Re: Fix-for Cisco-VPN-Client

[Ionreflex <ionreflex () gmail com>]

Personally I don't have any problem with the CheckPoint VPN ActiveX SSL
Extender we use at work (I'm gonna try with the client soon), I'm wondering
if that problem is not generated by a setting or a special security feature
in the Cisco VPN Client... and OS detection is not accurate, probably due to
the encryption : here is the results of 2 scans, one over vpn the other
directly on the network. I guess it wouldn't be a good idea to submit this
fingerprint right ?



Ion


2008/4/5, Fyodor <fyodor () insecure org>:
> On Fri, Jan 11, 2008 at 02:43:17PM -0500, Denis Champagne wrote:
> > Here is a fix for Cisco VPN Client using nmap.
> >
> > Follow these step and you will be able to use NMAP with Cisco VPN Client
> >
> > 1=c:\>arp -a
> >
> > Interface : 192.168.2.10 --- 0x3
> >   Adresse Internet      Adresse physique      Type
> >   192.168.2.1           00-13-a3-ec-90-9f     dynamique
> >
> > 2=Get your MAC from your LAN interface in my casse it is
> 00-13-a3-ec-90-9f
> > 3=Get your IP address from your Cisco VPN Interface in my casse it is
> 172.24.1.129
> > Interface : 172.24.1.129 --- 0x80005
> >   Adresse Internet      Adresse physique      Type
> >
> > 4=Do the next command.
> >
> > c:\>
> > c:\>arp -s 172.24.1.129   00-13-a3-ec-90-9f
> >
> > Try it you will like it.
>
>
> This is fascinating.  Does anyone if this trick will work for other
> interface types not supported by Nmap (dialup/PPP, other VPN software,
> etc.)?
>
> Cheers,
>
> -F
>
>
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://SecLists.Org

Attachment: scan_over_vpnactivex.log
Description:

Attachment: direct_scan.log
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org