Nmap Development mailing list archives
Re: Timing templates and nat-t/IKE payloads
From: David Fifield <david () bamsoftware com>
Date: Fri, 5 Nov 2010 14:36:48 -0700
On Thu, Oct 14, 2010 at 09:37:35PM +0200, Gutek wrote:
Mail from Mike Bickett : - --BEGIN QUOTE--i noticed that someone included a payload for IKE port 500/udp in the payloads file. i was wondering if anyone planned to integrate the aggressive mode option along with the already available main mode? if i was reading correctly, this option will force the server to send it's pre-shared keys to the user that can later be cracked with psk-crack.
Does aggressive mode cause more servers to respond than main mode? If not, it's not useful as a UDP payload, which is only interested in responsiveness. It sounds like what you're proposing is a better fit for an NSE script.
i alo noticed, with reguards to IKE scanning, nmap does not include the payload support for port 4500/udp. this is the NAT-T service used for traversal of protocols that can be sent through NAT. if you set ike-scan to (-nat-t -dport 4500) it will send the IKE initiation attempt through the NAT-T server.
We can add it, but you will have to send us the probe to add, along with documentation of what the fields mean and what kind of response is expected. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Timing templates and nat-t/IKE payloads Gutek (Oct 14)
- Re: Timing templates and nat-t/IKE payloads David Fifield (Nov 05)