Network Defense System.
Release blog post: https://www.nzyme.org/blog/project/2024/05/02/release-v200-alpha-13
Note that the Ethernet functionality is still extremely limited!
If you are upgrading from a previous version, you can simply run dpkg -i
on the new release packages and restart the nzyme
and nzyme-tap
services.
nzyme-node
: (You can most likely keep the default setting at 2
)performance: {
# How many threads work on processing incoming tap reports.
report_processor_pool_size: 2
}
Please read the release blog post for a list of all new features and improvements.
Release blog post: https://www.nzyme.org/blog/project/2024/04/08/release-v200-alpha-12
Note that the Ethernet functionality is still extremely limited!
If you are upgrading from a previous version, you can simply run dpkg -i
on the new release packages and restart the nzyme
and nzyme-tap
services.
Please read the release blog post for a list of all new features and improvements.
Release blog post: https://www.nzyme.org/blog/project/2024/04/02/release-v200-alpha-10
Note that the Ethernet functionality is still extremely limited!
If you are upgrading from a previous version, you can simply run dpkg -i
on the new release packages and restart the nzyme
and nzyme-tap
services.
nzyme-tap
configuration file requires the following additional configuration setting. You can leave the default settings as they are until TCP processing officially supported and you start using it.[protocols.tcp]
pipeline_size = 16384
reassembly_buffer_size = 1048576
session_timeout_seconds = 60
nzyme-node
after the upgrade may take a little longer than usual because we added indices to some potentially large tables.Please read the release blog post for a list of all new features and improvements.
Release blog post: https://www.nzyme.org/blog/project/2024/01/10/release-v200-alpha-9
Note that the Ethernet functionality is still extremely limited!
If you are upgrading from a previous version, you can simply run dpkg -i
on the new release packages and restart the nzyme
and nzyme-tap
services.
CCMP-CCMP/PSK+PMF_DISABLED
. You have to update the expected security suite strings in your monitored network configurations or a "Unexpected Security Suites" alert will be triggered.Please read the release blog post for a list of all new features and improvements.
The next v2.0.0 alpha release, alpha.6, was just published. It comes with a lot of important improvements as well as the brand-new Context functionality.
Release blog post: https://www.nzyme.org/blog/project/2023/12/08/release-v200-alpha-6
Note that the Ethernet functionality is still extremely limited!
If you are upgrading from a previous version, you can simply run dpkg -i
on the new release packages and restart the nzyme
and nzyme-tap
services.
The nzyme v2.0.0 release train continues and version alpha.5 just arrived. It comes with a lot of new functionality around WiFi deauthentication/disassociation activity as well as several other improvements.
Release blog post: https://www.nzyme.org/blog/project/2023/11/04/release-v200-alpha-5
If you are upgrading from a previous version, you can simply run dpkg -i
on the new release packages and restart the nzyme
and nzyme-tap
services.
This new alpha release of the v2.0.0 series adds support for WiFi 6E, Netlink improvements, custom WiFi bandits, deauthentication overview and configurable signal track detector parameters.
Release blog post: https://www.nzyme.org/blog/project/2023/09/28/release-v200-alpha-4
If you are upgrading from a previous version, you can simply run dpkg -i
on the new release packages and restart the nzyme
and nzyme-tap
services.
nzyme-tap
configuration file syntax for WiFi channels has changed. Please refer to the example configuration file or documentation. Channel arrays are now separated into 2.4 GHz, 5 GHz and 6 GHz bands to account for overlapping channel numbers in WiFi 6E.The second alpha release of the v2.0.0 series adds 802.11/WiFi monitoring, bandit detection and alerting. You can find the full release blog post including changelog here.
If you are upgrading from a previous version, you can simply run dpkg -i
on the new release packages and restart the nzyme
and nzyme-tap
services.
nzyme-tap
:
performance.wifi_broker_buffer_capacity
(default: 65535
)performace.ethernet_broker_buffer_capacity
(default: 65535
)nzyme-tap
example configuration file with all configuration settings file in /etc/nzyme
.Immediately superseded by v2.0.0-alpha.3
due to a critical bug.
The first alpha release of the v2.0.0 series aims to provide a foundation of functionality that future releases can build upon on. The architecture and configuration is considered stable now, meaning that future upgrades will be very easy.
Full release blog post: https://www.nzyme.org/blog/project/2023/07/31/release-v200-alpha-1.html