mirror of
https://github.com/carlospolop/hacktricks
synced 2024-11-15 09:27:32 +00:00
commit
3da40a4145
1 changed files with 1 additions and 1 deletions
|
@ -104,7 +104,7 @@ Cisco recommends avoidance of DH groups 1 and 2 in particular. The paper’s aut
|
||||||
|
|
||||||
## Server fingerprinting
|
## Server fingerprinting
|
||||||
|
|
||||||
Then, you can use ike-scan to try to **discover the vendor** of the device. The tool send an initial proposal and stops replaying. Then, it will **analyze** the **time** difference **between** the received **messages** from the server and the matching response pattern, the pe tester can successfully fingerprint the VPN gateway vendor. More over, some VPN servers will use the optional **Vendor ID (VID) payload** with IKE.
|
Then, you can use ike-scan to try to **discover the vendor** of the device. The tool send an initial proposal and stops replaying. Then, it will **analyze** the **time** difference **between** the received **messages** from the server and the matching response pattern, the pentester can successfully fingerprint the VPN gateway vendor. More over, some VPN servers will use the optional **Vendor ID (VID) payload** with IKE.
|
||||||
|
|
||||||
**Specify the valid transformation if needed** (using --trans)
|
**Specify the valid transformation if needed** (using --trans)
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue