Re: Timing templates and nat-t/IKE payloads

[David Fifield <david () bamsoftware com>]

On Thu, Oct 14, 2010 at 09:37:35PM +0200, Gutek wrote:
> Mail from Mike Bickett :
>
> - --BEGIN QUOTE--
> > i noticed that someone included a payload for IKE port 500/udp in the
> > payloads file. i was wondering if anyone planned to integrate the
> > aggressive mode option along with the already available main mode? if i
> > was reading correctly, this option will force the server to send it's
> > pre-shared keys to the user that can later be cracked with psk-crack.

Does aggressive mode cause more servers to respond than main mode? If
not, it's not useful as a UDP payload, which is only interested in
responsiveness. It sounds like what you're proposing is a better fit for
an NSE script.

> > i
> > alo noticed, with reguards to IKE scanning, nmap does not include the
> > payload support for port 4500/udp. this is the NAT-T service used for
> > traversal of protocols that can be sent through NAT. if you set ike-scan
> > to (-nat-t -dport 4500) it will send the IKE initiation attempt through
> > the NAT-T server.

We can add it, but you will have to send us the probe to add, along with
documentation of what the fields mean and what kind of response is
expected.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/