Fedora 28 provides the core for the latest version of Network Security Toolkit (NST), which is a bootable live USB-based distro that’s designed to offer system administrators easy access to all of the FOSS network security applications they might need. Release #28-10234 includes many proactive and targeted security tools that can help with making sure a system is hardened against attacks.
While it’s based on Fedora 28, NST only includes networking tools that meet exacting standards. Users can opt to run other tools if the need arises, but the selection process is designed to ensure that anyone who starts a system from boot media they make with the new ISO will have everything they need right away without any fat.
Most notably, the updated ISO includes improvements for Bluetooth support as well as critical bugfixes to some scanning tools that will ensure they catch some important pieces of recent malware. Additional scanning features should make it easier to find Bluetooth connections that older versions of the OS struggled with.
Builds for these tools are generally based on the editions included with Fedora 28. Considering the fact that the Fedora community tends to adopt new changes much faster than those of more conservative distros, it certainly seems as though these tools would be fairly close to the cutting edge anyway.
NST’s developers now integrate Sguil into their ISO as well. Sometimes known as the so-called Analyst Console for Network Security Monitoring, Sguil helps NST by displaying IDS events in real time. It can also display raw packet captures, which is quite important when performing any type of network security task. While it’s certainly can’t accomplish every task, Sguil should be able to provide good at-a-glance coverage of everything that’s going on within a network.
Ncrack, a password cracking package that helps discover poor passwords, was included as well. This is not at all to say that the developers condone misuse of this sort of technology.
Rather, it’s hoped that by including it system administrators will be able to catch weak passwords on a network before someone else with very different plans for how to use that information finds them. Poor password selection has always been a major attack vector, and this could help put a stop to it on some business networks.