Up to [cvs.NetBSD.org] / pkgsrc / security / ike-scan
Request diff between arbitrary revisions
Default branch: MAIN
Current tag: pkgsrc-2004Q4
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Fri Feb 27 22:12:51 2004 UTC (20 years, 1 month ago) by itojun
Branch: TNF
CVS Tags: pkgsrc-base,
pkgsrc-2004Q4-base,
pkgsrc-2004Q4,
pkgsrc-2004Q3-base,
pkgsrc-2004Q3,
pkgsrc-2004Q2-base,
pkgsrc-2004Q2,
pkgsrc-2004Q1-base,
pkgsrc-2004Q1
Changes since 1.1: +0 -0
lines
Diff to previous 1.1 (unified)
ike-scan, IKE fingerprinting tool --- ike-scan discovers IKE hosts and can also fingerprint them using the retransmission backoff pattern. ike-scan does two things: a) Discovery: Determine which hosts are running IKE. This is done by displaying those hosts which respond to the IKE requests sent by ike-scan. b) Fingerprinting: Determine which IKE implementation the hosts are using. This is done by recording the times of the IKE response packets from the target hosts and comparing the observed retransmission backoff pattern against known patterns. The retransmission backoff fingerprinting concept is discussed in more detail in the UDP backoff fingerprinting paper which should be included in the ike-scan kit as udp-backoff-fingerprinting-paper.txt. The program sends IKE main mode requests to the specified hosts and displays any responses that are received. It handles retry and retransmission with backoff to cope with packet loss. It also limits the amount of bandwidth used by the outbound IKE packets.