Help - Search - Members - Calendar
Full Version: Zaurus as a Seurity tool
OESF Forums > General Forums > General Support and Discussion > Security and Networking
Irongeek
I’ve got the first version of my page describing how to get various security apps up and running on the Zaurus PDA. The URL is http://homepages.ius.edu/adrian/z/ Currently it covers the install (and some of the use ) of:

Wellenreiter II
Kismet
Ethereal
Ettercap
Nmap


Let me know what you think.
edo
Irongeek,

Yep, I like the page. You are using a few apps that I've had problems installing. The reason I suspect that I've had problems is that I'm running the Sharp Rom 3.10 whereas you are running OpenZaurus.

Currently I use a range of network tools on my Zaurus SL-5500 for various security and analysis purposes. Applications installed include Kismet and Kismet-qt (GUI for it), Java jportscan, nmap, wlanmon, znetmeter, traceroute, and a few others.

I have Nessus set up on a couple of work Linux servers, for vulnerability testing, and notice there is a Nessus client for the Zaurus. Unfortunately, I've never got it to work. It installs, but doesn't login to the nessusd.

The amount of networks tools, clients, and servers available on the Zaurus is excellent. If only all PDAs were this good!

Regards,
Steven Goacher.
Irongeek
I have yet to look at Nessus for the Zaurus. Is there a Nessus server for the Zaurus as well as a client? I would suspect with the amount of exploits it checks for you would have to install it to an SD card to get it to fit.
soycap
Nice page. I added a link to it from my Z page:

http://www.tekprosystems.com/zaurus

I mostly use Wellenreiter, jportscan (simple front end for nmap, required nmap and jeode/java), and bing (script that finds live ip addresses on networks, also requires nmap)

jportscan
http://www.killefiz.de/zaurus/showdetail.php?app=115

bing
http://www.killefiz.de/zaurus/showdetail.php?app=363
Irongeek
Thanks, I'll have to look at those two tools.
Irongeek
I took a look at those apps. The link on killefiz.de for Bing is down. I'll be putting up instruction soon on how to get Nmap 3.50-1 working.
Anonymous
How well do these apps (on your site, Irongeek) work on the Sharp 3.1x after installing using ipkg-new?
Anonymous
Honestly I have no idea. Is Sharp Sharp 3.1x gcc3 or gcc2?
Irongeek
The above post was mine, I must remember to login. smile.gif
soycap
I have a copy of bing here:

http://www.tekprosystems.com/zaurus/downlo...g_0.0.1_arm.ipk
Anonymous
I was able to get Kismet to work on sl-5600. I have a few questions.

1) It does not appear to dump the packets or any detailed info, just give the q s n (is this gps), the ssid, and it mentions crypt data and llc but you cant tell any packet info.

2) Is kismet just set up to dump to a file from the kismet.conf file if you have sd and not to reply to d or p commands?

3) What specifically is q s n and the llc ?

THank you
Anonymous
nice site Irongeek!!!

Ive been linking from Google search engine to give you a couple more hits....jsut noticed your numero uno now!!!

biggrin.gif

jrsjkd
Anonymous
Saw where in the directory it logs packets that ethereal can read. However, supposed to be a few files (weak packets ) etc that arent logged there, nor much on the display screen??? Im assuming it doesnt really tell much about wep.
orac
From command prompt (Opie not running):
Added the feed
http://www.vanille.de/feed/openzaurus/armv4l-gcc2.95/
upgraded libopie2, (and associated) to the 12/18/2003 versions.

I then installed opie-wellenreiter.
After running wellenreiter from the console (I started opie back up), I noticed that those packages didn't do up the symlinks properly for libopiecore2, libopieui2, and libopienet2. Just link them to the libs you just installed, et voila!
Run Wellenreiter, and all is good.
Anonymous
Unable to get ettercap, or zethereal working on sharp rom.



# ipkg install zethereal_1.0*.ipk

zcat: zethereal_1.0_arm.ipk: not in gzip format

zcat: stdin: unexpected end of file
ipkg_install_file: ERROR unpacking control.tar.gz from zethereal_1.0_arm.ipk
#

ipkg install ettercap-comm*.ipk

zcat: ettercap-common_0.6.b-2_arm.ipk: not in gzip format

zcat: stdin: unexpected end of file
ipkg_install_file: ERROR unpacking control.tar.gz from ettercap-common_0.6.b-2_arm.ipk
enemy_cow
QUOTE
I have Nessus set up on a couple of work Linux servers, for vulnerability testing, and notice there is a Nessus client for the Zaurus. Unfortunately, I've never got it to work. It installs, but doesn't login to the nessusd.  


i haven't played with this myself, but i read on the znessus homepage that the znessus client doesn't support the default nessus certificate authentication. i would assume that you would most likely need to disable nessus' default encryption requirements.

i dont know if youd neccesarily want to run nessus unencrypted, however. tongue.gif
magickarle
Hi, do you guys got any suggestions for a Cf 802.11 card? I want to use nessus (so I dont' want to run in any compability issue hehe)
thanks
realm
i have a c3000 with debian arm on it. i have all the linux capable programs on the insecure.org security list up on it except for about 5. Nessus server and client are both running natively on it, just had to apt-get most of them.
Wildherb
Firstly my thanks to Irongeek for the insight he has provided into making the 5500 a useful securty audit tool. I have spent many happy hours with OZ on my 'collie' and he has inspired me to take things further. I now have a C3100 running the Sharp Rom plus X11 and Debian on an SD card. This gives access to dozens of security tools which install with a simple apt-get, far less painful that some of the techniques required for OZ. It is particularly useful to be able to run non-graphical apps simply by executing the 'chroot' command from QT terminal to invoke the debian environment. I'm using an Ambicom CF card by the way, and the apps that I have running include:

Nessus (zNessus client on QT and Debian nessusd server running in the QT terminal. No need for X11 but yes, I did have to disable SSL within nessusd.conf)
zethereal (but with tiny fonts - whats happening?)
ethereal under X11
tethereal under debian and QT terminal
nmap
kismet
wellenreiter
nikto
driftnet - (this is great fun!)
etherape
dsniff (runs perfectly under debian from QT terminal)
ettercap - this used to be a great app but now I cant get any use out of it!?

There are lots more, it is just so easy with debian as realm has pointed out. I hope to get around to documenting some of my installs for the benefit of others as it really is pretty cool.
Storm
QUOTE(Wildherb @ Jan 9 2006, 07:27 PM)
There are lots more, it is just so easy with debian as realm has pointed out. I hope to get around to documenting some of my installs for the benefit of others as it really is pretty cool.
*


I was also in the Information Assurance field, and one app (which is technically non-security) that I consider a must-have, in addition to your list above is Tim Wentford's Opie-Reader. It is absolutely awesome. It reads the formats I used when I had my Palm, such as Mobipocket and Plucker (it reads about 5 others, but those are the two I use).

Plucker is an excellent application that I run on my Linux desktop/laptop. It allows you to pull down entire web pages and stick them into a single pdb file, even handling linked pages. I know I have the online capabilities of the Zaurus that I didn't have with my Tungsten, but on the other hand, when onsite, net access is not guaranteed. Plus having the entire page in a single file, even if it is not a native format is a much easier logistics question...Plus the pdbs are smaller than pdfs.

I think I have something like 500 opie-reader books on my Z, and about 1/3 of those are actual (free) full-length Baen sci-fi novels.

Between opie-reader and the PDF reader, I have most of the NIST SP800 series on my Zaurus. All I can say is good on ya, Tim!

--Storm
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2014 Invision Power Services, Inc.