NST Version 2.16.0-4104 Released

We are pleased to announce the latest NST release: "v2.16.0-4104". This release is based on Fedora 16 using Linux Kernel: "3.4.9-2.fc16". This is a interim release which includes all of the NST and Fedora 16 package updates since 2012-Feb-27 rolled into a fresh ISO image. If you are building your own NST yum repository or have a subscription to the NST PRO yum repository, you may not need this ISO image as you should be able to simply yum update you NST system(s).

Here are some of the highlights for this release:

* The NST project team has worked with the CloudShark folks to facilitate uploading and viewing network packet captures generated by an NST system to either "CloudShark.org" or a "CloudShark Appliance". A new CloudShark Upload Manager tool was created and embedded within the NST WUI to accomplish this. See also the HowTo Use The NST CloudShark Upload Manager NST Wiki page: http://wiki.networksecuritytoolkit.org/nstwiki/index.php/HowTo_Use_The_NST_CloudShark_Upload_Manager for more information.

* The NST WUI ARP Scan page, which utilizes the arp-scan utility, has been completed. This allows you to quickly scan and inventory each attached network segment throughout your network infrastructure and also perform additional security auditing on each discovered host. See the article: HowTo Use The NST WUI arp-scan page: http://wiki.networksecuritytoolkit.org/nstwiki/index.php/HowTo_Use_The_NST_WUI_arp-scan_Page_To_Quickly_Locate_Hosts for additional information.

* A separate NST WUI ARP Scan monitoring page was added. This web page is designed to periodically run the arp-scan command. Results are accumulated from each run allowing you to keep track of what systems enter and leave your network throughout the day.

Many new NST WUI enhancements and refinements including:

* Most NST WUI pages have been enhanced to use an NST Shell Command Console for resultant output. This allows for extreme flexibility when using the results for analysis or reports. See the NST Shell Command Console Reference page: http://wiki.networksecuritytoolkit.org/nstwiki/index.php/HowTo_Use_The_NST_Shell_Command_Console for additional information.

* New pop-up network tools widgets have been created for IPv4, IPv6, Host Names, and MAC addresses. NST WUI pages which display network addresses or host names will allow you to click on the network entity to bring up the appropriate tools widget. Once the widget is displayed, you can perform a variety of related actions using the network entity. Each widget has an integrated NST Shell Command Console for results. See the NST Network Tools Widgets Reference page: http://wiki.networksecuritytoolkit.org/nstwiki/index.php/HowTo_Use_The_NST_Network_Tools_Widgets for additional information.

* Both the Single and Multi-Tap Network Packet Capture pages now support the new PCAP Next Generation Dump File Format.

* The NST Network Interface Bandwidth Monitor Ruler Measurement Tool has been enhanced with Peak/Trough Detection and a Ruler Guide Movement Control feature. This feature helps during bandwidth rate analysis by making it easier to position the left and right ruler tool guides when performing data rate measurements. See the NST Bandwidth Monitor Reference Diagram page: http://wiki.networksecuritytoolkit.org/nstwiki/index.php/NST_Network_Interface_Bandwidth_Monitor for more information.

As always, the networking and security applications included have been updated to their latest version which can be found in the manifest.

For more details related to the code changes for this release, refer to the Change Log page: http://www.networksecuritytoolkit.org/nst/log/changelog.html .

Posted by Ronald W. Henderson 2012-09-04