Difference between revisions of "HowTo Setup A Wireless Notebook With Multiple Network Interface Adapters Using: "nstnetcfg""

From NST Wiki
Jump to navigationJump to search
(Interface: p4p1)
(Stealth Configured Interfaces)
Line 74: Line 74:
 
== '''Stealth Configured Interfaces ==
 
== '''Stealth Configured Interfaces ==
  
The "'''Stealth'''" network interfaces (i.e., An interface in the "'''UP'''" state with <u>No</u> binding '''IPv4 Address''') will now be configured. These interfaces are strategically network attached throughout the network infrastructure for surveillance monitoring.
+
The "'''Stealth'''" network interfaces (i.e., An interface in the "'''UP'''" state with <u>No</u> binding '''IPv4 Address''') will now be configured using the '''network''' service. These interfaces are strategically network attached throughout the network infrastructure for surveillance monitoring.
  
 
=== '''Interface: p2p1''' ===
 
=== '''Interface: p2p1''' ===

Revision as of 10:24, 7 May 2013

Overview

This page demonstrates how to setup networking with an NST wireless notebook that is configured with multiple network interface adapters for performing simultaneous network computing surveillance tasks. The NST script: "nstnetcfg" command line software utility was designed to make this task easy to accomplish using a combination of both the "NetworkManager" and "network" services.

Note: One of the design goals of the "NetworkManager" service was to make setting up a wireless adapter in Linux a much simpler process.

The diagram below will be used as a reference for setting up a wireless notebook configured with multiple network interface adapters using NST. The notebook is shown with USB 3.0 Gigabit NIC attachments to the network infrastructure for security tasks and the wireless interface used for management connectivity. This configuration is typical for a Network Security Professional to perform mobile network surveillance tasks and penetration analysis tests.

A Multi-Network Interface Adapter NST Notebook Configuration
Note: The USB 3.0 Specification defines the "SuperSpeed" mode with a signalling speed of 5 Gb/s and a usable data rate of up to 4 Gb/s. Based on this, a USB 3.0 Gigabit NIC Adapter should be capable of providing Full Line Rate Gigabit Data to the NST system.

Network Interface Setup Configuration Information

In this section we will identify each network interface and how it should be setup using the "Wireless Notebook" configuration illustrated in the reference diagram above. The NetworkManager service by default will use "DHCP" to derive its network parameters (i.e., IPv4 Adress, Subnet Mask, Host Name, Gateway Address, Name Servers, Time Servers, etc...) The table below depicts values that will be used by the nstnetcfg script.

Interface / Parameter Configuration Values Network Service
Management
wlan0 Network parameters derived from: DHCP NetworkManager
p2p1 IPv4 Address: stealth network
p4p1 IPv4 Address: stealth network

 

Network Interface Configuration: nstnetcfg

The NST script: "nstnetcfg" will now be used for setting up networking on this notebook. This script will enable the "NetworkManager" service for the wireless adapter: "wlan0" and enable the "network" service for "stealth" interfaces: "p2p1" and "p4p1". Use the sequence of nstnetcfg invocations below to serve as an example for setting up networking on your particular wireless notebook with NST.

Note: The reader is encouraged to use the man page for "nstnetcfg" as reference material prior to its use. One can also use the "--verbose" output parameter for greater visibility on the progress of the nstnetcfg during its configuration stages.

Warning.png The "nstnetcfg" script should only be run on a Serial Console or a Desktop Terminal due to the fact that the "IPv4 Address" for this NST system will most likely change.

Initialize All Network Interfaces

The nstnetcfg mode: --init will put the networking setup posture in a known initialized state. Both the "NetworkManager" service and the "network" service will be disabled with their associated configuration files and/or entries removed. The "LoopBack" interface device is never altered or removed with this mode. The Name Service Switch configuration file: "/etc/nsswitch.conf" will have its hosts entry set to: "files dns". It is wise to first use this mode prior to setting up networking so that any lingering "NetworkManager" configuration files will Not interfere with the "network" service operation.

[root@probe ~]# nstnetcfg --mode init;
[root@probe ~]#

"NetworkManager Service" Configured Interface

The example NST notebook shown above uses the wireless network interface: "wlan0" for network connectivity to and from this NST system.

Interface: wlan0

The configuration for this interface is shown below. Once the "wlan0" network interface is under the control of the NetworkManager service, One will need configure the wireless interface using the NetworkManager applet located on your Desktop.

[root@probe ~]# nstnetcfg --mode netmgr --interface wlan0;
[root@probe ~]#

 

Stealth Configured Interfaces

The "Stealth" network interfaces (i.e., An interface in the "UP" state with No binding IPv4 Address) will now be configured using the network service. These interfaces are strategically network attached throughout the network infrastructure for surveillance monitoring.

Interface: p2p1

This network interface: "p2p1" is used to monitor specific "Intranet" traffic on a SPAN (Switched Port Analyzer) port.

[root@probe ~]# nstnetcfg --mode stealth --interface p2p1;
[root@probe ~]#

Interface: p4p1

This network interface: "p4p1" is used to monitor specific "Firewall" traffic on a SPAN (Switched Port Analyzer) port.

[root@probe ~]# nstnetcfg --mode stealth --interface p4p1;
[root@probe ~]#