OESF Portables Forum
Everything Else => General Support and Discussion => Zaurus General Forums => Archived Forums => Security and Networking => Topic started by: Irongeek on January 26, 2004, 10:56:14 am
-
I’ve got the first version of my page describing how to get various security apps up and running on the Zaurus PDA. The URL is http://homepages.ius.edu/adrian/z/ (http://homepages.ius.edu/adrian/z/) Currently it covers the install (and some of the use ) of:
Wellenreiter II
Kismet
Ethereal
Ettercap
Nmap
Let me know what you think.
-
Irongeek,
Yep, I like the page. You are using a few apps that I\'ve had problems installing. The reason I suspect that I\'ve had problems is that I\'m running the Sharp Rom 3.10 whereas you are running OpenZaurus.
Currently I use a range of network tools on my Zaurus SL-5500 for various security and analysis purposes. Applications installed include Kismet and Kismet-qt (GUI for it), Java jportscan, nmap, wlanmon, znetmeter, traceroute, and a few others.
I have Nessus set up on a couple of work Linux servers, for vulnerability testing, and notice there is a Nessus client for the Zaurus. Unfortunately, I\'ve never got it to work. It installs, but doesn\'t login to the nessusd.
The amount of networks tools, clients, and servers available on the Zaurus is excellent. If only all PDAs were this good!
Regards,
Steven Goacher.
-
I have yet to look at Nessus for the Zaurus. Is there a Nessus server for the Zaurus as well as a client? I would suspect with the amount of exploits it checks for you would have to install it to an SD card to get it to fit.
-
Nice page. I added a link to it from my Z page:
http://www.tekprosystems.com/zaurus (http://www.tekprosystems.com/zaurus)
I mostly use Wellenreiter, jportscan (simple front end for nmap, required nmap and jeode/java), and bing (script that finds live ip addresses on networks, also requires nmap)
jportscan
http://www.killefiz.de/zaurus/showdetail.php?app=115 (http://www.killefiz.de/zaurus/showdetail.php?app=115)
bing
http://www.killefiz.de/zaurus/showdetail.php?app=363 (http://www.killefiz.de/zaurus/showdetail.php?app=363)
-
Thanks, I\'ll have to look at those two tools.
-
I took a look at those apps. The link on killefiz.de for Bing is down. I\'ll be putting up instruction soon on how to get Nmap 3.50-1 working.
-
How well do these apps (on your site, Irongeek) work on the Sharp 3.1x after installing using ipkg-new?
-
Honestly I have no idea. Is Sharp Sharp 3.1x gcc3 or gcc2?
-
The above post was mine, I must remember to login.
-
I have a copy of bing here:
http://www.tekprosystems.com/zaurus/downlo...g_0.0.1_arm.ipk (http://www.tekprosystems.com/zaurus/downloads/feed/bing_0.0.1_arm.ipk)
-
I was able to get Kismet to work on sl-5600. I have a few questions.
1) It does not appear to dump the packets or any detailed info, just give the q s n (is this gps), the ssid, and it mentions crypt data and llc but you cant tell any packet info.
2) Is kismet just set up to dump to a file from the kismet.conf file if you have sd and not to reply to d or p commands?
3) What specifically is q s n and the llc ?
THank you
-
nice site Irongeek!!!
Ive been linking from Google search engine to give you a couple more hits....jsut noticed your numero uno now!!!
jrsjkd
-
Saw where in the directory it logs packets that ethereal can read. However, supposed to be a few files (weak packets ) etc that arent logged there, nor much on the display screen??? Im assuming it doesnt really tell much about wep.
-
From command prompt (Opie not running):
Added the feed
http://www.vanille.de/feed/openzaurus/armv4l-gcc2.95/
upgraded libopie2, (and associated) to the 12/18/2003 versions.
I then installed opie-wellenreiter.
After running wellenreiter from the console (I started opie back up), I noticed that those packages didn\'t do up the symlinks properly for libopiecore2, libopieui2, and libopienet2. Just link them to the libs you just installed, et voila!
Run Wellenreiter, and all is good.
-
Unable to get ettercap, or zethereal working on sharp rom.
# ipkg install zethereal_1.0*.ipk
zcat: zethereal_1.0_arm.ipk: not in gzip format
zcat: stdin: unexpected end of file
ipkg_install_file: ERROR unpacking control.tar.gz from zethereal_1.0_arm.ipk
#
ipkg install ettercap-comm*.ipk
zcat: ettercap-common_0.6.b-2_arm.ipk: not in gzip format
zcat: stdin: unexpected end of file
ipkg_install_file: ERROR unpacking control.tar.gz from ettercap-common_0.6.b-2_arm.ipk
-
I have Nessus set up on a couple of work Linux servers, for vulnerability testing, and notice there is a Nessus client for the Zaurus. Unfortunately, I\'ve never got it to work. It installs, but doesn\'t login to the nessusd.
i haven\'t played with this myself, but i read on the znessus homepage that the znessus client doesn\'t support the default nessus certificate authentication. i would assume that you would most likely need to disable nessus\' default encryption requirements.
i dont know if youd neccesarily want to run nessus unencrypted, however.
-
Hi, do you guys got any suggestions for a Cf 802.11 card? I want to use nessus (so I dont' want to run in any compability issue hehe)
thanks
-
i have a c3000 with debian arm on it. i have all the linux capable programs on the insecure.org security list up on it except for about 5. Nessus server and client are both running natively on it, just had to apt-get most of them.
-
Firstly my thanks to Irongeek for the insight he has provided into making the 5500 a useful securty audit tool. I have spent many happy hours with OZ on my 'collie' and he has inspired me to take things further. I now have a C3100 running the Sharp Rom plus X11 and Debian on an SD card. This gives access to dozens of security tools which install with a simple apt-get, far less painful that some of the techniques required for OZ. It is particularly useful to be able to run non-graphical apps simply by executing the 'chroot' command from QT terminal to invoke the debian environment. I'm using an Ambicom CF card by the way, and the apps that I have running include:
Nessus (zNessus client on QT and Debian nessusd server running in the QT terminal. No need for X11 but yes, I did have to disable SSL within nessusd.conf)
zethereal (but with tiny fonts - whats happening?)
ethereal under X11
tethereal under debian and QT terminal
nmap
kismet
wellenreiter
nikto
driftnet - (this is great fun!)
etherape
dsniff (runs perfectly under debian from QT terminal)
ettercap - this used to be a great app but now I cant get any use out of it!?
There are lots more, it is just so easy with debian as realm has pointed out. I hope to get around to documenting some of my installs for the benefit of others as it really is pretty cool.
-
There are lots more, it is just so easy with debian as realm has pointed out. I hope to get around to documenting some of my installs for the benefit of others as it really is pretty cool.
[div align=\"right\"][{POST_SNAPBACK}][/a][/div] (http://index.php?act=findpost&pid=110190\")
I was also in the Information Assurance field, and one app (which is technically non-security) that I consider a must-have, in addition to your list above is Tim Wentford's Opie-Reader. It is absolutely awesome. It reads the formats I used when I had my Palm, such as Mobipocket and Plucker (it reads about 5 others, but those are the two I use).
Plucker is an excellent application that I run on my Linux desktop/laptop. It allows you to pull down entire web pages and stick them into a single pdb file, even handling linked pages. I know I have the online capabilities of the Zaurus that I didn't have with my Tungsten, but on the other hand, when onsite, net access is not guaranteed. Plus having the entire page in a single file, even if it is not a native format is a much easier logistics question...Plus the pdbs are smaller than pdfs.
I think I have something like 500 opie-reader books on my Z, and about 1/3 of those are actual (free) full-length [a href=\"http://www.baen.com/library]Baen[/url] sci-fi novels.
Between opie-reader and the PDF reader, I have most of the NIST SP800 series on my Zaurus. All I can say is good on ya, Tim!
--Storm