Requirements
The nzyme system aims to be easy to configure and run with standard components. It is likely that you already own everything you need.
The architecture is versatile, designed to operate seamlessly on your local hardware or cloud environments, considering orchestration systems in the process. For instance, a nzyme node doesn't store any critical local state, enabling it to be quickly spun up and down in multi-node installations.
Hardware / Servers
You will need at least one server to run the nzyme-node component on. The nzyme-node is, besides many other things,
spinning up the web interface and receiving recorded network data from nzyme-tap installations.
- The
nzyme-nodecomponent has to be more powerful if it handles more taps or more data. A good starting point is to give it at least 4GB of memory, 25 GB of free disk space and 4 CPU cores. - Likewise, the
nzyme-tapcomponent has to be more powerful if it records more traffic. For a typical WiFi data recording tap setup, you will need at least an equivalent to a Raspberry Pi 3. If you read Ethernet data, which will likely see significantly more throughput, you should at least have 4 CPU cores and 4 GB of memory. Disk space is mostly irrelevant because no data is stored on disk.
Of course you can also run the nzyme-node on the same hardware as the nzyme-tap.
Software
You need a Linux operating system and using an official supported (please refer to the installation guides) Linux distribution is strongly recommended.
This documentation assumes that you have a basic level of understanding of the Linux distribution you chose. But don't worry, you don't have to be an extreme Linux expert. Simple things like navigating the command line interface, editing files and installing packages will be the minimum level of experience required.
WiFi Adapters
If you want to use the WiFi functionality of nzyme, you will need at least one WiFi adapter that support monitor mode. Monitor mode is the special state of a WiFi adapter that makes it read and report all 802.11 frames instead of just certain management frames or frames of a network it is connected to. You could also call this mode sniffing mode or promiscuous mode: The adapter simply reports everything it sees on the frequency it is tuned to.
The problem is that many adapter/driver/operating system combinations do not support monitor mode. That is why you will likely have to purchase a adapter that is known to work well with systems like nzyme.
Officially tested and well working adapters:
- ALFA AWUS036NH
- ALFA AWUS051NH v.2
- ALFA AWUS036NEH
- ALFA AWUS036ACM
- ALFA AWUS036AXML
- Panda PAU05
- Panda PAU06
- Panda PAU07
- Panda PAU09
- Panda PAU0D
- Intel AX210/AX211/AX411 (Usually an on-board chip. Does currently not support WiFi 6 because of issues with its driver and how it determines the region it is in. 2.4 and 5 GHz work fine.)
Additionally, the community has reported these adapters to work with nzyme:
- ALFA AWUS036ACS (Here is a community post with instructions)
- CSL USB 2.0 WLAN Adapter 300Mbit
Adapters and chipsets known to be causing problems with nzyme:
- Nineplus AX1800 (The
rtl8832auchipset is not entering monitor mode) - EDUP AX5400M (The
rtw8852cuchipset is not entering monitor mode)
Ethernet Capture
The Ethernet functionality of nzyme has no special hardware requirements. You will simply capture data from any Ethernet interface that records interesting data, usually in promiscuous mode. Usually that data would be coming from a mirror port on a switch, router or similar appliance.