Key Release Changes: Difference between revisions

From MediaWiki
Jump to navigationJump to search
Line 15: Line 15:
== NST System Maintenance And Updates ==
== NST System Maintenance And Updates ==


NST is maintained via yum updates from Fedora or the Network Security Toolkit repository. These sites are rundundantly located in case of system or network failures. See the [[Getting_Started#Maintaining_And_Updating_NST | Maintaining And Updating NST]] on the [[Getting_Started]] page for detailed information.
NST is maintained via yum updates from Fedora or the Network Security Toolkit repository. These sites are rundundantly located in case of system or network failures. See the [[Getting_Started#Maintaining_And_Updating_NST | Maintaining And Updating NST]] on the [[Getting_Started | Getting Started]] page for detailed information.


= Distribution Size =
= Distribution Size =

Revision as of 15:53, 23 September 2009

Package Management

Full Package Management

You can now easily add packages to the NST distribution using standard yum and rpm commands. This allows you to start with a initial NST distribution and then enhance it for your custom purposes.

This is only recommended after performing a hard disk installation of the NST.

Live Systems Can Be Updated

You can perform package management commands using yum and rpm commands even if you boot NST Live (off of a DVD or USB drive). However, since the media is not writable, new packages which are downloaded and added will consume RAM.

Because of this, you should only install a few packages at a time for experimental purposes. If you were to attempt a full system update on a Live system, it is likely it will run out of memory.

NST System Maintenance And Updates

NST is maintained via yum updates from Fedora or the Network Security Toolkit repository. These sites are rundundantly located in case of system or network failures. See the Maintaining And Updating NST on the Getting Started page for detailed information.

Distribution Size

In order to update the NST distribution to support full package management, the full ISO distribution has increased significantly in size.

The full distribution can no longer be burned to CD media (you must burn it to a DVD or a USB drive).

If you have a system which can only boot from CD media (i.e., it can't read DVD media and does not support booting from a USB drive), you will not be able to run a full NST Live distribution.

However, it is still possible to perform a hard disk installation of the full NST distribution by starting with the NST Minimal ISO image. See the NST Minimal page if this applies to you.

Initial Boot

Disabled Services

The following services are disabled until the default NST password is changed upon booting NST Live or after a fresh NST hard disk install. Run the nstpasswd script to set the password for the root user and then both the sshd and httpd service will automatically be enabled.

sshd
The SSH daemon providing secure encrypted communications between two untrusted hosts over an insecure network.
httpd
The Apache Hypertext Transfer Protocol Server (HTTP) - Web server.

Default Password

The default password is still nst2003.

In prior releases, you had to set the password of the NST system each time you booted a system from the ISO image. This was a good practice as the https and sshd services were enabled by default when logging into system.

Starting with the new release, we no longer require you to set the NST password when the system boots. However, we no longer enable the https and sshd services until you run the nstpasswd script to set the system passwords.

Hence, the NST system acts as a client system (you won't be able to connect to it from other systems) until you secure it by running the nstpasswd script.

Security Risk

Note: This does NOT apply if you download the NST Virtual Machine. It also uses the default password of nst2003, but does not disable the httpd and sshd services. If you download and boot the NST Virtual Machine, make sure that you run the nstpasswd command immediately after booting the system (or disable your virtual network connections) to prevent possible security exposures.

Graphical Desktop

You now have the option to boot directly to a graphical desktop (you can choose between Fluxbox or GNOME).

Media Check

At the initial boot screen, you can now perform a media check at the start of the boot. This should be done to verify your media (especially in situations where the NST system does not boot cleanly or behave properly).