Zaurus as a Seurity tool Options

[enemy_cow]

I have Nessus set up on a couple of work Linux servers, for vulnerability testing, and notice there is a Nessus client for the Zaurus. Unfortunately, I've never got it to work. It installs, but doesn't login to the nessusd.  

i haven't played with this myself, but i read on the znessus homepage that the znessus client doesn't support the default nessus certificate authentication. i would assume that you would most likely need to disable nessus' default encryption requirements.

i dont know if youd neccesarily want to run nessus unencrypted, however.

[magickarle]

Hi, do you guys got any suggestions for a Cf 802.11 card? I want to use nessus (so I dont' want to run in any compability issue hehe)
thanks

[realm]

i have a c3000 with debian arm on it. i have all the linux capable programs on the insecure.org security list up on it except for about 5. Nessus server and client are both running natively on it, just had to apt-get most of them.

[Wildherb]

Firstly my thanks to Irongeek for the insight he has provided into making the 5500 a useful securty audit tool. I have spent many happy hours with OZ on my 'collie' and he has inspired me to take things further. I now have a C3100 running the Sharp Rom plus X11 and Debian on an SD card. This gives access to dozens of security tools which install with a simple apt-get, far less painful that some of the techniques required for OZ. It is particularly useful to be able to run non-graphical apps simply by executing the 'chroot' command from QT terminal to invoke the debian environment. I'm using an Ambicom CF card by the way, and the apps that I have running include:

Nessus (zNessus client on QT and Debian nessusd server running in the QT terminal. No need for X11 but yes, I did have to disable SSL within nessusd.conf)
zethereal (but with tiny fonts - whats happening?)
ethereal under X11
tethereal under debian and QT terminal
nmap
kismet
wellenreiter
nikto
driftnet - (this is great fun!)
etherape
dsniff (runs perfectly under debian from QT terminal)
ettercap - this used to be a great app but now I cant get any use out of it!?

There are lots more, it is just so easy with debian as realm has pointed out. I hope to get around to documenting some of my installs for the benefit of others as it really is pretty cool.

[Storm]

There are lots more, it is just so easy with debian as realm has pointed out. I hope to get around to documenting some of my installs for the benefit of others as it really is pretty cool.

I was also in the Information Assurance field, and one app (which is technically non-security) that I consider a must-have, in addition to your list above is Tim Wentford's Opie-Reader. It is absolutely awesome. It reads the formats I used when I had my Palm, such as Mobipocket and Plucker (it reads about 5 others, but those are the two I use).

Plucker is an excellent application that I run on my Linux desktop/laptop. It allows you to pull down entire web pages and stick them into a single pdb file, even handling linked pages. I know I have the online capabilities of the Zaurus that I didn't have with my Tungsten, but on the other hand, when onsite, net access is not guaranteed. Plus having the entire page in a single file, even if it is not a native format is a much easier logistics question...Plus the pdbs are smaller than pdfs.

I think I have something like 500 opie-reader books on my Z, and about 1/3 of those are actual (free) full-length Baen sci-fi novels.

Between opie-reader and the PDF reader, I have most of the NIST SP800 series on my Zaurus. All I can say is good on ya, Tim!

--Storm