The nzyme rewrite has been in development for approximately six months now, and we are nearing the first installable release. As I articulated in my January blog post, to maintain quality and thoroughness, we refrain from making commitments or promises about roadmaps or release dates. Nevertheless, we’re almost at a point where the software can be installed, and I’d like to seize this opportunity to update the community about our next steps.
“Private” Pre-Release v2.0.0-alpha.1
Expect a “private” beta release in the first half of July. “Private” doesn’t precisely mean exclusive, as it will be
accessible to everyone. Nevertheless, there’s a small group of individuals I wish to collaborate closely with during
their installation and usage of nzyme. This approach will enable me to provide them with priority support and
learn what needs improvements and what is missing. You can still apply for the private beta, and
everyone else is welcome to join the Discord channel for questions and comments. I
plan to be highly active there as well.
Like last year, several groups of people intend to run nzyme at DEF CON and other conferences during that week. I am planning to deliver a useful v2.0.0 package in time, provide sufficient preparation time, be present onsite to answer any questions and help out where I can. If you’re attending and we haven’t connected yet, please reach out!
What will be included?
Again, no commitments or promises, but you can anticipate the following on a high level:
- Most notably, a package that you can install, featuring a configuration file and dependencies that are unlikely to change in the following releases. This means you will be able to effortlessly apply updates as they become available in the days and weeks following the initial pre-release, without the need for reinstallation or reconfiguration.
- Basic documentation to assist you in getting started.
- The new web interface.
- A substantial set of the WiFi functionality from the current v1.x releases re-implemented, accompanied by numerous usability improvements based on v1.x user feedback.
- A limited set of initial Ethernet functionality.
- Alerting, accompanied by an initial set of alerting methods.
- Forwarding to a selection of log management and SIEM solutions.
- Implementation of multi-tenancy and multi-user authentication with all security controls ready to go.
Expect swift, fully packaged, and simple-to-install updates following this initial pre-release.
Until then …
To prepare today, you might consider procuring hardware to run nzyme on:
- For taps (the nzyme component that reads and forwards WiFi frames or Ethernet data), you’ll require a device capable of running Linux, ideally with specifications at least equivalent to a Raspberry Pi 3 with 1GB RAM or better.
- Ensure you have some WiFi adapters that can be set to monitor mode. (Ethernet capture is using the interface promiscous mode and needs no special hardware, except maybe a dedicated ethernet interface for packet capture in high-throughput situations.)
- For nzyme server nodes, any compact Linux system with a minimum of approximately 4GB RAM and a few CPU cores will suffice. Communication from the taps to the server nodes is performed using HTTPS, allowing the use of a remote or cloud server.
- There is an overview of the coming architecture in this blog post.
- Our guides will be based on Ubuntu Server, and I recommend you use that. Packages and documentation for RHEL-like systems will follow shortly thereafter.
Join the nzyme Discord channel if you have any questions or want to lurk.
I’m incredibly excited about this next step.