diff options
Diffstat (limited to 'security')
| -rw-r--r-- | security/ike-scan/DESCR | 22 | ||||
| -rw-r--r-- | security/ike-scan/Makefile | 15 | ||||
| -rw-r--r-- | security/ike-scan/PLIST | 6 | ||||
| -rw-r--r-- | security/ike-scan/distinfo | 4 |
4 files changed, 47 insertions, 0 deletions
diff --git a/security/ike-scan/DESCR b/security/ike-scan/DESCR new file mode 100644 index 00000000000..49ab1f5b780 --- /dev/null +++ b/security/ike-scan/DESCR @@ -0,0 +1,22 @@ +ike-scan discovers IKE hosts and can also fingerprint them using the +retransmission backoff pattern. + +ike-scan does two things: + +a) Discovery: Determine which hosts are running IKE. + This is done by displaying those hosts which respond to the IKE requests + sent by ike-scan. + +b) Fingerprinting: Determine which IKE implementation the hosts are using. + This is done by recording the times of the IKE response packets from the + target hosts and comparing the observed retransmission backoff pattern + against known patterns. + +The retransmission backoff fingerprinting concept is discussed in more +detail in the UDP backoff fingerprinting paper which should be included +in the ike-scan kit as udp-backoff-fingerprinting-paper.txt. + +The program sends IKE main mode requests to the specified hosts and displays +any responses that are received. It handles retry and retransmission with +backoff to cope with packet loss. It also limits the amount of bandwidth +used by the outbound IKE packets. diff --git a/security/ike-scan/Makefile b/security/ike-scan/Makefile new file mode 100644 index 00000000000..b1f33eb7a88 --- /dev/null +++ b/security/ike-scan/Makefile @@ -0,0 +1,15 @@ +# $NetBSD: Makefile,v 1.1.1.1 2004/02/27 22:12:51 itojun Exp $ +# + +DISTNAME= ike-scan-1.6 +CATEGORIES= security +MASTER_SITES= http://www.nta-monitor.com/ike-scan/download/ + +MAINTAINER= packages@netbsd.org +HOMEPAGE= http://www.nta-monitor.com/ike-scan/ +COMMENT= Fingerprinting IKE implementation + +HAS_CONFIGURE= YES +GNU_CONFIGURE= YES + +.include "../../mk/bsd.pkg.mk" diff --git a/security/ike-scan/PLIST b/security/ike-scan/PLIST new file mode 100644 index 00000000000..b4405ba24bb --- /dev/null +++ b/security/ike-scan/PLIST @@ -0,0 +1,6 @@ +@comment $NetBSD: PLIST,v 1.1.1.1 2004/02/27 22:12:51 itojun Exp $ +bin/ike-scan +man/man1/ike-scan.1 +share/ike-scan/ike-backoff-patterns +share/ike-scan/ike-vendor-ids +@dirrm share/ike-scan diff --git a/security/ike-scan/distinfo b/security/ike-scan/distinfo new file mode 100644 index 00000000000..312ee793f1e --- /dev/null +++ b/security/ike-scan/distinfo @@ -0,0 +1,4 @@ +$NetBSD: distinfo,v 1.1.1.1 2004/02/27 22:12:51 itojun Exp $ + +SHA1 (ike-scan-1.6.tar.gz) = dc0eaed96302128cdff4a9d113cdec73c235c59d +Size (ike-scan-1.6.tar.gz) = 141847 bytes |