| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
* Fixed bug which caused hostnames containing hyphens to fail with an error.
* Improved mapping of ID numbers to names in decode. This allows sparse IDs
ranges (e.g. 1,2,3,65000) to be supported, which means that we can now decode
XAUTH authentication method amongst other things.
* Added SO_BROADCAST option to UDP socket to allow sending to broadcast
addresses. Previously this gave a permission denied error.
|
|
|
|
- Add bl3 and openssl support
- Fix paths in man pages
- Install extra documentation
- Remove un-needed options from pkgsrc Makefile
Lots of changes/bugfixes from 1.6 including:
psk-crack.c: New program to crack Aggressive Mode Pre-Shared Keys
using dictionary attack. This uses the output from "ike-scan -P"
together with a dictionary.
|
|
|
|
---
ike-scan discovers IKE hosts and can also fingerprint them using the
retransmission backoff pattern.
ike-scan does two things:
a) Discovery: Determine which hosts are running IKE.
This is done by displaying those hosts which respond to the IKE requests
sent by ike-scan.
b) Fingerprinting: Determine which IKE implementation the hosts are using.
This is done by recording the times of the IKE response packets from the
target hosts and comparing the observed retransmission backoff pattern
against known patterns.
The retransmission backoff fingerprinting concept is discussed in more
detail in the UDP backoff fingerprinting paper which should be included
in the ike-scan kit as udp-backoff-fingerprinting-paper.txt.
The program sends IKE main mode requests to the specified hosts and displays
any responses that are received. It handles retry and retransmission with
backoff to cope with packet loss. It also limits the amount of bandwidth
used by the outbound IKE packets.
|
