nerdexam
EC-Council

312-50V11 · Question #352

Fingerprinting VPN firewalls is possible with which of the following tools?

The correct answer is C. Ike-scan. Ike-scan is the purpose-built tool for discovering and fingerprinting IKE-based VPN gateways and firewalls by analyzing responses to crafted IKE Phase 1 packets.

Scanning Networks

Question

Fingerprinting VPN firewalls is possible with which of the following tools?

Options

  • AAngry IP
  • BNikto
  • CIke-scan
  • DArp-scan

How the community answered

(18 responses)
  • C
    94% (17)
  • D
    6% (1)

Why each option

Ike-scan is the purpose-built tool for discovering and fingerprinting IKE-based VPN gateways and firewalls by analyzing responses to crafted IKE Phase 1 packets.

AAngry IP

Angry IP Scanner is a general-purpose IP address and port scanner with no capability to interpret IKE protocol responses or fingerprint VPN gateways.

BNikto

Nikto is a web server vulnerability scanner targeting HTTP and HTTPS services and has no functionality for probing IKE or any VPN protocol.

CIke-scanCorrect

Ike-scan works by sending IKE Phase 1 (Main Mode and Aggressive Mode) packets to target hosts and analyzing the handshake responses to identify the vendor, firmware version, and configuration of VPN endpoints. Because IKE is the key exchange protocol underlying IPSec VPNs, ike-scan is specifically designed for this fingerprinting task. The tool identifies specific firewall products using vendor IDs and transform sets returned during the IKE negotiation.

DArp-scan

Arp-scan operates at Layer 2 using ARP requests to discover hosts on a local network segment and cannot interact with or fingerprint VPN firewalls using IKE.

Concept tested: VPN firewall fingerprinting with ike-scan tool

Source: https://www.kali.org/tools/ike-scan/

Topics

#VPN fingerprinting#ike-scan#IKE protocol#firewall fingerprinting

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice