ike-scan discovers IPsec VPN servers, and can fingerprint them using UDP backoff and Vendor ID fingerprinting techniques. It supports IKE Main Mode and Aggressive Mode. ike-scan allows flexible specification of the outgoing IKE packet, and decodes the response packets. It also supports pre-shared key cracking for IKE aggressive mode with pre-shared key authentication.
|Tags||Security Networking Firewalls|
|Operating Systems||Mac OS X Windows Cygwin POSIX|
Release Notes: A wiki is available at http://www.nta-monitor.com/wiki/. IKEv2 is supported with --ikev2. The --rcookie option sets an outgoing responder cookie. psk-crack permits dictionary to be read from stdin. --nat-t enables RFC 3947 NAT Traversal. --sourceip spoofs the source IP. Backoff patterns with only one packet are supported. psk-crack is supported for the Nortel proprietary algorithm. --shownum displays the packet number. --timestamp displays the time a packet was received. --randomseed specifies PRNG seed. The PRNG implementation was changed from rand() to Mersenne Twister. "make check" tests new features and has greater code coverage.
No changes have been submitted for this release.