Last Updated on: 26th September 2023, 03:16 pm
Web site: securixlive.com/knoppix-nsm/ (not active)
Origin:
Category: Forensics
Desktop environment: Fluxbox
Architecture: x86
Based on: Knoppix
Wikipedia:
Media: Live CD
The last version | Released: 1.2 | May 9, 2007
Knoppix-NSM – a modified version of the Knoppix LiveCD, focused on network security monitoring.
Knoppix-NSM is not a preventative tool and does not focus on vulnerabilities.
It contains many very useful tools for detective network analysis, such as:
– Sguil to detect this network activity
– Basic Analysis and Security Engine (BASE) NSM for network monitoring and showing the port scan as well
– the following scans can by ran: FIN, XMAS, NULL, Operational
– Ntop to view statistical network data using – this can alert you to abnormal network such as 95% of all traffic being UDP packets.
The system works in a live session from a CD without installing to hard drive, but can be installed to a hard disk too.