Réf. : Penetration Testing a CheckPoint NG FW on Nokia

[gilles.lami () SAFe-mail net]

Hi,

Maybe the CheckPoint as the ipsec agressive mode enable.
You could try the PSK Agressive Mode Attack.
You will need ikescan, ikeprobe, an ipsec client quiet configurable (to force agressive mode), and the ikecrack perl 
script and windump or caïn.
(google this terms, all are easy to find and all are free.)

You may also have a look on a complete description of the attack :
http://www.giac.org/practical/GCIH/Steve_Pitts_GCIH.pdf

Bye