I’d like to point out a couple of user-submitted modules for NSM-Console that are now included in the distribution.
Firstly, scholar01 has created a ‘flowtag’ module for NSM-Console to use Chris Lee’s excellent Flowtag software for categorizing and tagging network flow for a packet capture. Thanks for the submission scholar01!
Secondly, JohnQPublic has created a ‘clamscan’ module to in order to scan the files extracted by either tcpxtract or foremost for viruses. The clamscan module uses the popular open-source antivirus ClamAV software. Thanks JohnQPublic!
Both of these modules have been committed into NSM-Console’s code, and while only flowtag is included in the 0.5 release, you can try them out by checking NSM-Console out of SVN with the following command:
svn co http://svn.security.org.my/trunk/rawpacket-root/usr/home/analyzt/rp-NSM/nsm-console nsm-console
Note that the majority of the code I commit to svn is stable enough for regular usage, it just doesn’t undergo the regular testing that the point-releases do before they are released.
Thanks to both authors for submitting modules, they’re now included in the ‘credits’ command.
Filed under clamav, clamscan, flowtag, hex, module, monitoring, network, nsm, nsm console, security, submission, svn
You can now directly browse the source code for both the Hex liveCD and the source code for NSM-Console directly from the Rawpacket Hex trac.
If you’re interested in upcoming features in NSM-Console, you can check out the latest TODO file here.
Thanks go to spoonfork who switched us over from CVS to SVN without any major headaches
Trying to run svn on Hex 1.0.* you get the following error:
/libexec/ld-elf.so.1: Shared object "libaprutil-1.so.2" not found, required by "svn"
As geek00l pointed out, this can be fixed by issuing the following command:
cd /usr/ports/devel/apr-svn/ && make install clean
Assuming you have a ports tree downloaded into hex, but what if you don’t have access to the ports tree? (I can’t download the ports tree from my work) Well, I’ve created the packages you need to install in order to get svn to work properly.
First, download db42-4.2.52_5.tbz and apr-gdbm-db42-1.2.8_2.tbz to the same directory somewhere on the Hex machine. Then issue the following command:
sudo pkg_add -v ./apr-gdbm-db42-1.2.8_2.tbz
This will automatically install the db42 package as a dependency. After installing the apr package, svn should work without any problems.