        
p2p1       802-3-ethernet    unmanaged    
p4p1       802-3-ethernet    unmanaged    
wlan0      802-11-wireless   connected 
[root@probe ~]#