nerdexam
EC-Council

312-50V9 · Question #127

Fingerprinting VPN firewalls is possible with which of the following tools?

The correct answer is C. Ike-scan. IKE-scan is a dedicated tool for discovering and fingerprinting IPsec/IKE-based VPN gateways by sending crafted IKE packets and analyzing responses.

Scanning Networks

Question

Fingerprinting VPN firewalls is possible with which of the following tools?

Options

  • AAngry IP
  • BNikto
  • CIke-scan
  • DArp-scan

How the community answered

(37 responses)
  • A
    8% (3)
  • B
    3% (1)
  • C
    86% (32)
  • D
    3% (1)

Why each option

IKE-scan is a dedicated tool for discovering and fingerprinting IPsec/IKE-based VPN gateways by sending crafted IKE packets and analyzing responses.

AAngry IP

Angry IP is a general-purpose IP and port scanner that has no capability to craft or analyze IKE protocol packets used by VPN gateways.

BNikto

Nikto is a web server vulnerability scanner focused on HTTP/HTTPS services and has no functionality for probing VPN or IKE endpoints.

CIke-scanCorrect

IKE-scan works by sending IKE Phase 1 packets to target hosts and analyzing the returned IKE SA proposals and vendor ID payloads, which reveal the VPN gateway vendor and software version. This makes it the standard tool for fingerprinting VPN firewalls that use IPsec with IKE for key exchange. No other common scanner performs this IKE-specific handshake analysis.

DArp-scan

Arp-scan operates at Layer 2 to discover hosts on a local network via ARP requests and cannot interact with IKE or VPN fingerprinting protocols.

Concept tested: VPN gateway fingerprinting using IKE-scan

Source: https://github.com/royhills/ike-scan

Topics

#VPN fingerprinting#ike-scan#firewall enumeration#IKE protocol

Community Discussion

No community discussion yet for this question.

Full 312-50V9 Practice