Nmap Development mailing list archives
Re: Fix-for Cisco-VPN-Client
From: Ionreflex <ionreflex () gmail com>
Date: Mon, 7 Apr 2008 12:01:52 -0400
Personally I don't have any problem with the CheckPoint VPN ActiveX SSL Extender we use at work (I'm gonna try with the client soon), I'm wondering if that problem is not generated by a setting or a special security feature in the Cisco VPN Client... and OS detection is not accurate, probably due to the encryption : here is the results of 2 scans, one over vpn the other directly on the network. I guess it wouldn't be a good idea to submit this fingerprint right ? Ion 2008/4/5, Fyodor <fyodor () insecure org>:
On Fri, Jan 11, 2008 at 02:43:17PM -0500, Denis Champagne wrote:Here is a fix for Cisco VPN Client using nmap. Follow these step and you will be able to use NMAP with Cisco VPN Client 1=c:\>arp -a Interface : 192.168.2.10 --- 0x3 Adresse Internet Adresse physique Type 192.168.2.1 00-13-a3-ec-90-9f dynamique 2=Get your MAC from your LAN interface in my casse it is00-13-a3-ec-90-9f3=Get your IP address from your Cisco VPN Interface in my casse it is172.24.1.129Interface : 172.24.1.129 --- 0x80005 Adresse Internet Adresse physique Type 4=Do the next command. c:\> c:\>arp -s 172.24.1.129 00-13-a3-ec-90-9f Try it you will like it.This is fascinating. Does anyone if this trick will work for other interface types not supported by Nmap (dialup/PPP, other VPN software, etc.)? Cheers, -F _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Attachment:
scan_over_vpnactivex.log
Description:
Attachment:
direct_scan.log
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: Fix-for Cisco-VPN-Client Fyodor (Apr 05)
- Re: Fix-for Cisco-VPN-Client Ionreflex (Apr 07)